Manuel Pégourié-Gonnard
|
779e42982c
|
Start adding ticket keys (only key_name for now)
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
aa0d4d1aff
|
Add ssl_set_session_tickets()
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
306827e3bc
|
Prepare ticket structure for securing
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
06650f6a37
|
Fix reusing session more than once
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
cf2e97eae2
|
ssl_client2: allow reconnecting twice
|
2013-08-14 14:08:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
593058e35e
|
Don't renew ticket when the current one is OK
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
c086cce3d3
|
Don't cache empty session ID nor resumed session
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
7cd5924cec
|
Rework NewSessionTicket handling in state machine
Fixes bug: NewSessionTicket was ommited in resumed sessions.
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
3ffa3db80b
|
Fix server session ID handling with ticket
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
72882b2079
|
Relax limit on ClientHello size
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
609bc81a76
|
ssl_srv: read & write ticket, unsecure for now
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
94f6a79cde
|
Auxiliary functions to (de)serialize ssl_session
|
2013-08-14 14:08:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
7a358b8580
|
ssl_srv: write & parse session ticket ext & msg
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
6377e41ef5
|
Complete client support for session tickets
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
a5cc6025e7
|
Parse NewSessionTicket message
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
60182ef989
|
ssl_cli: write & parse session ticket extension
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
75d440192c
|
Introduce ticket field in session structure
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
5f280cc6cf
|
Implement saving peer cert as part of session.
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
aaa1eab55a
|
Add an option to reconnect in ssl_client2
Purpose: test resuming sessions.
|
2013-08-14 14:08:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
747180391d
|
Add ssl_get_session() to save session on client
|
2013-08-14 14:08:03 +02:00 |
|
Paul Bakker
|
a8342398c8
|
Merge branch 'padding' into development
|
2013-08-14 14:03:59 +02:00 |
|
Paul Bakker
|
da4d1c35d1
|
Updated Changelog to reflect feature addition
|
2013-08-14 14:02:48 +02:00 |
|
Paul Bakker
|
48e93c84b7
|
Made padding modes configurable from config.h
|
2013-08-14 14:02:48 +02:00 |
|
Paul Bakker
|
1a45d91cf2
|
Restructured cipher_set_padding_mode() to use switch statement
|
2013-08-14 14:02:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
ebdc413f44
|
Add 'no padding' mode
|
2013-08-14 14:02:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
0e7d2c0f95
|
Add zero padding
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
8d4291b52a
|
Add zeros-and-length (ANSI X.923) padding
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
679f9e90ad
|
Add one-and-zeros (ISO/IEC 7816-4) padding
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
6c9789932e
|
Adapt cipher tests to configurable padding
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
b7d24bc7ca
|
Fix bug in get_pkcs_padding(): cannot be 0-length
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
a640849b55
|
Add tests for get_padding() (PKCS#7)
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
725680ffd2
|
Make cipher tests less dependant on padding size
|
2013-08-14 14:02:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
ac56a1aec4
|
Make cipher_set_padding() actually work
(Only one padding mode recognized yet.)
|
2013-08-14 14:02:46 +02:00 |
|
Manuel Pégourié-Gonnard
|
d5fdcaf9e5
|
Add cipher_set_padding() (no effect yet)
Fix pattern in tests/.gitignore along the way.
|
2013-08-14 14:02:46 +02:00 |
|
Paul Bakker
|
0f2f0bfc87
|
CAMELLIA-based PSK and DHE-PSK ciphersuites added
|
2013-07-26 15:04:03 +02:00 |
|
Paul Bakker
|
b548d773b3
|
Fixed memory leak in ecdh_compute_shared() in case of error
|
2013-07-26 14:22:19 +02:00 |
|
Paul Bakker
|
cca998a4c5
|
Fixed memory leak in ecdsa_sign() / ecdsa_verify() in case of error
|
2013-07-26 14:22:16 +02:00 |
|
Paul Bakker
|
1e6a175362
|
Support for AIX header locations in net.c module
|
2013-07-26 14:10:22 +02:00 |
|
Paul Bakker
|
66c4810ffe
|
Better handling of ciphersuite version range and forced version in
ssl_client2
|
2013-07-26 14:05:32 +02:00 |
|
Paul Bakker
|
6c85279719
|
Newline fixes in help text for ssl_client2 / ssl_server2
|
2013-07-26 14:02:13 +02:00 |
|
Paul Bakker
|
52cf16caeb
|
Fixed multiple use of GCM-context bug due to split-up of GCM functions
|
2013-07-26 13:56:22 +02:00 |
|
Paul Bakker
|
d6f41c5bcd
|
Fixed size of ctx_enc / ctx_dec in ssl for gcm_context size
|
2013-07-25 17:01:54 +02:00 |
|
Paul Bakker
|
524691c0a0
|
Added --modes option to tests/compat.sh
|
2013-07-25 17:01:20 +02:00 |
|
Paul Bakker
|
f16db18c55
|
Fixed header file comments on ciphersuites
|
2013-07-25 11:30:31 +02:00 |
|
Paul Bakker
|
d9ca94a677
|
Updated merged pk.c and x509parse.c changes with new memory allocation functions
|
2013-07-25 11:25:09 +02:00 |
|
Paul Bakker
|
dbd79ca617
|
ssl_client2 and ssl_server2 now exit with 1 on errors (shell
limitations)
|
2013-07-24 16:28:35 +02:00 |
|
Paul Bakker
|
f85778efb0
|
Updated Changelog for EC Key / Cert and RFC 6066 extensions
|
2013-07-19 14:55:25 +02:00 |
|
Paul Bakker
|
872c29b705
|
Merge branch 'truncated-hmac' into development
|
2013-07-19 14:52:07 +02:00 |
|
Paul Bakker
|
8c1ede655f
|
Changed prototype for ssl_set_truncated_hmac() to allow disabling
|
2013-07-19 14:51:47 +02:00 |
|
Manuel Pégourié-Gonnard
|
277f7f23e2
|
Implement hmac truncation
|
2013-07-19 14:51:47 +02:00 |
|