Manuel Pégourié-Gonnard
17a40cd255
Change ssl_own_cert to work on ssl_config
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1af6c8500b
Add ssl_set_hs_own_cert()
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
8f618a8e65
Rework ssl_set_own_cert() internals
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
120fdbdb3d
Change ssl_set_psk() to act on ssl_config
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
4b68296626
Use a specific function in the PSK callback
2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
750e4d7769
Move ssl_set_rng() to act on config
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
5cb3308e5f
Merge contexts for session cache
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
ae31914990
Rename ssl_legacy_renegotiation() to ssl_set_...
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
662c6e8cdd
Disable truncated HMAC by default
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
1028b74cff
Upgrade default DHM params size
2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
8836994f6b
Move WANT_READ/WANT_WRITE codes to SSL
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
1b511f93c6
Rename ssl_set_bio_timeout() to set_bio()
...
Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway...
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
97fd52c529
Split ssl_set_read_timeout() out of bio_timeout()
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
bc2b771af4
Move ssl_set_ca_chain() to work on config
2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
ba26c24769
Change how hostname is stored internally
2015-05-07 10:19:14 +01:00
Manuel Pégourié-Gonnard
2b49445876
Move session ticket keys to conf
...
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
684b0592cb
Move ssl_set_fallback() to work on conf
...
Initially thought it would be per-connection, but since max_version is in conf
too, and you need to lower that for a fallback connection, the fallback flag
should be in the same place
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
6bf89d6ad9
Move ssl_set_max_fragment_len to work on conf
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
17eab2b65c
Move set_cbc_record_splitting() to conf
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
d36e33fc07
Move easy ssl_set_xxx() functions to work on conf
...
mbedtls_ssl_set_alpn_protocols
mbedtls_ssl_set_arc4_support
mbedtls_ssl_set_authmode
mbedtls_ssl_set_ciphersuites
mbedtls_ssl_set_ciphersuites_for_version
mbedtls_ssl_set_curves
mbedtls_ssl_set_dbg
mbedtls_ssl_set_dh_param
mbedtls_ssl_set_dh_param_ctx
mbedtls_ssl_set_dtls_anti_replay
mbedtls_ssl_set_dtls_badmac_limit
mbedtls_ssl_set_dtls_cookies
mbedtls_ssl_set_encrypt_then_mac
mbedtls_ssl_set_endpoint
mbedtls_ssl_set_extended_master_secret
mbedtls_ssl_set_handshake_timeout
mbedtls_ssl_legacy_renegotiation
mbedtls_ssl_set_max_version
mbedtls_ssl_set_min_version
mbedtls_ssl_set_psk_cb
mbedtls_ssl_set_renegotiation
mbedtls_ssl_set_renegotiation_enforced
mbedtls_ssl_set_renegotiation_period
mbedtls_ssl_set_session_cache
mbedtls_ssl_set_session_ticket_lifetime
mbedtls_ssl_set_sni
mbedtls_ssl_set_transport
mbedtls_ssl_set_truncated_hmac
mbedtls_ssl_set_verify
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
419d5ae419
Make endpoint+transport args of config_defaults()
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
def0bbe3ab
Allocate ssl_config out of ssl_setup()
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
cd523e2a5e
Introduce mbedtls_ssl_config_{init,defaults,free}()
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
7ca4e4dc79
Move things to conf substructure
...
A simple series of sed invocations.
This is the first step, purely internal changes. The conf substructure is not
ready to be shared between contexts yet.
2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
8a81e84638
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Add countermeasure against cache-based lucky 13
Conflicts:
library/ssl_tls.c
2015-04-29 02:13:42 +02:00
Manuel Pégourié-Gonnard
41d479e7df
Split ssl_init() -> ssl_setup()
2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard
47fede0d6d
Add countermeasure against cache-based lucky 13
2015-04-29 01:35:48 +02:00
Manuel Pégourié-Gonnard
e6028c93f5
Fix some X509 macro names
...
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
2015-04-20 12:19:02 +01:00
Manuel Pégourié-Gonnard
e6efa6f54e
manually merge 9f98251
make extKeyUsage accessible
2015-04-20 11:23:24 +01:00
Manuel Pégourié-Gonnard
144bc224e9
Merge branch 'mbedtls-1.3' into development
...
* commit 'a2fce21':
Fix potential NULL dereference on bad usage
Conflicts:
library/ssl_tls.c
2015-04-17 20:39:07 +02:00
Manuel Pégourié-Gonnard
9f98251e72
Make results of (ext)KeyUsage accessible
2015-04-17 19:57:21 +02:00
Manuel Pégourié-Gonnard
a2fce21ae5
Fix potential NULL dereference on bad usage
2015-04-15 21:04:19 +02:00
Manuel Pégourié-Gonnard
8408a94969
Remove MBEDTLS_ from internal macros
2015-04-09 13:52:55 +02:00
Manuel Pégourié-Gonnard
2cf5a7c98e
The Great Renaming
...
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard
932e3934bd
Fix typos & Co
2015-04-03 18:46:55 +02:00
Manuel Pégourié-Gonnard
8c8be1ebbb
Change default min TLS version to TLS 1.0
2015-03-31 14:22:30 +02:00
Manuel Pégourié-Gonnard
d16df8f60a
Cleanup unused bit in ssl
...
Became unused when removing deprecated ssl_set_own_cert_xxx() functions
2015-03-31 14:04:51 +02:00
Manuel Pégourié-Gonnard
fa44f20b9f
Change authmode default to Required on client
2015-03-27 17:52:25 +01:00
Manuel Pégourié-Gonnard
e960818735
Check return value of the TLS PRF
2015-03-26 11:47:47 +01:00
Manuel Pégourié-Gonnard
b7fcca33b9
Make tls1_prf and tls12_prf more efficient
...
Repeatedly allocating a context and setting the key was a waste
2015-03-26 11:41:28 +01:00
Manuel Pégourié-Gonnard
6890c6b64e
Factor tls_prf_sha{256,384} together
2015-03-26 11:11:49 +01:00
Manuel Pégourié-Gonnard
abb674467b
Rename md_init_ctx() to md_setup()
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
4063ceb281
Make hmac_ctx optional
...
Note from future self: actually md_init_ctx will be re-introduced with the
same signature later, and a new function with the additional argument will be
added.
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
7da726bb53
Remove calls to xxx_hmac() from SSL modules
2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard
9a65e80e4f
Properly mark ssl_set_bio() as deprecated
2015-03-25 18:09:46 +01:00
Manuel Pégourié-Gonnard
c70581c272
Add POLARSSL_DEPRECATED_{WARNING,REMOVED}
2015-03-23 14:11:11 +01:00
Manuel Pégourié-Gonnard
849b174e57
Disable RC4 by default in the library
2015-03-20 19:14:19 +00:00
Manuel Pégourié-Gonnard
47723147f5
Remove functions deprecated in 1.3
2015-03-20 18:21:12 +00:00
Manuel Pégourié-Gonnard
852a6d3d8f
Rename ssl.renegotiation to ssl.renego_status
2015-03-19 16:15:20 +00:00
Manuel Pégourié-Gonnard
0db107e4ba
Fix pk_can_do() constness issue
2015-03-19 14:01:57 +00:00
Manuel Pégourié-Gonnard
57a26da593
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Use link-time garbage collection in memory.sh
scripts/memory.sh only work on Linux
Add missing 'const' on selftest data
Use only headers for doxygen (no doc in C files)
Add missing extern "C" guard in aesni.h
Fix compile error with renego disabled
Remove slow PKCS5 test
Stop checking key-cert match systematically
Make tests/*.sh runnable from anywhere
Update visual C files
2015-03-11 10:30:21 +00:00
Manuel Pégourié-Gonnard
f427f8854a
Stop checking key-cert match systematically
2015-03-10 15:35:29 +00:00
Manuel Pégourié-Gonnard
69849f8595
Drop renego state from context if no renego support
2015-03-10 11:54:02 +00:00
Manuel Pégourié-Gonnard
7f8099773e
Rename include directory to mbedtls
2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard
2f5a1b4e55
Rename SSL_RENEGOTIATION macro
...
- new name is more explicit
- avoids collision with POLARSSL_SSL_RENEGOTIATION config flag when prefixing
will be applied
2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard
9b6699066e
Fix typos in macro names
2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard
998897be3d
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Rename website and repository
Move private macro from header to C file
Add some missing 'static' on a few objects
Fix whitespace issues
Minor portability fix in benchmark
2015-03-06 13:25:41 +00:00
Manuel Pégourié-Gonnard
fe44643b0e
Rename website and repository
2015-03-06 13:17:10 +00:00
Manuel Pégourié-Gonnard
4e41c99ed8
Merge branch 'development' into dtls
...
* development:
Avoid possible dangling pointers
Conflicts:
library/ssl_tls.c
2015-02-18 10:39:49 +00:00
Manuel Pégourié-Gonnard
f7db5e0a4a
Avoid possible dangling pointers
...
If the allocation fails, we don't really want ssl->in_ctr = 8 lying around.
2015-02-18 10:32:41 +00:00
Manuel Pégourié-Gonnard
cd4cd1dd26
Merge branch 'development' into dtls
...
* development:
Fix the fix to ssl_set_psk()
Update Changelog
Finish fixing memleak in ssl_server2 arg parsing
Fix another potential memory leak found by find-mem-leak.cocci.
Add a rule for another type of memory leak to find-mem-leak.cocci.
Fix a potential memory leak found by find-mem-leak.cocci.
Add a semantic patch to find potential memory leaks.
Fix whitespace of 369e6c20
.
Apply the semantic patch rm-malloc-cast.cocci.
Add a semantic patch to remove casts of malloc.
2015-02-18 10:25:16 +00:00
Manuel Pégourié-Gonnard
f45850c493
Fix the fix to ssl_set_psk()
...
- possible for the first malloc to fail and the second to succeed
- missing = NULL assignment
2015-02-18 10:23:52 +00:00
Manuel Pégourié-Gonnard
ac08b543db
Merge remote-tracking branch 'rasp/mem-leak' into development
...
* rasp/mem-leak:
Fix another potential memory leak found by find-mem-leak.cocci.
Add a rule for another type of memory leak to find-mem-leak.cocci.
Fix a potential memory leak found by find-mem-leak.cocci.
Add a semantic patch to find potential memory leaks.
Fix whitespace of 369e6c20
.
Apply the semantic patch rm-malloc-cast.cocci.
Add a semantic patch to remove casts of malloc.
Conflicts:
programs/ssl/ssl_server2.c
2015-02-18 10:07:22 +00:00
Mansour Moufid
f81088bb80
Fix a potential memory leak found by find-mem-leak.cocci.
2015-02-17 13:10:21 -05:00
Manuel Pégourié-Gonnard
d901d17817
Merge branch 'development' into dtls
...
* development: (100 commits)
Update Changelog for the mem-measure branch
Fix issues introduced when rebasing
Fix compile error in memory_buffer_alloc_selftest
Code cosmetics
Add curve25519 to ecc-heap.sh
Add curve25519 to the benchmark program
Fix compile issue when buffer_alloc not available
New script ecc-heap.sh
Fix unused variable issue in some configs
Rm usunused member in private struct
Add heap usage for PK in benchmark
Use memory_buffer_alloc() in benchmark if available
Only define mode_func if mode is enabled (CBC etc)
PKCS8 encrypted key depend on PKCS5 or PKCS12
Disable SRV_C for client measurement
Output stack+heap usage with massif
Enable NIST_OPTIM by default for config-suite-b
Refactor memory.sh
Adapt memory.sh to config-suite-b
Adapt mini-client for config-suite-b.h
...
Conflicts:
ChangeLog
include/polarssl/net.h
library/Makefile
library/error.c
library/ssl_tls.c
programs/Makefile
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
tests/Makefile
2015-02-16 18:44:39 +00:00
Mansour Moufid
99b9259f76
Fix whitespace of 369e6c20
.
2015-02-16 10:43:52 +00:00
Mansour Moufid
c531b4af3c
Apply the semantic patch rm-malloc-cast.cocci.
...
for dir in library programs; do
spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
--in-place;
done
2015-02-16 10:43:52 +00:00
Mansour Moufid
bd1d44e251
Fix whitespace of 369e6c20
.
2015-02-15 17:51:07 -05:00
Mansour Moufid
369e6c20b3
Apply the semantic patch rm-malloc-cast.cocci.
...
for dir in library programs; do
spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
--in-place;
done
2015-02-15 17:49:11 -05:00
Manuel Pégourié-Gonnard
06d7519697
Fix msvc warning
2015-02-11 14:54:11 +00:00
Rich Evans
00ab47026b
cleanup library and some basic tests. Includes, add guards to includes
2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard
2a0718d947
Merge branch 'development' into dtls
...
* development: (46 commits)
Fix url again
Fix small bug in base64_encode()
Fix depend that was checked but not documented
Fix dependency that was not checked
Minor gitginore fixes
Move some ignore patterns to subdirectories
Ignore CMake/MSVC-related build files.
Re-categorize changelog entry
Fix misattribution
Minor nits with stdout/stderr.
Add cmake compatibility targets
Add script for polarssl symlink creation
Fix more stdio inclusion issues
Add debug info for cert/suite selection
Fix possible portability issue
Fix bug in ssl_get_verify_result()
aescrypt2.c local char array not initial
Update Changelog
Fix mips64 bignum implementation
Fix usage string of ssl_client2
...
Conflicts:
include/polarssl/ssl.h
library/CMakeLists.txt
library/Makefile
programs/Makefile
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
visualc/VS2010/PolarSSL.sln
visualc/VS2010/mbedTLS.vcxproj
visualc/VS6/mbedtls.dsp
visualc/VS6/mbedtls.dsw
2015-01-29 11:29:12 +00:00
Manuel Pégourié-Gonnard
860b51642d
Fix url again
2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard
e89163c0a8
Fix bug in ssl_get_verify_result()
2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard
df6411d8d8
Merge branch 'development' into dtls
...
* development:
Fix website url to use https.
Remove maintainer line.
Remove redundant "all rights reserved"
2015-01-23 11:23:08 +00:00
Manuel Pégourié-Gonnard
085ab040aa
Fix website url to use https.
2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard
9698f5852c
Remove maintainer line.
2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard
19f6b5dfaa
Remove redundant "all rights reserved"
2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard
eab72e2ced
Merge branch 'development' into dtls
...
* development:
Update copyright
Fix issue in compat.sh
Rename doxyfile
Rename to mbed TLS in tests/
Rename to mbed TLS in examples
Remove old test certificates.
Rename to mbed TLS in the documentation/comments
Change name to mbed TLS in the copyright notice
Conflicts:
doxygen/input/doc_mainpage.h
doxygen/mbedtls.doxyfile
include/polarssl/version.h
tests/compat.sh
2015-01-23 10:23:17 +00:00
Manuel Pégourié-Gonnard
a658a4051b
Update copyright
2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard
967a2a5f8c
Change name to mbed TLS in the copyright notice
2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard
67505bf9e8
Merge branch 'development' into dtls
...
* development:
Adapt tests to new defaults/errors.
Fix typos/cosmetics in Changelog
Disable RC4 by default in example programs.
Add ssl_set_arc4_support()
Set min version to TLS 1.0 in programs
Conflicts:
include/polarssl/ssl.h
library/ssl_cli.c
library/ssl_srv.c
tests/compat.sh
2015-01-21 13:57:33 +00:00
Manuel Pégourié-Gonnard
bfccdd3c92
Merge commit '36adc36' into dtls
...
* commit '36adc36':
Add support for getrandom()
Use library default for trunc-hmac in ssl_client2
Make truncated hmac a runtime option server-side
Fix portability issue in script
Specific error for suites in common but none good
Prefer SHA-1 certificates for pre-1.2 clients
Some more refactoring/tuning.
Minor refactoring
Conflicts:
include/polarssl/error.h
include/polarssl/ssl.h
library/error.c
2015-01-21 13:48:45 +00:00
Manuel Pégourié-Gonnard
0017c2be48
Merge commit '9835bc0' into dtls
...
* commit '9835bc0':
Fix racy test.
Fix stupid error in previous commit
Don't check errors on ssl_close_notify()
Fix char signedness issue
Fix issue with non-blocking I/O & record splitting
Fix warning
Conflicts:
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
2015-01-21 13:42:16 +00:00
Manuel Pégourié-Gonnard
8fbb01ec84
Merge commit 'b2eaac1' into dtls
...
* commit 'b2eaac1':
Stop assuming chars are signed
Add tests for CBC record splitting
Fix tests that were failing with record splitting
Allow disabling record splitting at runtime
Add 1/n-1 record splitting
Enhance doc on ssl_write()
Conflicts:
include/polarssl/ssl.h
programs/ssl/ssl_client2.c
programs/ssl/ssl_server2.c
2015-01-21 13:37:08 +00:00
Manuel Pégourié-Gonnard
b89c4f35a1
Fixes for the renego-option merge
2015-01-21 13:24:10 +00:00
Manuel Pégourié-Gonnard
0af1ba3521
Merge commit 'f6080b8' into dtls
...
* commit 'f6080b8':
Fix warning in reduced configs
Adapt to "negative" switch for renego
Add tests for periodic renegotiation
Make renego period configurable
Auto-renegotiate before sequence number wrapping
Update Changelog for compile-option renegotiation
Switch from an enable to a disable flag
Save 48 bytes if SSLv3 is not defined
Make renegotiation a compile-time option
Add tests for renego security enforcement
Conflicts:
include/polarssl/ssl.h
library/ssl_cli.c
library/ssl_srv.c
library/ssl_tls.c
programs/ssl/ssl_server2.c
tests/ssl-opt.sh
2015-01-21 11:54:33 +00:00
Manuel Pégourié-Gonnard
edb7ed3a43
Merge commit 'd7e2483' into dtls
...
* commit 'd7e2483': (57 commits)
Skip signature_algorithms ext if PSK only
Fix bug in ssl_client2 reconnect option
Cosmetics in ssl_server2
Improve debugging message.
Fix net_usleep for durations greater than 1 second
Use pk_load_file() in X509
Create ticket keys only if enabled
Fix typo in #ifdef
Clarify documentation a bit
Fix comment on resumption
Update comment from draft to RFC
Use more #ifdef's on CLI_C and SRV_C in ssl_tls.c
Add recursion.pl to all.sh
Allow x509_crt_verify_child() in recursion.pl
Set a compile-time limit to X.509 chain length
Fix 3DES -> DES in all.sh (+ time estimates)
Add curves.pl to all.sh
Rework all.sh to use MSan instead of valgrind
Fix depends on individual curves in tests
Add script to test depends on individual curves
...
Conflicts:
CMakeLists.txt
programs/ssl/ssl_client2.c
2015-01-20 16:52:28 +00:00
Manuel Pégourié-Gonnard
f9c8a606b5
Merge commit '8b9bcec' into dtls
...
* commit '8b9bcec':
Stop assuming chars are signed
Fix len miscalculation in buffer-based allocator
Fix NULL dereference in buffer-based allocator
Add test_suite_memory_buffer_alloc
Add memory_buffer_alloc_self_test()
Fix missing bound check
Add test for ctr_drbg_update() input sanitizing
Refactor for clearer correctness/security
Stop assuming chars are signed
Conflicts:
library/ssl_tls.c
2015-01-20 16:38:39 +00:00
Paul Bakker
5b8f7eaa3e
Merge new security defaults for programs (RC4 disabled, SSL3 disabled)
2015-01-14 16:26:54 +01:00
Paul Bakker
c82b7e2003
Merge option to disable truncated hmac on the server-side
2015-01-14 16:16:55 +01:00
Manuel Pégourié-Gonnard
a852cf4833
Fix issue with non-blocking I/O & record splitting
2015-01-13 20:56:15 +01:00
Manuel Pégourié-Gonnard
d5746b36f9
Fix warning
2015-01-13 20:33:24 +01:00
Paul Bakker
f3561154ff
Merge support for 1/n-1 record splitting
2015-01-13 16:31:34 +01:00
Paul Bakker
f6080b8557
Merge support for enabling / disabling renegotiation support at compile-time
2015-01-13 16:18:23 +01:00
Paul Bakker
d7e2483bfc
Merge miscellaneous fixes into development
2015-01-13 16:04:38 +01:00
Manuel Pégourié-Gonnard
bd47a58221
Add ssl_set_arc4_support()
...
Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting.
2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard
352143fa1e
Refactor for clearer correctness/security
2015-01-13 12:02:55 +01:00
Manuel Pégourié-Gonnard
e117a8fc0d
Make truncated hmac a runtime option server-side
...
Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
2015-01-09 12:52:20 +01:00
Manuel Pégourié-Gonnard
cfa477ef2f
Allow disabling record splitting at runtime
2015-01-07 14:56:54 +01:00
Manuel Pégourié-Gonnard
d76314c44c
Add 1/n-1 record splitting
2015-01-07 14:56:54 +01:00
Manuel Pégourié-Gonnard
837f0fe831
Make renego period configurable
2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
b445805283
Auto-renegotiate before sequence number wrapping
2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
6186019d5d
Save 48 bytes if SSLv3 is not defined
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
615e677c0b
Make renegotiation a compile-time option
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
60346be2a3
Improve debugging message.
...
This actually prints only the payload, not the potential IV and/or MAC,
so (to me at least) it's much less confusing
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard
2457fa0915
Create ticket keys only if enabled
2014-11-27 17:44:45 +01:00
Manuel Pégourié-Gonnard
d16d1cb96a
Use more #ifdef's on CLI_C and SRV_C in ssl_tls.c
2014-11-27 17:44:45 +01:00
Manuel Pégourié-Gonnard
0975ad928d
Merge branch 'etm' into dtls
...
* etm:
Fix some more warnings in reduced configs
Fix typo causing MSVC errors
2014-11-17 15:07:17 +01:00
Manuel Pégourié-Gonnard
8e4b3374d7
Fix some more warnings in reduced configs
2014-11-17 15:06:13 +01:00
Manuel Pégourié-Gonnard
e5b0fc1847
Make malloc-init script a bit happier
2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard
27e3edbe2c
Check key/cert pair in ssl_set_own_cert()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
d056ce0e3e
Use seq_num as AEAD nonce by default
2014-11-06 18:23:49 +01:00
Manuel Pégourié-Gonnard
f9d778d635
Merge branch 'etm' into dtls
...
* etm:
Fix warning in reduced config
Update Changelog for EtM
Keep EtM state across renegotiations
Adjust minimum length for EtM
Don't send back EtM extension if not using CBC
Fix for the RFC erratum
Implement EtM
Preparation for EtM
Implement initial negotiation of EtM
Conflicts:
include/polarssl/check_config.h
2014-11-06 01:36:32 +01:00
Manuel Pégourié-Gonnard
56d985d0a6
Merge branch 'session-hash' into dtls
...
* session-hash:
Update Changelog for session-hash
Make session-hash depend on TLS versions
Forbid extended master secret with SSLv3
compat.sh: allow git version of gnutls
compat.sh: make options a bit more robust
Implement extended master secret
Add negotiation of Extended Master Secret
Conflicts:
include/polarssl/check_config.h
programs/ssl/ssl_server2.c
2014-11-06 01:25:09 +01:00
Manuel Pégourié-Gonnard
9d7821d774
Fix warning in reduced config
2014-11-06 01:19:52 +01:00
Manuel Pégourié-Gonnard
fedba98ede
Merge branch 'fb-scsv' into dtls
...
* fb-scsv:
Update Changelog for FALLBACK_SCSV
Implement FALLBACK_SCSV server-side
Implement FALLBACK_SCSV client-side
2014-11-05 16:12:09 +01:00
Manuel Pégourié-Gonnard
1a03473576
Keep EtM state across renegotiations
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
169dd6a514
Adjust minimum length for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
08558e5b46
Fix for the RFC erratum
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
313d796e80
Implement EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
0098e7dc70
Preparation for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
699cafaea2
Implement initial negotiation of EtM
...
Not implemented yet:
- actually using EtM
- conditions on renegotiation
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
ada3030485
Implement extended master secret
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
1cbd39dbeb
Implement FALLBACK_SCSV client-side
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
367381fddd
Add negotiation of Extended Master Secret
...
(But not the actual thing yet.)
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
6b875fc7e5
Fix potential memory leak (from clang-analyzer)
2014-10-21 16:33:00 +02:00
Manuel Pégourié-Gonnard
df3acd82e2
Limit HelloRequest retransmission if not enforced
2014-10-21 16:32:58 +02:00
Manuel Pégourié-Gonnard
26a4cf63ec
Add retransmission of HelloRequest
2014-10-21 16:32:57 +02:00
Manuel Pégourié-Gonnard
74a1378175
Avoid false positive in ssl-opt.sh with memcheck
2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard
8e704f0f74
DTLS depends on TIMING_C for now
2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard
b0643d152d
Add ssl_set_dtls_badmac_limit()
2014-10-21 16:32:55 +02:00
Manuel Pégourié-Gonnard
9b35f18f66
Add ssl_get_record_expansion()
2014-10-21 16:32:55 +02:00
Manuel Pégourié-Gonnard
37e08e1689
Fix max_fragment_length with DTLS
2014-10-21 16:32:53 +02:00
Manuel Pégourié-Gonnard
23cad339c4
Fail cleanly on unhandled case
2014-10-21 16:32:52 +02:00
Manuel Pégourié-Gonnard
fc572dd4f6
Retransmit only on last message from prev flight
...
Be a good network citizen, try to avoid causing congestion by causing a
retransmission explosion.
2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard
8a7cf2543a
Add a few #ifdefs
2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard
ba958b8bdc
Add test for server-initiated renego
...
Just assuming the HelloRequest isn't lost for now
2014-10-21 16:32:50 +02:00
Manuel Pégourié-Gonnard
46fb942046
Fix warning about function that should be static
2014-10-21 16:32:49 +02:00
Manuel Pégourié-Gonnard
f1e9b09a0c
Fix missing #ifdef's
2014-10-21 16:32:48 +02:00
Manuel Pégourié-Gonnard
4e2f245752
Fix timer issues
...
- timer not firing when constantly receiving bad messages
- timer not reset on failed reads
- timer incorrectly restarted on resend during read
2014-10-21 16:32:47 +02:00
Manuel Pégourié-Gonnard
df9a0a8460
Drop unexpected ApplicationData
...
This is likely to happen on resumption if client speaks first at the
application level.
2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard
6b65141718
Implement ssl_read() timeout (DTLS only for now)
2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard
2707430a4d
Fix types and comments about read_timeout
2014-10-21 16:32:45 +02:00
Manuel Pégourié-Gonnard
6c1fa3a184
Fix misplaced initialisation of timeout
2014-10-21 16:32:45 +02:00
Manuel Pégourié-Gonnard
c8d8e97cbd
Move to milliseconds in recv_timeout()
2014-10-21 16:32:44 +02:00
Manuel Pégourié-Gonnard
905dd2425c
Add ssl_set_handshake_timeout()
2014-10-21 16:32:43 +02:00
Manuel Pégourié-Gonnard
0ac247fd88
Implement timeout back-off (fixed range for now)
2014-10-21 16:32:43 +02:00
Manuel Pégourié-Gonnard
7de3c9eecb
Count timeout per flight, not per message
2014-10-21 16:32:41 +02:00
Manuel Pégourié-Gonnard
db2858ce96
Preparation for timers
...
Currently directly using timing.c, plan to use callbacks later to loosen
coupling, but first just get things working.
2014-10-21 16:32:41 +02:00
Manuel Pégourié-Gonnard
08a1d4bce1
Fix bug with client auth with DTLS
2014-10-21 16:32:39 +02:00
Manuel Pégourié-Gonnard
23b7b703aa
Fix issue with renego & resend
2014-10-21 16:32:38 +02:00
Manuel Pégourié-Gonnard
2739313cea
Make anti-replay a runtime option
2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard
8464a46b6b
Make DTLS_ANTI_REPLAY depends on PROTO_DTLS
2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard
246c13a05f
Fix epoch checking
2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard
b47368a00a
Add replay detection
2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard
4956fd7437
Test and fix anti-replay functions
2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard
7a7e140d4e
Add functions for replay protection
2014-10-21 16:32:33 +02:00
Manuel Pégourié-Gonnard
ea22ce577e
Rm unneeded counter increment with DTLS
2014-10-21 16:32:33 +02:00
Manuel Pégourié-Gonnard
abf16240dd
Add ability to resend last flight
2014-10-21 16:32:31 +02:00
Manuel Pégourié-Gonnard
767c69561b
Drop out-of-sequence ChangeCipherSpec messages
2014-10-21 16:32:29 +02:00
Manuel Pégourié-Gonnard
93017de47e
Minor optim: don't resend on duplicated HVR
2014-10-21 16:32:29 +02:00
Manuel Pégourié-Gonnard
c715aed744
Fix epoch swapping
2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard
6a2bdfaf73
Actually resend flights
2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard
5d8ba53ace
Expand and fix resend infrastructure
2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard
ffa67be698
Infrastructure for buffering & resending flights
2014-10-21 16:32:27 +02:00
Manuel Pégourié-Gonnard
8fa6dfd560
Introduce f_recv_timeout callback
2014-10-21 16:32:26 +02:00
Manuel Pégourié-Gonnard
e6bdc4497c
Merge I/O contexts into one
2014-10-21 16:32:25 +02:00
Manuel Pégourié-Gonnard
ca6440b246
Small cleanups in parse_finished()
2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard
624bcb5260
No memmove: done, rm temporary things
2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard
f49a7daa1a
No memmove: ssl_parse_certificate()
2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard
4abc32734e
No memmove: ssl_parse_finished()
2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard
f899583f94
Prepare moving away from memmove() on incoming HS
2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard
4a1753657c
Fix missing return in error check
2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard
63eca930d7
Drop invalid records with DTLS
2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard
167a37632d
Split two functions out of ssl_read_record()
2014-10-21 16:30:27 +02:00
Manuel Pégourié-Gonnard
990f9e428a
Handle late handshake messages gracefully
2014-10-21 16:30:26 +02:00
Manuel Pégourié-Gonnard
60ca5afaec
Drop records from wrong epoch
2014-10-21 16:30:25 +02:00
Manuel Pégourié-Gonnard
1aa586e41d
Check handshake message_seq field
2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard
9d1d7196e4
Check length before reading handshake header
2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard
d9ba0d96b6
Prepare for checking incoming handshake seqnum
2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard
ac03052f22
Fix segfault with some very short fragments
2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard
64dffc5d14
Make handshake reassembly work with openssl
2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard
502bf30fb5
Handle reassembly of handshake messages
...
Works only with GnuTLS for now, OpenSSL packs other records in the same
datagram after the last fragmented one, which we don't handle yet.
Also, ssl-opt.sh fails the tests with valgrind for now: we're so slow with
valgrind that gnutls-serv retransmits some messages, and we don't handle
duplicated messages yet.
2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard
ed79a4bb14
Prepare for DTLS handshake reassembly
2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard
edcbe549fd
Reorder checks in ssl_read_record
2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard
0557bd5fa4
Fix message_seq with server-initiated renego
2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard
c392b240c4
Fix server-initiated renegotiation with DTLS
2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard
30d16eb429
Fix client-initiated renegotiation with DTLS
2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard
7d38d215b1
Allow disabling HelloVerifyRequest
2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard
d485d194f9
Move to a callback interface for DTLS cookies
2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard
82202f0a9c
Make DTLS_HELLO_VERIFY a compile option
2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard
98545f128a
Generate random key for HelloVerifyRequest
2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard
43c021874d
Add ssl_set_client_transport_id()
2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard
879a4f9623
Abort on DTLS epoch wrap
2014-10-21 16:30:12 +02:00
Manuel Pégourié-Gonnard
805e2300af
Fix error message and return code
2014-10-21 16:30:12 +02:00
Manuel Pégourié-Gonnard
67427c07b2
Fix checksum computation with HelloVerifyRequest
2014-10-21 16:30:11 +02:00
Manuel Pégourié-Gonnard
74848811b4
Implement HelloVerifyRequest on client
2014-10-21 16:30:11 +02:00
Manuel Pégourié-Gonnard
b2f3be8757
Support multiple records in one datagram
2014-10-21 16:30:10 +02:00
Manuel Pégourié-Gonnard
34c1011b3d
Fix a few warnings in reduced configs
2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard
fe98aceb70
Adapt ssl_fetch_input() for UDP
2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard
e89bcf05da
Write new DTLS handshake fields correctly
2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard
ce441b3442
Add space for new DTLS fields in handshake
2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard
a59543af30
Minor refactoring in ssl_read_record()
2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard
f302fb52e1
Fix hmac computation for DTLS
2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard
5afb167e2c
Implement DTLS epochs
2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard
0619348288
Add explicit counter in DTLS record header
2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard
507e1e410a
Prep: allow {in,out}_len != {in,out}_hdr + 3
2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard
7ee6f0e6e5
Preparation: allow {in,out}_ctr != {in,out}_buf
2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard
abc7e3b4ba
Handle DTLS version encoding and fix some checks
2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard
864a81fdc0
More ssl_set_XXX() functions can return BAD_INPUT
2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard
b21ca2a69f
Adapt version-handling functions to DTLS
2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard
0b1ff29328
Add basic flags for DTLS
2014-10-21 16:30:03 +02:00
Paul Bakker
82788fb63b
Fix minor style issues
2014-10-20 13:59:19 +02:00
Manuel Pégourié-Gonnard
a13500fdf7
Fix bug with ssl_close_notify and non-blocking I/O
2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard
f07f421759
Fix server-initiated renego with non-blocking I/O
2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard
6591962f06
Allow delay on renego on client
...
Currently unbounded: will be fixed later
2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard
f26a1e8602
ssl_read() stops returning non-application data
2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard
55e4ff2ace
Tune comments
2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard
8d4ad07706
SHA-2 ciphersuites now require TLS 1.x
2014-08-14 11:34:34 +02:00
Paul Bakker
968afaa06f
ssl_key_cert not available in all configurations
2014-07-09 11:34:48 +02:00
Paul Bakker
84bbeb58df
Adapt cipher and MD layer with _init() and _free()
2014-07-09 10:19:24 +02:00
Paul Bakker
accaffe2c3
Restructure ssl_handshake_init() and small fixes
2014-07-09 10:19:24 +02:00
Paul Bakker
8f870b047c
Add dhm_init()
2014-07-09 10:19:23 +02:00
Paul Bakker
5b4af39a36
Add _init() and _free() for hash modules
2014-07-09 10:19:23 +02:00
Paul Bakker
c7ea99af4f
Add _init() and _free() for cipher modules
2014-07-09 10:19:22 +02:00
Paul Bakker
8fb99abaac
Merge changes for leaner memory footprint
2014-07-04 15:02:19 +02:00
Manuel Pégourié-Gonnard
481fcfde93
Make PSK_LEN configurable and adjust PMS size
2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard
a9964dbcd5
Add ssl_set_renegotiation_enforced()
2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard
dd0c0f33c0
Better usage of dhm_calc_secret in SSL
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
8df68632e8
Fix bug in DHE-PSK PMS computation
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
03576887c2
Remove misplaced debugging message
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
eaa76f7e20
Fix computation of minlen for encrypted packets
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
e800cd81d7
Re-arrange some code in ssl_derive_keys()
2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
0bcc4e1df7
Fix length checking for AEAD ciphersuites
2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard
4d2a8eb6ff
SSL modules now using x509_crt_parse_der()
...
Avoid uselessly trying to decode PEM.
2014-06-23 11:54:57 +02:00
Paul Bakker
66d5d076f7
Fix formatting in various code to match spacing from coding style
2014-06-17 17:06:47 +02:00
Paul Bakker
d8bb82665e
Fix code styling for return statements
2014-06-17 14:06:49 +02:00
Paul Bakker
3461772559
Introduce polarssl_zeroize() instead of memset() for zeroization
2014-06-14 16:46:03 +02:00
Manuel Pégourié-Gonnard
7792198a46
Normalize some error messages
2014-06-12 21:15:44 +02:00
Peter Vaskovic
c2bbac968b
Fix misplaced parenthesis.
2014-05-28 11:06:31 +02:00
Paul Bakker
b5212b436f
Merge CCM cipher mode and ciphersuites
...
Conflicts:
library/ssl_tls.c
2014-05-22 15:30:31 +02:00
Manuel Pégourié-Gonnard
8ff17c544c
Add missing DEBUG_RET on cipher failures
2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard
61edffef28
Normalize "should never happen" messages/errors
2014-05-22 13:52:47 +02:00
Manuel Pégourié-Gonnard
2e5ee32033
Implement CCM and CCM_8 ciphersuites
2014-05-20 16:29:34 +02:00
Manuel Pégourié-Gonnard
5efd772ef0
Small readability improvement
2014-05-14 14:10:37 +02:00
Manuel Pégourié-Gonnard
de7bb44004
Use cipher_auth_{en,de}crypt() in ssl_tls.c
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
8764d271fa
Use cipher_crypt() in ssl_tls.c
2014-05-14 14:10:36 +02:00
Paul Bakker
b9e4e2c97a
Fix formatting: fix some 'easy' > 80 length lines
2014-05-01 14:18:25 +02:00
Paul Bakker
9af723cee7
Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
2014-05-01 13:03:14 +02:00
Paul Bakker
2a024ac86a
Merge dependency fixes
2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard
cef4ad2509
Adapt sources to configurable config.h name
2014-04-30 16:40:20 +02:00
Paul Bakker
1a1fbba1ae
Sanity length checks in ssl_read_record() and ssl_fetch_input()
...
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
2014-04-30 14:48:51 +02:00
Manuel Pégourié-Gonnard
3a306b9067
Fix misplaced #endif in ssl_tls.c
2014-04-29 15:11:17 +02:00
Paul Bakker
61885c7f7f
Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
...
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
2014-04-25 12:59:51 +02:00
Paul Bakker
93389cc620
Remove const indicator
2014-04-17 14:44:38 +02:00
Manuel Pégourié-Gonnard
0408fd1fbb
Add extendedKeyUsage checking in SSL modules
2014-04-11 11:09:09 +02:00
Paul Bakker
d6ad8e949b
Make ssl_check_cert_usage() dependent on POLARSSL_X509_CRT_PARSE_C
2014-04-09 17:24:14 +02:00
Paul Bakker
a77de8c841
Prevent warnings in ssl_check_cert_usage() if keyUsage checks are off
2014-04-09 16:39:35 +02:00
Manuel Pégourié-Gonnard
a9db85df73
Add tests for keyUsage with client auth
2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
7f2a07d7b2
Check keyUsage in SSL client and server
2014-04-09 15:50:57 +02:00
Paul Bakker
0763a401a7
Merged support for the ALPN extension
2014-04-08 14:37:12 +02:00
Paul Bakker
4224bc0a4f
Prevent potential NULL pointer dereference in ssl_read_record()
2014-04-08 14:36:50 +02:00
Manuel Pégourié-Gonnard
0b874dc580
Implement ALPN client-side
2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard
7e250d4812
Add ALPN interface
2014-04-04 17:10:40 +02:00
Paul Bakker
77f4f39ea6
Make sure no random pointer occur during failed malloc()'s
2014-03-26 15:30:20 +01:00
Paul Bakker
91c61bc4fd
Further tightened the padlen check to prevent underflow / overflow
2014-03-26 15:14:20 +01:00
Manuel Pégourié-Gonnard
b2bf5a1bbb
Fix possible buffer overflow with PSK
2014-03-26 12:58:50 +01:00
Paul Bakker
3d6504a935
ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr
2014-03-17 13:41:51 +01:00
Manuel Pégourié-Gonnard
83cdffc437
Forbid sequence number wrapping
2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
796c6f3aff
Countermeasure against "triple handshake" attack
2014-03-13 19:25:06 +01:00
Paul Bakker
7dc4c44267
Library files moved to use platform layer
2014-02-06 13:20:16 +01:00
Manuel Pégourié-Gonnard
ab24010b54
Enforce our choice of allowed curves.
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
7f38ed0bfa
ssl_set_curves is no longer ECDHE only
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
ac7194133e
Renamings and other fixes
2014-02-06 10:28:38 +01:00
Gergely Budai
e40c469ad3
The default ECDH curve list will be dynamically built in the ecp module based on ecp_supported_curves[].
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
de05390c85
Rename ecdh_curve_list to curve_list
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
5de2580563
Make ssl_set_ecdh_curves() a compile-time option
2014-02-06 10:28:38 +01:00
Gergely Budai
987bfb510b
Added the possibility to define the allowed curves for ECDHE handshake. It also defines the preference of the curves.
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
7c59363a85
Remove a few dead stores
2014-01-22 13:02:39 +01:00
Manuel Pégourié-Gonnard
7cfdcb8c7f
Add a length check in ssl_derive_keys()
2014-01-22 12:56:22 +01:00
Paul Bakker
6992eb762c
Fixed potential overflow in certificate size in ssl_write_certificate()
2013-12-31 11:38:33 +01:00
Paul Bakker
956c9e063d
Reduced the input / output overhead with 200+ bytes and covered corner
...
case
The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.
Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.
We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
2013-12-30 15:00:51 +01:00
Paul Bakker
1e5369c7fa
Variables in proper block or within proper defines in ssl_decrypt_buf()
2013-12-19 16:40:57 +01:00
Paul Bakker
fdf946928d
Merged support for ECDH-RSA / ECDH-ECDSA key exchanges and ciphersuites
2013-12-17 13:10:27 +01:00
Paul Bakker
77e257e958
Fixed bad check for maximum size of fragment length index
2013-12-17 13:09:12 +01:00
Paul Bakker
6f0636a09f
Potential memory leak in ssl_ticket_keys_init()
2013-12-17 13:09:12 +01:00
Manuel Pégourié-Gonnard
d18cc57962
Add client-side support for ECDH key exchanges
2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard
c72ac7c3ef
Fix SSLv3 handling of SHA-384 suites
...
Fixes memory corruption, introduced in
a5bdfcd
(Relax some SHA2 ciphersuite's version requirements)
2013-12-17 10:18:25 +01:00
Manuel Pégourié-Gonnard
dc953e8c41
Add missing defines/cases for RSA_PSK key exchange
2013-11-26 15:19:57 +01:00
Paul Bakker
08b028ff0f
Prevent unlikely NULL dereference
2013-11-19 10:42:37 +01:00
Paul Bakker
0333b978fa
Handshake key_cert should be set on first addition to the key_cert chain
2013-11-04 17:08:28 +01:00
Paul Bakker
993e386a73
Merged renegotiation refactoring
2013-10-31 14:32:38 +01:00
Paul Bakker
37ce0ff185
Added defines around renegotiation code for SSL_SRV and SSL_CLI
2013-10-31 14:32:04 +01:00
Manuel Pégourié-Gonnard
31ff1d2e4f
Safer buffer comparisons in the SSL modules
2013-10-31 14:23:12 +01:00
Manuel Pégourié-Gonnard
6d8404d6ba
Server: enforce renegotiation
2013-10-30 16:48:10 +01:00
Manuel Pégourié-Gonnard
9c1e1898b6
Move some code around, improve documentation
2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard
214eed38c7
Make ssl_renegotiate the only interface
...
ssl_write_hello_request() is no private
2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard
caed0541a0
Allow ssl_renegotiate() to be called in a loop
...
Previously broken if waiting for network I/O in the middle of a re-handshake
initiated by the client.
2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard
e5e1bb972c
Fix misplaced initialisation
2013-10-30 16:46:46 +01:00
Manuel Pégourié-Gonnard
f3dc2f6a1d
Add code for testing server-initiated renegotiation
2013-10-30 16:46:46 +01:00
Paul Bakker
6edcd41c0a
Addition conditions for UEFI environment under MSVC
2013-10-29 15:44:13 +01:00
Paul Bakker
fa6a620b75
Defines for UEFI environment under MSVC added
2013-10-29 14:05:38 +01:00
Manuel Pégourié-Gonnard
a8a25ae1b9
Fix bad error codes
2013-10-27 13:48:15 +01:00
Manuel Pégourié-Gonnard
7109624aef
Skip MAC computation/check when GCM is used
2013-10-25 19:31:25 +02:00
Manuel Pégourié-Gonnard
8866591cc5
Don't special-case NULL cipher in ssl_tls.c
2013-10-25 18:42:44 +02:00
Manuel Pégourié-Gonnard
126a66f668
Simplify switching on mode in ssl_tls.c
2013-10-25 18:33:32 +02:00
Manuel Pégourié-Gonnard
8d01eea7af
Add Camellia-GCM ciphersuites
2013-10-25 16:46:05 +02:00
Paul Bakker
f34673e37b
Merged RSA-PSK key-exchange and ciphersuites
2013-10-15 12:46:41 +02:00
Paul Bakker
376e8153a0
Merged ECDHE-PSK ciphersuites
2013-10-15 12:45:36 +02:00
Manuel Pégourié-Gonnard
8a3c64d73f
Fix and simplify *-PSK ifdef's
2013-10-14 19:54:10 +02:00
Manuel Pégourié-Gonnard
0fae60bb71
Implement RSA-PSK key exchange
2013-10-14 19:34:48 +02:00
Paul Bakker
b9cfaa0c7f
Explicit conversions and minor changes to prevent MSVC compiler warnings
2013-10-14 15:50:40 +02:00
Manuel Pégourié-Gonnard
1b62c7f93d
Fix dependencies and related issues
2013-10-14 14:02:19 +02:00
Manuel Pégourié-Gonnard
bd1ae24449
Factor PSK pms computation to ssl_tls.c
2013-10-14 13:17:36 +02:00
Manuel Pégourié-Gonnard
3ce3bbdc00
Add support for ECDHE_PSK key exchange
2013-10-11 18:16:35 +02:00
Paul Bakker
beccd9f226
Explicit void pointer cast for buggy MS compiler
2013-10-11 15:20:27 +02:00
Paul Bakker
1677033bc8
TLS compression only allocates working buffer once
2013-10-11 09:59:44 +02:00
Paul Bakker
ca9c87ed2b
Removed possible cache-timing difference for pad check
2013-09-25 18:52:37 +02:00
Manuel Pégourié-Gonnard
8372454615
Rework SNI to fix memory issues
2013-09-24 22:30:56 +02:00
Manuel Pégourié-Gonnard
705fcca409
Adapt support for SNI to recent changes
2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
d09453c88c
Check our ECDSA cert(s) against supported curves
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
f71e587c5e
Fix memory leak in ssl cipher usage
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
3ebb2cdb52
Add support for multiple server certificates
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
834ea8587f
Change internal structs for multi-cert support
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
1a483833b3
SSL_TLS doesn't depend on PK any more
...
(But PK does depend on RSA or ECP.)
2013-09-20 12:29:15 +02:00
Paul Bakker
5ad403f5b5
Prepared for 1.3.0 RC0
2013-09-18 21:21:30 +02:00
Paul Bakker
6db455e6e3
PSK callback added to SSL server
2013-09-18 21:14:58 +02:00
Manuel Pégourié-Gonnard
a310459f5c
Fix a few things that broke with RSA compiled out
2013-09-18 15:37:44 +02:00
Paul Bakker
b6b0956631
Rm of memset instead of x509_crt_init()
2013-09-18 14:32:52 +02:00
Paul Bakker
c559c7a680
Renamed x509_cert structure to x509_crt for consistency
2013-09-18 14:32:52 +02:00
Paul Bakker
ddf26b4e38
Renamed x509parse_* functions to new form
...
e.g. x509parse_crtfile -> x509_crt_parse_file
2013-09-18 13:46:23 +02:00
Paul Bakker
7c6b2c320e
Split up X509 files into smaller modules
2013-09-16 21:41:54 +02:00
Paul Bakker
2292d1fad0
Fixed warnings in case POLARSSL_X509_PARSE_C is not defined
2013-09-15 17:06:49 +02:00
Manuel Pégourié-Gonnard
f7dc378ead
Make CBC an option, step 1: ssl ciphersuites
2013-09-13 15:37:03 +02:00
Manuel Pégourié-Gonnard
bfb355c33b
Fix memory leak on missed session reuse
2013-09-08 20:08:36 +02:00
Manuel Pégourié-Gonnard
d13a4099dd
GCM ciphersuites using only cipher layer
2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard
b8bd593741
Restrict cipher_update() for GCM
2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard
226d5da1fc
GCM ciphersuites partially using cipher layer
2013-09-05 17:06:10 +02:00
Paul Bakker
45125bc160
Changes to handle merged enhancements
2013-09-04 16:48:22 +02:00
Paul Bakker
ea6ad3f6e5
ARC4 ciphersuites using only cipher layer
2013-09-02 14:57:01 +02:00
Paul Bakker
cca5b81d18
All CBC ciphersuites via the cipher layer
2013-08-31 17:40:26 +02:00
Paul Bakker
da02a7f45e
AES_CBC ciphersuites now run purely via cipher layer
2013-08-31 17:25:14 +02:00
Manuel Pégourié-Gonnard
c852a68b96
More robust selection of ctx_enc size
2013-08-28 13:13:30 +02:00
Paul Bakker
577e006c2f
Merged ECDSA-based key-exchange and ciphersuites into development
...
Conflicts:
include/polarssl/config.h
library/ssl_cli.c
library/ssl_srv.c
library/ssl_tls.c
2013-08-28 11:58:40 +02:00
Manuel Pégourié-Gonnard
2fb15f694c
Un-rename ssl_set_own_cert_alt()
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
a20c58c6f1
Use convert functions for SSL_SIG_* and SSL_HASH_*
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
0d42049440
Merge code for RSA and ECDSA in SSL
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
070cc7fd21
Use the new PK RSA-alt interface
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
8df2769178
Introduce pk_sign() and use it in ssl
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
ac75523593
Adapt ssl_set_own_cert() to generic keys
2013-08-27 22:21:20 +02:00
Paul Bakker
0be444a8b1
Ability to disable server_name extension (RFC 6066)
2013-08-27 21:55:01 +02:00
Paul Bakker
d2f068e071
Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually
2013-08-27 21:19:20 +02:00
Paul Bakker
fb08fd2e23
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
2013-08-27 15:06:54 +02:00
Manuel Pégourié-Gonnard
38d1eba3b5
Move verify_result from ssl_context to session
2013-08-26 14:26:02 +02:00
Paul Bakker
75c1a6f97c
Fixed potential heap buffer overflow on large hostname setting
2013-08-19 14:25:29 +02:00
Paul Bakker
5fd4917d97
Add missing ifdefs in ssl modules
2013-08-19 13:30:28 +02:00
Paul Bakker
1f2bc6238b
Made support for the truncated_hmac extension configurable
2013-08-15 13:45:55 +02:00
Paul Bakker
05decb24c3
Made support for the max_fragment_length extension configurable
2013-08-15 13:33:48 +02:00
Paul Bakker
606b4ba20f
Session ticket expiration checked on server
2013-08-15 11:42:48 +02:00
Paul Bakker
a503a63b85
Made session tickets support configurable from config.h
2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard
56dc9e8bba
Authenticate session tickets.
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
990c51a557
Encrypt session tickets
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
779e42982c
Start adding ticket keys (only key_name for now)
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
aa0d4d1aff
Add ssl_set_session_tickets()
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
06650f6a37
Fix reusing session more than once
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
c086cce3d3
Don't cache empty session ID nor resumed session
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
7cd5924cec
Rework NewSessionTicket handling in state machine
...
Fixes bug: NewSessionTicket was ommited in resumed sessions.
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
7a358b8580
ssl_srv: write & parse session ticket ext & msg
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
a5cc6025e7
Parse NewSessionTicket message
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
75d440192c
Introduce ticket field in session structure
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
5f280cc6cf
Implement saving peer cert as part of session.
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
747180391d
Add ssl_get_session() to save session on client
2013-08-14 14:08:03 +02:00
Paul Bakker
8c1ede655f
Changed prototype for ssl_set_truncated_hmac() to allow disabling
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
277f7f23e2
Implement hmac truncation
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e980a994f0
Add interface for truncated hmac
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e048b67d0a
Misc minor fixes
...
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c
Move negotiated max fragment length to session
...
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
581e6b6d6c
Prepare migrating max fragment length to session
...
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
2013-07-18 12:32:27 +02:00
Manuel Pégourié-Gonnard
6b4f237f6a
Forbid setting max_frag_len > MAX_CONTENT_LEN
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
30dc7ef3ad
Reset max_fragment_length in ssl_session_reset()
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
787b658bb3
Implement max_frag_len write restriction
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
8b46459ae5
Add ssl_set_max_frag_len()
2013-07-18 11:18:13 +02:00
Paul Bakker
61d113bb7b
Init and free new contexts in the right place for SSL to prevent
...
memory leaks
2013-07-16 17:48:58 +02:00
Paul Bakker
fa9b10050b
Also compiles / runs without time-based functions in OS
...
Can now run without need of time() / localtime() and gettimeofday()
2013-07-03 17:22:32 +02:00
Paul Bakker
6e339b52e8
Memory-allocation abstraction layer and buffer-based allocator added
2013-07-03 17:22:31 +02:00
Paul Bakker
abf2f8fcf9
zlib compression/decompression skipped on empty blocks
2013-06-30 14:57:46 +02:00
Paul Bakker
e5bffc319d
Removed redundant includes
2013-06-30 14:53:06 +02:00
Paul Bakker
d2681d82e2
Renamed sha2.{c,h} to sha256.{c,h} and sha4.{c,h} to sha512.{c,h}
2013-06-30 14:49:12 +02:00
Paul Bakker
9e36f0475f
SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
...
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
2013-06-30 14:34:05 +02:00
Paul Bakker
2fbefde1d8
Client and server now filter sent and accepted ciphersuites on minimum
...
and maximum protocol version
2013-06-29 18:35:40 +02:00
Paul Bakker
b6c5d2e1a6
Cleanup up non-prototyped functions (static) and const-correctness
...
More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code.
2013-06-25 16:25:17 +02:00
Paul Bakker
90995b5ce3
Added mechanism to provide alternative cipher / hash implementations
...
All symmetric cipher algorithms and hash algorithms now include support
for a POLARSSL_XXX_ALT flag that prevents the definition of the
algorithm context structure and all 'core' functions.
(cherry picked from commit 4087c47043
)
2013-06-25 15:06:51 +02:00
Paul Bakker
89ecb2d074
ssl_parse_certificate() now calls x509parse_crt_der() directly
...
(cherry picked from commit 1922a4e6aa
)
2013-06-24 19:09:25 +02:00
Paul Bakker
3c2122ff9d
Fixed const correctness issues that have no impact on the ABI
...
(cherry picked from commit eae09db9e5
)
Conflicts:
library/gcm.c
2013-06-24 19:09:24 +02:00
Paul Bakker
48f7a5d724
DHE-PSK based ciphersuite support added and cleaner key exchange based
...
code selection
The base RFC 4279 DHE-PSK ciphersuites are now supported and added.
The SSL code cuts out code not relevant for defined key exchange methods
2013-04-19 20:47:26 +02:00
Paul Bakker
ed27a041e4
More granular define selections within code to allow for smaller code
...
sizes
2013-04-18 23:12:34 +02:00
Paul Bakker
d4a56ec6bf
Added pre-shared key handling for the client side of SSL / TLS
...
Client side handling of the pure PSK ciphersuites is now in the base
code.
2013-04-18 23:12:33 +02:00
Paul Bakker
f7abd422dc
Removed extra spaces on end of lines
2013-04-16 18:09:45 +02:00
Paul Bakker
8f4ddaeea9
Ability to specify allowed ciphersuites based on the protocol version.
...
The ciphersuites parameter in the ssl_session structure changed from
'int *' to 'int *[4]'.
The new function ssl_set_ciphersuite_for_version() sets specific entries
inside this array. ssl_set_ciphersuite() sets all entries to the same
value.
(cherry picked from commit a62729888b
)
Conflicts:
ChangeLog
library/ssl_srv.c
library/ssl_tls.c
2013-04-16 18:09:45 +02:00
Paul Bakker
b7149bcc90
Corrected behaviour for CBC-based suites using the SHA384 MAC and PRF
2013-03-20 15:30:09 +01:00
Paul Bakker
41c83d3f67
Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS
...
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
2013-03-20 14:39:14 +01:00
Paul Bakker
68884e3c09
Moved to advanced ciphersuite representation and more dynamic SSL code
2013-03-13 14:48:32 +01:00
Paul Bakker
c9118b433b
Renamed hash structures to ctx
2013-03-13 11:48:39 +01:00
Paul Bakker
92be97b8e6
Align data with future location based on IV size
2013-03-13 11:46:00 +01:00
Paul Bakker
07eb38ba31
Update ssl_hw_record_init() to receive keylen, ivlen and maclen as well
...
Added ssl_hw_record_activate()
2013-03-13 11:44:40 +01:00
Paul Bakker
c7878113cb
Do not set done in case of a fall-through
2013-03-13 11:44:40 +01:00
Paul Bakker
5bd422937a
Reverted commit 186751d9dd
and made out_hdr and out_msg back-to-back again
2013-03-13 11:44:40 +01:00
Paul Bakker
926c8e49fe
Fixed possible NULL pointer exception in ssl_get_ciphersuite()
2013-03-06 18:01:03 +01:00
Paul Bakker
e47b34bdc8
Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
...
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.
The additional MAC checks further straighten out the timing differences.
2013-02-27 14:48:00 +01:00
Paul Bakker
86f04f400b
Fixed comment
2013-02-14 11:20:09 +01:00
Paul Bakker
c0463502ff
Fixed memory leak in ssl_free() and ssl_reset() for active session
2013-02-14 11:19:38 +01:00
Paul Bakker
40865c8e5d
Added sending of alert messages in case of decryption failures as per RFC
...
The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder.
2013-02-02 19:04:13 +01:00
Paul Bakker
d66f070d49
Disable debug messages that can introduce a timing side channel.
...
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
2013-02-02 19:04:13 +01:00
Paul Bakker
4582999be6
Fixed timing difference resulting from badly formatted padding.
2013-02-02 19:04:13 +01:00
Paul Bakker
1961b709d8
Added ssl_handshake_step() to allow single stepping the handshake
...
process
Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted.
2013-01-25 14:49:24 +01:00
Paul Bakker
769075dfb6
Fixed dependency on POLARSSL_SHA4_C in ssl modules
2012-11-24 11:26:46 +01:00
Paul Bakker
645ce3a2b4
- Moved ciphersuite naming scheme to IANA reserved names
2012-10-31 12:32:41 +00:00
Paul Bakker
b0550d90c9
- Added ssl_get_peer_cert() to SSL API
2012-10-30 07:51:03 +00:00
Paul Bakker
23f3680898
- Added proper support for TLS 1.2 signature_algorithm extension on server
...
side
- Minor const changes to other extension parsing functions
2012-09-28 14:15:14 +00:00
Paul Bakker
1d29fb5e33
- Added option to add minimum accepted SSL/TLS protocol version
2012-09-28 13:28:45 +00:00
Paul Bakker
62f2deef8b
- Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS
2012-09-28 07:31:51 +00:00
Paul Bakker
915275ba78
- Revamped x509_verify() and the SSL f_vrfy callback implementations
2012-09-28 07:10:55 +00:00
Paul Bakker
5701cdcd02
- Added ServerName extension parsing (SNI) at server side
2012-09-27 21:49:42 +00:00
Paul Bakker
eb2c658163
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
2012-09-27 19:15:01 +00:00
Paul Bakker
0a59707523
- Added simple SSL session cache implementation
...
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
Paul Bakker
d0f6fa7bdc
- Sending of handshake_failures during renegotiation added
...
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker
48916f9b67
- Added Secure Renegotiation (RFC 5746)
2012-09-16 19:57:18 +00:00
Paul Bakker
5f70b25c9b
- Correctly handle SHA256 ciphersuites in SSLv3
...
- Moved ssl3_prf to separate function (no exceptions)
2012-09-13 14:23:06 +00:00
Paul Bakker
b68cad6cc7
- Made cipersuites in ssl context const (no intention to modify)
...
- Adjusted ssl_set_ciphersuites() to match
2012-08-23 08:34:18 +00:00
Paul Bakker
2770fbd651
- Added DEFLATE compression support as per RFC3749 (requires zlib)
2012-07-03 13:30:23 +00:00
Paul Bakker
186751d9dd
- Moved out_msg to out_hdr + 32 to support hardware acceleration
2012-05-08 13:16:14 +00:00
Paul Bakker
05ef835b6a
- Added support for Hardware Acceleration hooking in SSL/TLS
2012-05-08 09:17:57 +00:00
Paul Bakker
380da53c48
- Abstracted checksum updating during handshake
2012-04-18 16:10:25 +00:00
Paul Bakker
ca4ab49158
- Added GCM ciphersuites to TLS implementation
2012-04-18 14:23:57 +00:00
Paul Bakker
0a9251870a
- Report unexpected_message if unknown record type is received
2012-04-16 06:46:41 +00:00
Paul Bakker
10cd225962
- Added support for the SHA256 ciphersuites of AES and Camellia
2012-04-12 21:26:34 +00:00
Paul Bakker
1ef83d66dd
- Initial bare version of TLS 1.2
2012-04-11 12:09:53 +00:00
Paul Bakker
f34cf85534
- Fixed too restrictive test
2012-04-10 07:48:40 +00:00
Paul Bakker
452d532955
- Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST)
2012-04-05 12:07:34 +00:00
Paul Bakker
fab5c829e7
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
2012-02-06 16:45:10 +00:00
Paul Bakker
b15b851d6d
- Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47 , found by Hugo Leisink)
2012-01-13 13:44:06 +00:00
Paul Bakker
69e095cc15
- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
...
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
- Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker
6c0ceb3f9a
- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error
2011-12-04 12:24:18 +00:00
Paul Bakker
a3d195c41f
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 21:07:34 +00:00
Paul Bakker
490ecc8c3e
- Added ssl_set_max_version() to set the client's maximum sent version number
2011-10-06 13:04:09 +00:00
Paul Bakker
7eb013face
- Added ssl_session_reset() to allow re-use of already set non-connection specific context information
2011-10-06 12:37:39 +00:00
Paul Bakker
8934a98f82
- Fixed memcpy() that had possible overlapping areas to memmove()
2011-08-05 11:11:53 +00:00
Paul Bakker
39bb418d93
- Made second argument of f_send() prototype and of net_send() const
2011-06-21 07:36:43 +00:00
Paul Bakker
887bd502d2
- Undid fix for ssl_write that introduced a true bug when buffers are running full.
2011-06-08 13:10:54 +00:00