Simon Butcher
9f81231fb8
Revised hostname length check from review
2015-09-28 19:22:33 +01:00
Simon Butcher
89f77623b8
Added max length checking of hostname
2015-09-27 22:50:49 +01:00
Manuel Pégourié-Gonnard
8cea8ad8b8
Bump version to 2.1.1
2015-09-17 11:58:45 +02:00
Simon Butcher
5793e7ef01
Merge 'development' into iotssl-411-port-reuse
...
Conflicts:
ChangeLog
2015-09-16 15:25:53 +01:00
Simon Butcher
1a57af1607
Update ssl.h
...
Typo
2015-09-11 17:14:16 +01:00
Simon Butcher
4f6882a8a3
Update config.h
...
Typo in RFC x-ref comment.
2015-09-11 17:12:46 +01:00
Manuel Pégourié-Gonnard
ddfe5d20d1
Tune dependencies
...
Don't depend on srv.c in config.h, but add explicit checks. This is more
in line with other options that only make sense server-side, and also it
allows to test full config minus srv.c more easily.
2015-09-09 12:46:16 +02:00
Manuel Pégourié-Gonnard
62c74bb78a
Stop wasting resources
...
Use a custom function that minimally parses the message an creates a reply
without the overhead of a full SSL context.
Also fix dependencies: needs DTLS_HELLO_VERIFY for the cookie types, and let's
also depend on SRV_C as is doesn't make sense on client.
2015-09-09 11:22:52 +02:00
Nicholas Wilson
2088e2ebd9
fix const-ness of argument to mbedtls_ssl_conf_cert_profile
...
Otherwise, it's impossible to pass in a pointer to
mbedtls_x509_crt_profile_next!
2015-09-08 16:53:18 +01:00
Manuel Pégourié-Gonnard
222cb8db22
Tune related documentation while at it
2015-09-08 15:43:59 +02:00
Manuel Pégourié-Gonnard
3a2a4485d4
Update documentation
2015-09-08 15:36:09 +02:00
Manuel Pégourié-Gonnard
be619c1264
Clean up error codes
2015-09-08 11:21:21 +02:00
Manuel Pégourié-Gonnard
26d227ddfc
Add config flag for support of client port reuse
2015-09-08 10:39:06 +02:00
Manuel Pégourié-Gonnard
aac5502553
Bump version to 2.1.0
2015-09-04 14:33:31 +02:00
Manuel Pégourié-Gonnard
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Manuel Pégourié-Gonnard
5f5e0ec3f1
Improve mbedtls_ssl_write() documentation
2015-08-31 20:47:04 +02:00
Manuel Pégourié-Gonnard
a2cda6bfaf
Add mbedtls_ssl_get_max_frag_len()
...
This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing.
2015-08-31 20:47:04 +02:00
Manuel Pégourié-Gonnard
bb83844a1d
Clarify that there are two SSL I/O buffers
2015-08-31 12:46:01 +02:00
Manuel Pégourié-Gonnard
46c4fa16ab
Fix missing casts on return
...
closes #236
2015-08-12 09:27:55 +02:00
Manuel Pégourié-Gonnard
e2b0efe24b
Separate license from comments in config.h
2015-08-11 10:38:37 +02:00
Manuel Pégourié-Gonnard
ac50fc5e2f
Fix typo in doc
2015-08-10 13:07:09 +02:00
Manuel Pégourié-Gonnard
854dab96fe
Fix the fix for armcc5 --gnu
...
Only exclude armcc5, not armcc6.
2015-08-10 12:11:31 +02:00
Manuel Pégourié-Gonnard
32da9f66a8
Add support for MBEDTLS_USER_CONFIG_FILE
2015-08-06 09:57:54 +02:00
Manuel Pégourié-Gonnard
43569a93cc
Use #ifdef rather than patch for target_config.h
2015-08-06 09:57:54 +02:00
Manuel Pégourié-Gonnard
63e7ebaaa1
Add material for generating yotta module
2015-08-06 09:57:53 +02:00
Manuel Pégourié-Gonnard
e14dec68ea
Fix stupid typo in previous commit
2015-08-04 22:49:33 +02:00
Manuel Pégourié-Gonnard
f659f0c214
Disable Padlock code with ASan
...
We're getting build errors with Clang 3.5.0 on our Debian Jessie buildslave:
library/padlock.c:99:10: error: inline assembly requires more registers than available
2015-08-04 22:19:05 +02:00
Manuel Pégourié-Gonnard
e96ce08a21
Fix compile error with armcc5 --gnu
2015-07-31 10:58:06 +02:00
Manuel Pégourié-Gonnard
6fb8187279
Update date in copyright line
2015-07-28 17:11:58 +02:00
Manuel Pégourié-Gonnard
10c767488b
Adjust rename/compat list
2015-07-15 11:07:26 +02:00
Paul Bakker
4cb87f409d
Prepare for 2.0.0 release
2015-07-10 14:09:43 +01:00
Manuel Pégourié-Gonnard
1409616d9c
Fix one renaming in the list
...
Found by Simon while testing the upgrade guide
2015-07-09 09:17:18 +01:00
Manuel Pégourié-Gonnard
20af64dc2c
Still need to #define inline for MSVC
...
I only tested with VS2015 earlier, but previous versions apparently still
don't know that standard C99 keyword though it's documented on MSDN...
2015-07-07 23:21:30 +02:00
Manuel Pégourié-Gonnard
052a6c9cfe
Add mbedtls_md_clone()
2015-07-06 16:06:02 +02:00
Manuel Pégourié-Gonnard
16d412f465
Add md/shaXXX_clone() API
...
Will be used in the SSL/TLS modules
2015-07-06 15:48:34 +02:00
Manuel Pégourié-Gonnard
7893103154
Remove 1024 bits DHM params and add one 4096 bit
2015-07-03 17:06:39 +02:00
Manuel Pégourié-Gonnard
7c3b4ab6f2
Fix typos in comments
2015-07-02 17:59:52 +02:00
Manuel Pégourié-Gonnard
5791109707
Make the hardclock test optional
...
Known to fail on VMs (such as the buildbots), see eg
http://blog.badtrace.com/post/rdtsc-x86-instruction-to-detect-vms/
2015-07-01 19:22:12 +02:00
Manuel Pégourié-Gonnard
9bd0afdb22
Add guards for closed socket in net.c
...
This is particularly problematic when calling FD_SET( -1, ... ), but let's
check it in all functions.
This was introduced with the new API and the fact the net_free() now sets the
internal fd to -1 in order to mark it as closed: now using this information.
2015-07-01 19:03:27 +02:00
Manuel Pégourié-Gonnard
2505528be4
Rm obsolete defines for inline wiht MSVC
...
The "inline" keyword is supported since Visual Studio 2005 according to MSDN,
and we require Visual Studio 2010 or higher.
2015-07-01 17:22:36 +02:00
Manuel Pégourié-Gonnard
abc729e664
Simplify net_accept() with UDP sockets
...
This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it.
2015-07-01 01:28:24 +02:00
Manuel Pégourié-Gonnard
3d7d00ad23
Rename mbedtls_net_close() to mbedtls_net_free()
...
close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules
2015-06-30 16:50:37 +02:00
Manuel Pégourié-Gonnard
91895853ac
Move from naked int to a structure in net.c
...
Provides more flexibility for future changes/extensions.
2015-06-30 15:56:25 +02:00
Manuel Pégourié-Gonnard
a16e7c468c
Rename a debug function
2015-06-29 20:14:19 +02:00
Manuel Pégourié-Gonnard
b74c245a20
Rework debug to not need dynamic alloc
...
But introduces dependency on variadic macros
2015-06-29 20:08:23 +02:00
Manuel Pégourié-Gonnard
9db2887672
Actually enable fixed snprintf on windows
2015-06-26 11:04:08 +02:00
Manuel Pégourié-Gonnard
dc54ff8578
Improve documentation about SSL ticket encryption
2015-06-25 12:44:46 +02:00
Manuel Pégourié-Gonnard
216a1831de
Fix whitespace in CMakeLists.txt
...
- all spaces no tabs
- indent with 4 spaces everywhere
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
53585eeb17
Remove test DHM params from certs.c
...
certs.c belongs to the X.509 library, while DHM belongs to the crypto lib.
2015-06-25 10:59:57 +02:00
Manuel Pégourié-Gonnard
0761733c1b
Fix potential NULL dereference
...
We document that either of recv or recv_timeout may be NULL, but for TLS we
always used recv... Thanks Coverity for catching that.
(Not remotely trigerrable: local configuration.)
Also made me notice net_recv_timeout didn't do its job properly.
2015-06-25 10:59:57 +02:00