Manuel Pégourié-Gonnard
|
ed4af8b57c
|
Move negotiated max fragment length to session
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
|
2013-07-18 14:07:09 +02:00 |
|
Manuel Pégourié-Gonnard
|
581e6b6d6c
|
Prepare migrating max fragment length to session
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
|
2013-07-18 12:32:27 +02:00 |
|
Paul Bakker
|
8e714d7aca
|
Modified LONG_RESPONSE and comments in ssl_server2
|
2013-07-18 11:23:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
bd7ce63115
|
Adapt ssl_server2 to test sending long messages
|
2013-07-18 11:23:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
6b4f237f6a
|
Forbid setting max_frag_len > MAX_CONTENT_LEN
|
2013-07-18 11:23:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
30dc7ef3ad
|
Reset max_fragment_length in ssl_session_reset()
|
2013-07-18 11:23:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
7bb7899121
|
Send max_fragment_length extension (server)
|
2013-07-18 11:23:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
f11a6d78c7
|
Rework server extensions writing
|
2013-07-18 11:23:38 +02:00 |
|
Manuel Pégourié-Gonnard
|
de600e571a
|
Read max_fragment_length extension (client)
|
2013-07-18 11:18:14 +02:00 |
|
Manuel Pégourié-Gonnard
|
a052849640
|
Send max_fragment_length extension (client)
|
2013-07-18 11:18:14 +02:00 |
|
Manuel Pégourié-Gonnard
|
48f8d0dbbd
|
Read max_fragment_length extension (server)
|
2013-07-18 11:18:14 +02:00 |
|
Manuel Pégourié-Gonnard
|
787b658bb3
|
Implement max_frag_len write restriction
|
2013-07-18 11:18:14 +02:00 |
|
Manuel Pégourié-Gonnard
|
0df6b1f068
|
ssl_client2: add max_frag_len option
|
2013-07-18 11:18:13 +02:00 |
|
Manuel Pégourié-Gonnard
|
8b46459ae5
|
Add ssl_set_max_frag_len()
|
2013-07-18 11:18:13 +02:00 |
|
Paul Bakker
|
de9f9efc2e
|
Merge branch 'parse-ec-crt' into development
|
2013-07-17 16:00:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
c2c90031ec
|
Fix pk_set_type() behaviour for unkown type
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
14d8564402
|
Fix overflow check in oid_get_numeric_string()
(The fix in 791eed3 was wrong.)
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
4f47538ad8
|
Fix some 'depends' in tests
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
fd5164e283
|
Fix some more ifdef's RSA/EC, in pk and debug
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
ab2d9836b4
|
Fix some ifdef's in x509parse
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974 )
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
96f3a4e1b3
|
Rm ecp_keypair.alg
Avoid duplicating information already present in pk_context.
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
8b863cd641
|
Merge EC & RSA versions of x509_parse_key()
|
2013-07-17 15:59:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
6e88202a95
|
Merge EC & RSA versions of parse_pkcs8_unencrypted
|
2013-07-17 15:59:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
a2d4e644ac
|
Some more EC pubkey parsing refactoring
Fix a bug in pk_rsa() and pk_ec() along the way
|
2013-07-17 15:59:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
1c808a011c
|
Refactor some EC key parsing code
|
2013-07-17 15:59:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
be50680a8c
|
Fix use of x509_cert.rsa in programs
|
2013-07-17 15:59:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
991d0f5aca
|
Remove rsa member from x509_cert structure
|
2013-07-17 15:59:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
ff56da3a26
|
Fix direct uses of x509_cert.rsa, now use pk_rsa()
|
2013-07-17 15:59:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
893879adbd
|
Adapt debug_print_crt() for EC keys
|
2013-07-17 15:59:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
a3c86c334c
|
Certificates with EC key and/or sig parsed
|
2013-07-17 15:59:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
5b18fb04ca
|
Fix bug in x509_get_{ecpubkey,subpubkey}()
- 'p' was not properly updated
- also add a few more checks while at it
|
2013-07-17 15:59:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
360a583029
|
Adapt x509parse_cert_info() for EC
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
674b2243eb
|
Prepare transition from x509_cert.rsa to pk
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
a155513e7b
|
Rationalize use of x509_get_alg variants
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
7a287c409e
|
Rename x509_get_algid() to x509_get_pk_alg()
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
7c5819eb1e
|
Fix warnings (enum value missing from switch/case)
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
72ef0b775d
|
Add test certificate signed with ECDSA
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
2692a30c1b
|
Relax ifdef's in pk.h by analogy with md.h
|
2013-07-17 15:59:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
1e60cd09b0
|
Expand oid_get_sig_alg() for ECDSA-based algs
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
244569f4b1
|
Use generic x509_get_pubkey() for RSA functions
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
4fa0476675
|
Use new x509_get_pubkey() in x509parse_public_key()
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
c296c5925e
|
Introduce generic x509_get_pubkey()
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
094ad9e512
|
Rename x509_get_pubkey to _rsa and split it up
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
f16ac763f6
|
Simplify length mismatch check in x509_get_pubkey
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
20c12f6b5f
|
Factor more code into x509_get_pubkey()
|
2013-07-17 15:59:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
788db112a5
|
Get rid of x509_cert.pkoid
Unused, comment did not match reality, and will soon be superseeded by the
'type' field of the pk_context which will replace rsa_context.
|
2013-07-17 15:59:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
374e4b87d4
|
pk_set_type() cannot be used to reset key type
|
2013-07-17 15:59:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
0a64e8f1fd
|
Rework algorithmIdentifier parsing
|
2013-07-17 15:59:39 +02:00 |
|
Paul Bakker
|
f4a1427ae7
|
base64_decode() also forcefully returns on dst == NULL
|
2013-07-16 17:48:58 +02:00 |
|
Paul Bakker
|
82024bf7b9
|
ssl_server2 now uses alloc_buffer if present and can be 'SERVERQUIT'
|
2013-07-16 17:48:58 +02:00 |
|