yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-24 00:15:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,094 Commits 88 Branches 205 Tags 69 MiB
f093bde91e
Commit Graph

201 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
f3e6e4badb Add extra check before integer conversion 
end < p should never happen, but just be extra sure
 2015-10-02 09:53:52 +02:00
Simon Butcher
643a922c56 Reordered extension fields and added to ChangeLog 
Reordered the transmission sequence of TLS extension fields in client hello
and added to ChangeLog.
 2015-10-01 01:17:10 +01:00
Simon Butcher
b1e325d6b2 Added bounds checking for TLS extensions 
IOTSSL-478 - Added checks to prevent buffer overflows.
 2015-10-01 00:24:36 +01:00
Manuel Pégourié-Gonnard
bb564e0fb4 Fix possible client crash on API misuse 2015-09-03 10:44:32 +02:00
Manuel Pégourié-Gonnard
6512554f42 Fix handling of long PSK identities 
backport from c3b5d83

see #238
 2015-08-31 11:43:47 +02:00
Manuel Pégourié-Gonnard
9ea1b23cc4 Up min size of DHM params to 1024 bits on client 2015-06-29 18:52:57 +02:00
Manuel Pégourié-Gonnard
29f777ef54 Fix bug with ssl_set_curves() check on client 2015-04-03 17:57:59 +02:00
Manuel Pégourié-Gonnard
51bccd3889 Fix compile error with renego disabled 2015-03-10 16:09:08 +00:00
Manuel Pégourié-Gonnard
fe44643b0e Rename website and repository 2015-03-06 13:17:10 +00:00
Rich Evans
00ab47026b cleanup library and some basic tests. Includes, add guards to includes 2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard
860b51642d Fix url again 2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard
085ab040aa Fix website url to use https. 2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard
9698f5852c Remove maintainer line. 2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard
19f6b5dfaa Remove redundant "all rights reserved" 2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard
a658a4051b Update copyright 2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard
967a2a5f8c Change name to mbed TLS in the copyright notice 2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard
59c6f2ef21 Avoid nested if's without braces. 
Creates a potential for confusing code if we later want to add an else clause.
 2015-01-22 11:06:40 +00:00
Manuel Pégourié-Gonnard
5d9cde25da Move renego SCSV after actual ciphersuites 2015-01-22 10:49:41 +00:00
Paul Bakker
5b8f7eaa3e Merge new security defaults for programs (RC4 disabled, SSL3 disabled) 2015-01-14 16:26:54 +01:00
Paul Bakker
f6080b8557 Merge support for enabling / disabling renegotiation support at compile-time 2015-01-13 16:18:23 +01:00
Paul Bakker
d7e2483bfc Merge miscellaneous fixes into development 2015-01-13 16:04:38 +01:00
Manuel Pégourié-Gonnard
bd47a58221 Add ssl_set_arc4_support() 
Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting.
 2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard
d94232389e Skip signature_algorithms ext if PSK only 2014-12-02 11:57:29 +01:00
Manuel Pégourié-Gonnard
eaecbd3ba8 Fix warning in reduced configs 2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
615e677c0b Make renegotiation a compile-time option 2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
699cafaea2 Implement initial negotiation of EtM 
Not implemented yet:
- actually using EtM
- conditions on renegotiation
 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
b575b54cb9 Forbid extended master secret with SSLv3 2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
ada3030485 Implement extended master secret 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
367381fddd Add negotiation of Extended Master Secret 
(But not the actual thing yet.)
 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
1cbd39dbeb Implement FALLBACK_SCSV client-side 2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
f7cdbc0e87 Fix potential bad read of length 2014-10-17 17:02:10 +02:00
Manuel Pégourié-Gonnard
44ade654c5 Implement (partial) renego delay on client 2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard
6591962f06 Allow delay on renego on client 
Currently unbounded: will be fixed later
 2014-08-19 12:50:30 +02:00
Paul Bakker
84bbeb58df Adapt cipher and MD layer with _init() and _free() 2014-07-09 10:19:24 +02:00
Paul Bakker
5b4af39a36 Add _init() and _free() for hash modules 2014-07-09 10:19:23 +02:00
Paul Bakker
2a45d1c8bb Merge changes to config examples and configuration issues 2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard
dd0c0f33c0 Better usage of dhm_calc_secret in SSL 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
5c1f032653 Abort handshake if no point format in common 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
fd35af1579 Fix off-by-one error in point format parsing 2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
5bfd968e01 Fix warning with TLS 1.2 without RSA or ECDSA 2014-06-24 15:18:11 +02:00
Paul Bakker
66d5d076f7 Fix formatting in various code to match spacing from coding style 2014-06-17 17:06:47 +02:00
Paul Bakker
3461772559 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-06-14 16:46:03 +02:00
Manuel Pégourié-Gonnard
61edffef28 Normalize "should never happen" messages/errors 2014-05-22 13:52:47 +02:00
Paul Bakker
b9e4e2c97a Fix formatting: fix some 'easy' > 80 length lines 2014-05-01 14:18:25 +02:00
Paul Bakker
9af723cee7 Fix formatting: remove trailing spaces, #endif with comments (> 10 lines) 2014-05-01 13:03:14 +02:00
Manuel Pégourié-Gonnard
cef4ad2509 Adapt sources to configurable config.h name 2014-04-30 16:40:20 +02:00
Paul Bakker
a70366317d Improve interop by not writing ext_len in ClientHello / ServerHello when 0 
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
 2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard
f6521de17b Add ALPN tests to ssl-opt.sh 
Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)
 2014-04-07 12:42:04 +02:00
Manuel Pégourié-Gonnard
0b874dc580 Implement ALPN client-side 2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard
3c599f11b0 Avoid possible segfault on bad server ciphersuite 2014-03-13 19:25:06 +01:00