Andres AG 
							
						 
						
							
							
							
							
								
							
							
								0ac1392cd8 
								
							 
						 
						
							
							
								
								Remove use of inttypes.h in MSVC from ssl_server2  
							
							... 
							
							
							
							The sample application programs/ssl/ssl_server2.c was previously
modifies to use inttypes.h to parse a string to a 64-bit integer.
However, MSVC does not support C99, so compilation fails. This
patch modifies the sample app to use the MSVC specific parsing
functions instead of inttypes.h. 
							
						 
						
							2017-03-01 23:33:29 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Andres AG 
							
						 
						
							
							
							
							
								
							
							
								9b1927bf9b 
								
							 
						 
						
							
							
								
								Add DTLS test to check 6 byte record ctr is cmp  
							
							... 
							
							
							
							Add a test to ssl-opt.sh to ensure that in DTLS a 6 byte record counter
is compared in ssl_check_ctr_renegotiate() instead of a 8 byte one as in
the TLS case. Because currently there are no testing facilities to check
that renegotiation routines are triggered after X number of input/output
messages, the test consists on setting a renegotiation period that
cannot be represented in 6 bytes, but whose least-significant byte is 2.
If the library behaves correctly, the renegotiation routines will be
executed after two exchanged. 
							
						 
						
							2017-02-04 23:35:14 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								22311ae62e 
								
							 
						 
						
							
							
								
								Improve help message of ssl_*2.c  
							
							
							
						 
						
							2015-09-09 11:22:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3f09b6d4c2 
								
							 
						 
						
							
							
								
								Fix API  
							
							
							
						 
						
							2015-09-08 11:58:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								37ff14062e 
								
							 
						 
						
							
							
								
								Change main license to Apache 2.0  
							
							
							
						 
						
							2015-09-04 14:21:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								ed51594337 
								
							 
						 
						
							
							
								
								Merge pull request  #265  from ARMmbed/iotssl-460-bugfixes  
							
							... 
							
							
							
							Iotssl 460 bugfixes 
							
						 
						
							2015-09-02 23:36:36 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a2cda6bfaf 
								
							 
						 
						
							
							
								
								Add mbedtls_ssl_get_max_frag_len()  
							
							... 
							
							
							
							This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing. 
							
						 
						
							2015-08-31 20:47:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ea35666f50 
								
							 
						 
						
							
							
								
								Fix -Wshadow warnings  
							
							... 
							
							
							
							Checked that it is supported by gcc 4.2.1 (FreeBSD 9).
fixes  #240  
							
						 
						
							2015-08-31 10:34:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6fb8187279 
								
							 
						 
						
							
							
								
								Update date in copyright line  
							
							
							
						 
						
							2015-07-28 17:11:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6755717f18 
								
							 
						 
						
							
							
								
								Fix stupid typo in ssl_server2.c  
							
							
							
						 
						
							2015-07-02 11:15:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9de64f5af1 
								
							 
						 
						
							
							
								
								Fix MSVC warnings in library and programs  
							
							
							
						 
						
							2015-07-01 16:56:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								052f28853b 
								
							 
						 
						
							
							
								
								Cosmetics in debug in ssl_{client,server}2.c  
							
							... 
							
							
							
							Print only the basename from the file, and print level too. 
							
						 
						
							2015-07-01 12:01:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								abc729e664 
								
							 
						 
						
							
							
								
								Simplify net_accept() with UDP sockets  
							
							... 
							
							
							
							This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it. 
							
						 
						
							2015-07-01 01:28:24 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3d7d00ad23 
								
							 
						 
						
							
							
								
								Rename mbedtls_net_close() to mbedtls_net_free()  
							
							... 
							
							
							
							close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules 
							
						 
						
							2015-06-30 16:50:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5db64328ab 
								
							 
						 
						
							
							
								
								Adapt programs to the new NET API  
							
							
							
						 
						
							2015-06-30 16:48:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1c5b9fc19f 
								
							 
						 
						
							
							
								
								Avoid truncating peer cert info in ssl_server2  
							
							
							
						 
						
							2015-06-27 14:38:51 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								61ee351af4 
								
							 
						 
						
							
							
								
								Adapt programs to the new debug API  
							
							
							
						 
						
							2015-06-23 23:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c0d749418b 
								
							 
						 
						
							
							
								
								Make 'port' a string in NET module  
							
							... 
							
							
							
							- avoids dependency on snprintf
- allows using "smtps" instead of "456" if desired 
							
						 
						
							2015-06-23 13:09:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6ea831dcf4 
								
							 
						 
						
							
							
								
								Add tests for mbedtls_set_hs_ca_chain()  
							
							
							
						 
						
							2015-06-22 17:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4d6f178376 
								
							 
						 
						
							
							
								
								Add support for SNI CA and authmode in ssl_server2  
							
							
							
						 
						
							2015-06-22 14:52:40 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b31c5f68b1 
								
							 
						 
						
							
							
								
								Add SSL presets.  
							
							... 
							
							
							
							No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values. 
							
						 
						
							2015-06-17 14:59:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7551cb9ee9 
								
							 
						 
						
							
							
								
								Replace malloc with calloc  
							
							... 
							
							
							
							- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too 
							
						 
						
							2015-05-26 16:04:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								56273daea0 
								
							 
						 
						
							
							
								
								Move some includes to ssl_internal.h  
							
							... 
							
							
							
							Also removed one from ssl.h and add it in programs where it belongs 
							
						 
						
							2015-05-26 15:01:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a0adc1bbe4 
								
							 
						 
						
							
							
								
								Make cipher used in ssl tickets configurable  
							
							
							
						 
						
							2015-05-25 10:35:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d59675d92c 
								
							 
						 
						
							
							
								
								Move to callback for session tickets  
							
							
							
						 
						
							2015-05-20 11:14:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0b104b056b 
								
							 
						 
						
							
							
								
								Adapt prototype of net_accept() for explicit size  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d4f04dba42 
								
							 
						 
						
							
							
								
								net.c now depends on select() unconditionally  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								151dc77732 
								
							 
						 
						
							
							
								
								Fix some old names that remained  
							
							... 
							
							
							
							- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me 
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								66dc5555f0 
								
							 
						 
						
							
							
								
								mbedtls_ssl_conf_arc4_support() depends on ARC4_C  
							
							
							
						 
						
							2015-05-14 12:31:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d2377e7e78 
								
							 
						 
						
							
							
								
								ssl_client/server2 shouln't depend on timing.c  
							
							... 
							
							
							
							Would break test-ref-configs.pl. 
							
						 
						
							2015-05-13 13:58:56 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e3c41ad8a4 
								
							 
						 
						
							
							
								
								Use the new timer callback API in programs  
							
							
							
						 
						
							2015-05-13 10:04:32 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								db1cc76091 
								
							 
						 
						
							
							
								
								Fix depend issue in program/ssl/ssl_*2.c  
							
							
							
						 
						
							2015-05-12 11:27:25 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e6ef16f98c 
								
							 
						 
						
							
							
								
								Change X.509 verify flags to uint32_t  
							
							
							
						 
						
							2015-05-11 19:54:43 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								06939cebef 
								
							 
						 
						
							
							
								
								Fix order of ssl_conf vs ssl_setup in programs  
							
							... 
							
							
							
							Except ssl_phtread_server that will be done later 
							
						 
						
							2015-05-11 14:35:42 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								01e5e8c1f8 
								
							 
						 
						
							
							
								
								Change a few ssl_conf return types to void  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6729e79482 
								
							 
						 
						
							
							
								
								Rename ssl_set_xxx() to ssl_conf_xxx()  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								17a40cd255 
								
							 
						 
						
							
							
								
								Change ssl_own_cert to work on ssl_config  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1af6c8500b 
								
							 
						 
						
							
							
								
								Add ssl_set_hs_own_cert()  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								120fdbdb3d 
								
							 
						 
						
							
							
								
								Change ssl_set_psk() to act on ssl_config  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4b68296626 
								
							 
						 
						
							
							
								
								Use a specific function in the PSK callback  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								750e4d7769 
								
							 
						 
						
							
							
								
								Move ssl_set_rng() to act on config  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5cb3308e5f 
								
							 
						 
						
							
							
								
								Merge contexts for session cache  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ae31914990 
								
							 
						 
						
							
							
								
								Rename ssl_legacy_renegotiation() to ssl_set_...  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1028b74cff 
								
							 
						 
						
							
							
								
								Upgrade default DHM params size  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								8836994f6b 
								
							 
						 
						
							
							
								
								Move WANT_READ/WANT_WRITE codes to SSL  
							
							
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1b511f93c6 
								
							 
						 
						
							
							
								
								Rename ssl_set_bio_timeout() to set_bio()  
							
							... 
							
							
							
							Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway... 
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								97fd52c529 
								
							 
						 
						
							
							
								
								Split ssl_set_read_timeout() out of bio_timeout()  
							
							
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bc2b771af4 
								
							 
						 
						
							
							
								
								Move ssl_set_ca_chain() to work on config  
							
							
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2b49445876 
								
							 
						 
						
							
							
								
								Move session ticket keys to conf  
							
							... 
							
							
							
							This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!! 
							
						 
						
							2015-05-07 10:19:13 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6bf89d6ad9 
								
							 
						 
						
							
							
								
								Move ssl_set_max_fragment_len to work on conf  
							
							
							
						 
						
							2015-05-07 10:19:13 +01:00