Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5ff3f9134b 
								
							 
						 
						
							
							
								
								Small fix for EFI build under Windows in x509_crt.c  
							
							
							
						 
						
							2014-04-04 15:08:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								74bc68ac62 
								
							 
						 
						
							
							
								
								Fix default #define for malloc/free  
							
							
							
						 
						
							2014-04-02 13:20:00 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								75a2860f26 
								
							 
						 
						
							
							
								
								Potential memory leak in mpi_exp_mod() when error occurs during  
							
							... 
							
							
							
							calculation of RR. 
							
						 
						
							2014-03-31 12:08:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								dd75c3183b 
								
							 
						 
						
							
							
								
								Remove potential timing leak in ecdsa_sign()  
							
							
							
						 
						
							2014-03-31 11:55:42 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5b8c409f53 
								
							 
						 
						
							
							
								
								Fix a warning (theoretical uninitialised variable)  
							
							
							
						 
						
							2014-03-27 21:10:56 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								969ccc6289 
								
							 
						 
						
							
							
								
								Fix length checking of various ClientKeyExchange's  
							
							
							
						 
						
							2014-03-27 21:10:56 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								96d5265315 
								
							 
						 
						
							
							
								
								Made ready for release 1.3.5  
							
							
							
						 
						
							2014-03-26 16:55:50 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5fff23b92a 
								
							 
						 
						
							
							
								
								x509_get_current_time() uses localtime_r() to prevent thread issues  
							
							
							
						 
						
							2014-03-26 15:34:54 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								4c284c9141 
								
							 
						 
						
							
							
								
								Removed LCOV directives from code  
							
							
							
						 
						
							2014-03-26 15:33:05 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								77f4f39ea6 
								
							 
						 
						
							
							
								
								Make sure no random pointer occur during failed malloc()'s  
							
							
							
						 
						
							2014-03-26 15:30:20 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								db1f05985e 
								
							 
						 
						
							
							
								
								Add a check for buffer overflow to pkcs11_sign()  
							
							... 
							
							
							
							pkcs11_sign() reuses *sig to store the header and hash, but those might
be larger than the actual sig, causing a buffer overflow.
An overflow can occur when using raw sigs with hashlen > siglen, or when
the RSA key is less than 664 bits long (or less when using hashes
shorter than SHA512)
As siglen is always within the 'low realm' < 32k, an overflow of asnlen
+ hashlen is not possible. 
							
						 
						
							2014-03-26 15:14:21 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								91c61bc4fd 
								
							 
						 
						
							
							
								
								Further tightened the padlen check to prevent underflow / overflow  
							
							
							
						 
						
							2014-03-26 15:14:20 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c042cf0013 
								
							 
						 
						
							
							
								
								Fix broken tests due to changed error code  
							
							... 
							
							
							
							Introduced in 5246ee5c59 
							
						 
						
							2014-03-26 14:12:20 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b2bf5a1bbb 
								
							 
						 
						
							
							
								
								Fix possible buffer overflow with PSK  
							
							
							
						 
						
							2014-03-26 12:58:50 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fdddac90a6 
								
							 
						 
						
							
							
								
								Fix stupid bug in rsa_copy()  
							
							
							
						 
						
							2014-03-26 12:58:49 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f84f799bcf 
								
							 
						 
						
							
							
								
								Tune debug_print_ret format  
							
							
							
						 
						
							2014-03-26 12:58:46 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b13d3ffb80 
								
							 
						 
						
							
							
								
								Provide no info from entropy_func() on future entropy  
							
							
							
						 
						
							2014-03-26 12:51:25 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								66ff70dd48 
								
							 
						 
						
							
							
								
								Support for seed file writing and reading in Entropy  
							
							
							
						 
						
							2014-03-26 11:58:07 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3f0be61a27 
								
							 
						 
						
							
							
								
								Merged support for parsing EC keys that use SpecifiedECDomain  
							
							
							
						 
						
							2014-03-26 11:30:39 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9592485d0c 
								
							 
						 
						
							
							
								
								Fix some MSVC12 conversion warnings  
							
							
							
						 
						
							2014-03-21 12:03:07 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3b6269aa08 
								
							 
						 
						
							
							
								
								Fix warnings on MinGW  
							
							
							
						 
						
							2014-03-21 12:03:03 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6fac3515d0 
								
							 
						 
						
							
							
								
								Make support for SpecifiedECDomain optional  
							
							
							
						 
						
							2014-03-19 16:50:59 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5246ee5c59 
								
							 
						 
						
							
							
								
								Work around compressed EC public key in some cases  
							
							
							
						 
						
							2014-03-19 16:50:59 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								eab20d2a9c 
								
							 
						 
						
							
							
								
								Implement parsing SpecifiedECParameters  
							
							
							
						 
						
							2014-03-19 15:51:12 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								6c1f69b879 
								
							 
						 
						
							
							
								
								MinGW32 static build should link to windows libs and libz  
							
							
							
						 
						
							2014-03-17 15:11:13 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3d6504a935 
								
							 
						 
						
							
							
								
								ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr  
							
							
							
						 
						
							2014-03-17 13:41:51 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2eea29238c 
								
							 
						 
						
							
							
								
								Make the compiler work-around more specific  
							
							
							
						 
						
							2014-03-14 18:23:26 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a4b0343edf 
								
							 
						 
						
							
							
								
								Merged massive SSL Testing improvements  
							
							
							
						 
						
							2014-03-14 16:30:36 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bb8661e006 
								
							 
						 
						
							
							
								
								Work around a compiler bug on OS X.  
							
							
							
						 
						
							2014-03-14 09:21:20 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d701c9aec9 
								
							 
						 
						
							
							
								
								Fix memory leak in server with expired tickets  
							
							
							
						 
						
							2014-03-14 08:41:01 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								84c30c7e83 
								
							 
						 
						
							
							
								
								Fix memory leak in ssl_cache  
							
							
							
						 
						
							2014-03-14 08:41:01 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								145dfcbfc2 
								
							 
						 
						
							
							
								
								Fix bug with NewSessionTicket and non-blocking I/O  
							
							
							
						 
						
							2014-03-14 08:41:01 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								96ea2f2557 
								
							 
						 
						
							
							
								
								Add tests for SNI  
							
							
							
						 
						
							2014-03-14 08:41:01 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								8520dac292 
								
							 
						 
						
							
							
								
								Add tests for auth_mode  
							
							
							
						 
						
							2014-03-14 08:41:00 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								da6b4d3e8c 
								
							 
						 
						
							
							
								
								Change RSA embedded cert to a localhost cert  
							
							
							
						 
						
							2014-03-14 08:41:00 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								dfbf9c711d 
								
							 
						 
						
							
							
								
								Fix bug in m_sleep()  
							
							
							
						 
						
							2014-03-14 08:41:00 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								274a12e17c 
								
							 
						 
						
							
							
								
								Fix bug with ssl_cache and max_entries=0  
							
							
							
						 
						
							2014-03-14 08:41:00 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f7c52014ec 
								
							 
						 
						
							
							
								
								Add basic tests for session resumption  
							
							
							
						 
						
							2014-03-14 08:41:00 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								hasufell 
							
						 
						
							
							
							
							
								
							
							
								3c6409b066 
								
							 
						 
						
							
							
								
								CMake: allow to build both shared and static at once  
							
							... 
							
							
							
							This allows for more fine-grained control. Possible combinations:
  * static off, shared on
  * static on, shared off
  * static on, shared on
The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.
Default is: only build static lib. 
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9a6e93e7a4 
								
							 
						 
						
							
							
								
								Reserve -1 as an error code (used in programs)  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								844a4c0aef 
								
							 
						 
						
							
							
								
								Fix RSASSA-PSS example programs  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								83cdffc437 
								
							 
						 
						
							
							
								
								Forbid sequence number wrapping  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3c599f11b0 
								
							 
						 
						
							
							
								
								Avoid possible segfault on bad server ciphersuite  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9533765b25 
								
							 
						 
						
							
							
								
								Reject certs and CRLs from the future  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6304f786e0 
								
							 
						 
						
							
							
								
								Add x509_time_future()  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								29dcc0b93c 
								
							 
						 
						
							
							
								
								Fix depend issues in test suites for cipher modes  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1ec220b002 
								
							 
						 
						
							
							
								
								Add missing #ifdefs in aes.h  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								648656a628 
								
							 
						 
						
							
							
								
								Fix error code in dhm_selftest()  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								796c6f3aff 
								
							 
						 
						
							
							
								
								Countermeasure against "triple handshake" attack  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fdf3f0e671 
								
							 
						 
						
							
							
								
								Avoid "unreachable code" warning  
							
							
							
						 
						
							2014-03-11 13:47:05 +01:00