Paul Bakker
|
1a1fbba1ae
|
Sanity length checks in ssl_read_record() and ssl_fetch_input()
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
|
2014-04-30 14:48:51 +02:00 |
|
Paul Bakker
|
24f37ccaed
|
rsa_check_pubkey() now allows an E up to N
|
2014-04-30 13:43:51 +02:00 |
|
Paul Bakker
|
0f90d7d2b5
|
version_check_feature() added to check for compile-time options at run-time
|
2014-04-30 11:49:44 +02:00 |
|
Paul Bakker
|
8394684dd3
|
Clearer description for version_get_string_full() regarding 18 bytes
|
2014-04-30 10:21:51 +02:00 |
|
Paul Bakker
|
a70366317d
|
Improve interop by not writing ext_len in ClientHello / ServerHello when 0
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
|
2014-04-30 10:16:16 +02:00 |
|
Manuel Pégourié-Gonnard
|
e26389f26f
|
Document that Curve25519 can't be the only curve
|
2014-04-29 15:32:53 +02:00 |
|
Manuel Pégourié-Gonnard
|
3d41370645
|
Fix hash dependencies in X.509 tests
|
2014-04-29 15:29:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
3a306b9067
|
Fix misplaced #endif in ssl_tls.c
|
2014-04-29 15:11:17 +02:00 |
|
Manuel Pégourié-Gonnard
|
edc81ff8c2
|
Fix some more curve depends in X.509 tests
|
2014-04-29 15:10:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
ec4d27398a
|
Fix curve dependencies in *keyusage tests
|
2014-04-29 15:06:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
63a5bfe903
|
Update Changelog for AES-NI
|
2014-04-26 17:21:07 +02:00 |
|
Manuel Pégourié-Gonnard
|
b1fd397be6
|
Adapt AES-NI code to "old" binutil versions
|
2014-04-26 17:17:31 +02:00 |
|
Paul Bakker
|
c73079a78c
|
Add debug_set_threshold() and thresholding of messages
|
2014-04-25 16:58:16 +02:00 |
|
Paul Bakker
|
92478c37a6
|
Debug module only outputs full lines instead of parts
|
2014-04-25 16:58:15 +02:00 |
|
Paul Bakker
|
eaebbd5eaa
|
debug_set_log_mode() added to determine raw or full logging
|
2014-04-25 16:58:14 +02:00 |
|
Paul Bakker
|
57ffa5570d
|
Add tests for debug_print_ret() and debug_print_buf().
|
2014-04-25 16:58:13 +02:00 |
|
Paul Bakker
|
2b34657b39
|
Updated Debug test suite data
|
2014-04-25 16:58:12 +02:00 |
|
Paul Bakker
|
93c32b21b3
|
Allow ssl_client to pad request to SSL_MAX_CONTENT_LEN
|
2014-04-25 16:58:12 +02:00 |
|
Paul Bakker
|
61885c7f7f
|
Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
|
2014-04-25 12:59:51 +02:00 |
|
Paul Bakker
|
fdba46885b
|
cert_write app should use subject of issuer certificate as issuer of cert
|
2014-04-25 11:48:35 +02:00 |
|
Paul Bakker
|
4ffcd2f9c3
|
Typo in PKCS#11 module
|
2014-04-25 11:44:12 +02:00 |
|
Paul Bakker
|
10a9dd35ea
|
Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c
|
2014-04-25 11:27:16 +02:00 |
|
Paul Bakker
|
088c5c5f18
|
POLARSSL_CONFIG_OPTIONS has been removed. Values are set individually
For the Platform module this requires the introduction of
POLARSSL_PLATFORM_NO_STD_FUNCTIONS to allow not performing the default
assignments.
|
2014-04-25 11:11:10 +02:00 |
|
Paul Bakker
|
1f69a93ab1
|
Move configs to 'configs/' and activate-config.pl should be called from root
|
2014-04-25 10:04:49 +02:00 |
|
Paul Bakker
|
0767e67d17
|
Add support for 'emailAddress' to x509_string_to_names()
|
2014-04-18 14:11:37 +02:00 |
|
Paul Bakker
|
e92f73d73b
|
Updated ChangeLog
|
2014-04-18 14:08:26 +02:00 |
|
Paul Bakker
|
c70e425a73
|
Only iterate over actual certificates in ssl_write_certificate_request()
|
2014-04-18 13:50:19 +02:00 |
|
Paul Bakker
|
f4cf80b86f
|
Restructured pk_parse_key_pkcs8_encrypted_der() to prevent unreachable code
|
2014-04-17 17:24:29 +02:00 |
|
Paul Bakker
|
03b6a46353
|
Properly comment two defines in config.h
|
2014-04-17 17:24:28 +02:00 |
|
Paul Bakker
|
3ad3aa3bc0
|
Travis configuration file
|
2014-04-17 17:24:27 +02:00 |
|
Paul Bakker
|
8a0c0a9ed9
|
Check additional return values in some test cases
|
2014-04-17 17:24:23 +02:00 |
|
Paul Bakker
|
94b916c7b5
|
Split assignment and assert check into seperate lines in tests
|
2014-04-17 16:07:20 +02:00 |
|
Paul Bakker
|
dd0aae92e0
|
Replaced strcpy() with strncpy() in tests suites
|
2014-04-17 16:06:37 +02:00 |
|
Paul Bakker
|
b6487dade9
|
Fixed result for test case in test_suite_x509parse
|
2014-04-17 16:04:33 +02:00 |
|
Paul Bakker
|
df71dd1618
|
Cleaner initialization (values did not matter, but were uninitialized)
|
2014-04-17 16:03:48 +02:00 |
|
Paul Bakker
|
030decdb4e
|
Actually increment the loop counter to quit in ssl_fork_server
|
2014-04-17 16:03:23 +02:00 |
|
Paul Bakker
|
0c22610693
|
Cleaned up location of init and free for some programs to prevent memory
leaks on incorrect arguments
|
2014-04-17 16:02:36 +02:00 |
|
Paul Bakker
|
cbe3d0d5cc
|
Added return value checking for correctness in programs
|
2014-04-17 16:00:59 +02:00 |
|
Paul Bakker
|
4f42c11846
|
Remove arbitrary maximum length for cipher_list and content length
|
2014-04-17 15:37:39 +02:00 |
|
Paul Bakker
|
d893aef867
|
Force default value to curve parameter
|
2014-04-17 14:45:34 +02:00 |
|
Paul Bakker
|
93389cc620
|
Remove const indicator
|
2014-04-17 14:44:38 +02:00 |
|
Paul Bakker
|
874bd64b28
|
Check setsockopt() return value in net_bind()
|
2014-04-17 12:43:05 +02:00 |
|
Paul Bakker
|
3d8fb63e11
|
Added missing MPI_CHK around mpi functions
|
2014-04-17 12:42:41 +02:00 |
|
Paul Bakker
|
a9c16d2825
|
Removed unused cur variable in x509_string_to_names()
|
2014-04-17 12:42:18 +02:00 |
|
Paul Bakker
|
0e4f9115dc
|
Fix iteration counter
|
2014-04-17 12:39:05 +02:00 |
|
Paul Bakker
|
784b04ff9a
|
Prepared for version 1.3.6
|
2014-04-11 15:33:59 +02:00 |
|
Paul Bakker
|
d8b0c5ef01
|
Fixed typo
|
2014-04-11 15:31:33 +02:00 |
|
Paul Bakker
|
d2c2c1c46b
|
Doxygen typo in ripemd160.h
|
2014-04-11 15:28:52 +02:00 |
|
Manuel Pégourié-Gonnard
|
9655e4597a
|
Reject certificates with times not in UTC
|
2014-04-11 13:59:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
0776a43788
|
Use UTC to heck certificate validity
|
2014-04-11 13:59:31 +02:00 |
|