Manuel Pégourié-Gonnard
|
fedba98ede
|
Merge branch 'fb-scsv' into dtls
* fb-scsv:
Update Changelog for FALLBACK_SCSV
Implement FALLBACK_SCSV server-side
Implement FALLBACK_SCSV client-side
|
2014-11-05 16:12:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
1cbd39dbeb
|
Implement FALLBACK_SCSV client-side
|
2014-11-05 16:00:49 +01:00 |
|
Manuel Pégourié-Gonnard
|
8e704f0f74
|
DTLS depends on TIMING_C for now
|
2014-10-21 16:32:56 +02:00 |
|
Manuel Pégourié-Gonnard
|
b0643d152d
|
Add ssl_set_dtls_badmac_limit()
|
2014-10-21 16:32:55 +02:00 |
|
Manuel Pégourié-Gonnard
|
a6fcffe516
|
Add warnings about disabling replay detection
|
2014-10-21 16:32:53 +02:00 |
|
Manuel Pégourié-Gonnard
|
8464a46b6b
|
Make DTLS_ANTI_REPLAY depends on PROTO_DTLS
|
2014-10-21 16:32:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
7a7e140d4e
|
Add functions for replay protection
|
2014-10-21 16:32:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
bef8f09899
|
Make cookie timeout configurable
|
2014-10-21 16:30:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
a64acd4f84
|
Add separate SSL_COOKIE_C define
|
2014-10-21 16:30:18 +02:00 |
|
Manuel Pégourié-Gonnard
|
82202f0a9c
|
Make DTLS_HELLO_VERIFY a compile option
|
2014-10-21 16:30:16 +02:00 |
|
Manuel Pégourié-Gonnard
|
a0e1632b79
|
Do not use compression with DTLS
|
2014-10-21 16:30:13 +02:00 |
|
Manuel Pégourié-Gonnard
|
0b1ff29328
|
Add basic flags for DTLS
|
2014-10-21 16:30:03 +02:00 |
|
Manuel Pégourié-Gonnard
|
da1b4de0e4
|
Increase MPI_MAX_BYTES to allow RSA 8192
|
2014-10-15 22:06:46 +02:00 |
|
Manuel Pégourié-Gonnard
|
481fcfde93
|
Make PSK_LEN configurable and adjust PMS size
|
2014-07-04 14:59:08 +02:00 |
|
Manuel Pégourié-Gonnard
|
dfc7df0bec
|
Add SSL_CIPHERSUITES config option
|
2014-07-04 14:59:02 +02:00 |
|
Paul Bakker
|
237a847f1c
|
Fix typos in comments
|
2014-06-25 14:45:24 +02:00 |
|
Manuel Pégourié-Gonnard
|
bf31977c42
|
Update BIGNUM_C comments
|
2014-06-25 13:00:17 +02:00 |
|
Manuel Pégourié-Gonnard
|
dc16aa7eac
|
Improve comments on POLARSSL_ERROR_STRERROR_DUMMY
|
2014-06-25 12:55:12 +02:00 |
|
Manuel Pégourié-Gonnard
|
01edb1044c
|
Add POLARSSL_REMOVE_RC4_CIPHERSUITES
|
2014-06-25 11:27:59 +02:00 |
|
Manuel Pégourié-Gonnard
|
d1539b1e88
|
Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT
|
2014-06-06 16:42:37 +02:00 |
|
Manuel Pégourié-Gonnard
|
bf696d030b
|
Make sig_opts non-optional in X509 structures
This simplifies the code.
|
2014-06-05 17:08:46 +02:00 |
|
Manuel Pégourié-Gonnard
|
59a75d5b9d
|
Basic parsing of certs signed with RSASSA-PSS
|
2014-06-02 16:10:29 +02:00 |
|
Paul Bakker
|
b5212b436f
|
Merge CCM cipher mode and ciphersuites
Conflicts:
library/ssl_tls.c
|
2014-05-22 15:30:31 +02:00 |
|
Paul Bakker
|
64a96ea281
|
Fix typo in a6916fa
|
2014-05-22 15:13:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
4d8db4ab10
|
Fix typo in a config.h #define
|
2014-05-22 13:52:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
a6916fada8
|
Add (placeholder) CCM module
|
2014-05-06 11:28:09 +02:00 |
|
Manuel Pégourié-Gonnard
|
14d55951ef
|
Split config checks to separate file
|
2014-04-30 16:40:24 +02:00 |
|
Paul Bakker
|
0f90d7d2b5
|
version_check_feature() added to check for compile-time options at run-time
|
2014-04-30 11:49:44 +02:00 |
|
Paul Bakker
|
eaebbd5eaa
|
debug_set_log_mode() added to determine raw or full logging
|
2014-04-25 16:58:14 +02:00 |
|
Paul Bakker
|
088c5c5f18
|
POLARSSL_CONFIG_OPTIONS has been removed. Values are set individually
For the Platform module this requires the introduction of
POLARSSL_PLATFORM_NO_STD_FUNCTIONS to allow not performing the default
assignments.
|
2014-04-25 11:11:10 +02:00 |
|
Paul Bakker
|
03b6a46353
|
Properly comment two defines in config.h
|
2014-04-17 17:24:28 +02:00 |
|
Manuel Pégourié-Gonnard
|
7afb8a0dca
|
Add x509_crt_check_extended_key_usage()
|
2014-04-11 11:09:00 +02:00 |
|
Manuel Pégourié-Gonnard
|
603116c570
|
Add x509_crt_check_key_usage()
|
2014-04-09 15:50:57 +02:00 |
|
Paul Bakker
|
0763a401a7
|
Merged support for the ALPN extension
|
2014-04-08 14:37:12 +02:00 |
|
Paul Bakker
|
27e36d342c
|
Support for the ALPN SSL extension (re-enabled in config.h)
|
2014-04-08 12:33:37 +02:00 |
|
Shuo Chen
|
95a0d118a9
|
Fix compile error when POLARSSL_ERROR_STRERROR_BC is undefined.
|
2014-04-08 10:53:51 +02:00 |
|
Manuel Pégourié-Gonnard
|
83d8c73c91
|
Disable ALPN by default
|
2014-04-07 13:24:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
7e250d4812
|
Add ALPN interface
|
2014-04-04 17:10:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
a27cd4c62e
|
Fix ENTROPY_LEN check
|
2014-04-02 13:46:29 +02:00 |
|
Manuel Pégourié-Gonnard
|
eb82a74ed2
|
Fix header issue with default malloc()
|
2014-04-02 13:43:48 +02:00 |
|
Manuel Pégourié-Gonnard
|
6fac3515d0
|
Make support for SpecifiedECDomain optional
|
2014-03-19 16:50:59 +01:00 |
|
Manuel Pégourié-Gonnard
|
5d917ff6a8
|
Add a 'sni' option to ssl_server2
|
2014-03-14 08:41:01 +01:00 |
|
Manuel Pégourié-Gonnard
|
bb4dd37044
|
Add a warning against compression in config.h
|
2014-03-13 19:25:06 +01:00 |
|
Manuel Pégourié-Gonnard
|
c9093085ed
|
Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c , reversing
changes made to e31b1d992a .
|
2014-02-12 09:39:59 +01:00 |
|
Paul Bakker
|
2ceda57989
|
Ability to force the Entropy module to use SHA-256 as its basis
By default the SHA-512 module is used if both are available. On some
systems, SHA-256 is the better choice.
Contributed by: Gergely Budai
|
2014-02-06 15:55:25 +01:00 |
|
Paul Bakker
|
f2561b3f69
|
Ability to provide alternate timing implementation
|
2014-02-06 15:32:26 +01:00 |
|
Paul Bakker
|
6a28e722c9
|
Merged platform compatibility layer
|
2014-02-06 13:44:19 +01:00 |
|
Paul Bakker
|
defc0ca337
|
Migrated the Memory layer to the Platform layer
Deprecated POLARSSL_MEMORY_C and placed placeholder for memory.h to make
sure current code will not break on new version.
|
2014-02-06 13:20:17 +01:00 |
|
Paul Bakker
|
747a83a0f7
|
Platform abstraction layer for memory, printf and fprintf
|
2014-02-06 13:15:25 +01:00 |
|
Paul Bakker
|
ab50d8d30c
|
Merged RSA-PSS support in Certificate, CSR and CRL
|
2014-02-06 13:14:56 +01:00 |
|