Manuel Pégourié-Gonnard
|
5cb4b31057
|
Fix missing bound check
|
2015-01-13 14:58:00 +01:00 |
|
Manuel Pégourié-Gonnard
|
f5f25b3a0d
|
Add test for ctr_drbg_update() input sanitizing
|
2015-01-13 14:56:59 +01:00 |
|
Paul Bakker
|
d9e2dd2bb0
|
Merge support for Encrypt-then-MAC
|
2015-01-13 14:23:56 +01:00 |
|
Manuel Pégourié-Gonnard
|
352143fa1e
|
Refactor for clearer correctness/security
|
2015-01-13 12:02:55 +01:00 |
|
Manuel Pégourié-Gonnard
|
982865618a
|
Stop assuming chars are signed
(They aren't on ARM by default.)
|
2015-01-12 19:17:05 +01:00 |
|
Paul Bakker
|
54b1a8fa4d
|
Merge support for Extended Master Secret (session-hash)
|
2015-01-12 14:14:07 +01:00 |
|
Paul Bakker
|
b52b015c0b
|
Merge support for FALLBACK_SCSV
|
2015-01-12 14:07:59 +01:00 |
|
Manuel Pégourié-Gonnard
|
d68b65199f
|
Fix previous commit
(worked with BSD sed but no GNU sed...)
|
2015-01-07 14:55:38 +01:00 |
|
Manuel Pégourié-Gonnard
|
3da751ea55
|
Allow flexible location of valgrind
|
2014-12-15 10:47:31 +01:00 |
|
Manuel Pégourié-Gonnard
|
f46f128f4a
|
Fix test scripts portability issues
|
2014-12-11 17:26:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
76c99a01a1
|
Fix Gnu-ism in script
|
2014-12-11 10:33:43 +01:00 |
|
Manuel Pégourié-Gonnard
|
8e4b3374d7
|
Fix some more warnings in reduced configs
|
2014-11-17 15:06:13 +01:00 |
|
Manuel Pégourié-Gonnard
|
be6ce835a2
|
Fix typo causing MSVC errors
|
2014-11-17 14:29:36 +01:00 |
|
Manuel Pégourié-Gonnard
|
9d7821d774
|
Fix warning in reduced config
|
2014-11-06 01:19:52 +01:00 |
|
Manuel Pégourié-Gonnard
|
b3c6a97b31
|
Update Changelog for session-hash
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
c122ae7612
|
Update Changelog for EtM
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
769c6b6351
|
Make session-hash depend on TLS versions
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
1a03473576
|
Keep EtM state across renegotiations
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
b575b54cb9
|
Forbid extended master secret with SSLv3
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
169dd6a514
|
Adjust minimum length for EtM
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
dd4592774b
|
compat.sh: allow git version of gnutls
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
78e745fc0a
|
Don't send back EtM extension if not using CBC
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
08558e5b46
|
Fix for the RFC erratum
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
313d796e80
|
Implement EtM
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
0098e7dc70
|
Preparation for EtM
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
699cafaea2
|
Implement initial negotiation of EtM
Not implemented yet:
- actually using EtM
- conditions on renegotiation
|
2014-11-05 16:00:50 +01:00 |
|
Manuel Pégourié-Gonnard
|
178f9d6e19
|
Update Changelog for FALLBACK_SCSV
|
2014-11-05 16:00:49 +01:00 |
|
Manuel Pégourié-Gonnard
|
85a4178f82
|
compat.sh: make options a bit more robust
|
2014-11-05 16:00:49 +01:00 |
|
Manuel Pégourié-Gonnard
|
01b2699198
|
Implement FALLBACK_SCSV server-side
|
2014-11-05 16:00:49 +01:00 |
|
Manuel Pégourié-Gonnard
|
ada3030485
|
Implement extended master secret
|
2014-11-05 16:00:49 +01:00 |
|
Manuel Pégourié-Gonnard
|
1cbd39dbeb
|
Implement FALLBACK_SCSV client-side
|
2014-11-05 16:00:49 +01:00 |
|
Manuel Pégourié-Gonnard
|
367381fddd
|
Add negotiation of Extended Master Secret
(But not the actual thing yet.)
|
2014-11-05 16:00:49 +01:00 |
|
Paul Bakker
|
a6c5ea2c43
|
Include 1.2.12 release information in ChangeLog
|
2014-10-24 16:26:29 +02:00 |
|
Paul Bakker
|
82788fb63b
|
Fix minor style issues
|
2014-10-20 13:59:19 +02:00 |
|
Paul Bakker
|
9eac4f7c4e
|
Prepare for release 1.3.9
|
2014-10-20 13:56:15 +02:00 |
|
Paul Bakker
|
b082bb50de
|
Fix typos in ChangeLog
|
2014-10-20 13:37:51 +02:00 |
|
Manuel Pégourié-Gonnard
|
f7cdbc0e87
|
Fix potential bad read of length
|
2014-10-17 17:02:10 +02:00 |
|
Manuel Pégourié-Gonnard
|
ef9a6aec51
|
Allow comparing name with mismatched encodings
|
2014-10-17 12:42:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
9c911da68f
|
Add tests for X.509 name encoding mismatch
|
2014-10-17 12:42:31 +02:00 |
|
Manuel Pégourié-Gonnard
|
88421246d8
|
Rename a function
|
2014-10-17 12:42:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
43c3b28ca6
|
Fix memory leak with crafted ClientHello
|
2014-10-17 12:42:11 +02:00 |
|
Manuel Pégourié-Gonnard
|
5d8618539f
|
Fix memory leak while parsing some X.509 certs
|
2014-10-17 12:41:41 +02:00 |
|
Manuel Pégourié-Gonnard
|
64938c63f0
|
Accept spaces at end of line/buffer in base64
|
2014-10-15 23:53:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
7f4ed67a97
|
Fix compile error with armcc in mpi_is_prime()
|
2014-10-15 22:06:46 +02:00 |
|
Manuel Pégourié-Gonnard
|
da1b4de0e4
|
Increase MPI_MAX_BYTES to allow RSA 8192
|
2014-10-15 22:06:46 +02:00 |
|
Paul Bakker
|
5a5fa92bfe
|
x509_crt_parse() did not increase total_failed on PEM error
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
|
2014-10-03 15:47:13 +02:00 |
|
Paul Bakker
|
9e4ff953de
|
Clarified len parameter of ssl_read()
|
2014-09-24 11:13:11 +02:00 |
|
Manuel Pégourié-Gonnard
|
7fa67728ad
|
Scripts print more info on failure within buildbot
|
2014-08-31 17:42:53 +02:00 |
|
Manuel Pégourié-Gonnard
|
c2b0092a1b
|
Fix leaving around temporary file in ssl-opt.sh
|
2014-08-31 17:17:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
1287f11d54
|
Detect GnuTLS presence and version in compat.sh
|
2014-08-31 16:31:32 +02:00 |
|