yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 23:31:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
3467 commits 88 branches 205 tags 69 MiB
Commit graph

470 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 97fd52c529 Split ssl_set_read_timeout() out of bio_timeout() 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard bc2b771af4 Move ssl_set_ca_chain() to work on config 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard ba26c24769 Change how hostname is stored internally 2015-05-07 10:19:14 +01:00
Manuel Pégourié-Gonnard 2b49445876 Move session ticket keys to conf 
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard 684b0592cb Move ssl_set_fallback() to work on conf 
Initially thought it would be per-connection, but since max_version is in conf
too, and you need to lower that for a fallback connection, the fallback flag
should be in the same place
 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard 6bf89d6ad9 Move ssl_set_max_fragment_len to work on conf 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard 17eab2b65c Move set_cbc_record_splitting() to conf 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard d36e33fc07 Move easy ssl_set_xxx() functions to work on conf 
mbedtls_ssl_set_alpn_protocols
mbedtls_ssl_set_arc4_support
mbedtls_ssl_set_authmode
mbedtls_ssl_set_ciphersuites
mbedtls_ssl_set_ciphersuites_for_version
mbedtls_ssl_set_curves
mbedtls_ssl_set_dbg
mbedtls_ssl_set_dh_param
mbedtls_ssl_set_dh_param_ctx
mbedtls_ssl_set_dtls_anti_replay
mbedtls_ssl_set_dtls_badmac_limit
mbedtls_ssl_set_dtls_cookies
mbedtls_ssl_set_encrypt_then_mac
mbedtls_ssl_set_endpoint
mbedtls_ssl_set_extended_master_secret
mbedtls_ssl_set_handshake_timeout
mbedtls_ssl_legacy_renegotiation
mbedtls_ssl_set_max_version
mbedtls_ssl_set_min_version
mbedtls_ssl_set_psk_cb
mbedtls_ssl_set_renegotiation
mbedtls_ssl_set_renegotiation_enforced
mbedtls_ssl_set_renegotiation_period
mbedtls_ssl_set_session_cache
mbedtls_ssl_set_session_ticket_lifetime
mbedtls_ssl_set_sni
mbedtls_ssl_set_transport
mbedtls_ssl_set_truncated_hmac
mbedtls_ssl_set_verify
 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard 419d5ae419 Make endpoint+transport args of config_defaults() 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard def0bbe3ab Allocate ssl_config out of ssl_setup() 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard cd523e2a5e Introduce mbedtls_ssl_config_{init,defaults,free}() 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard 7ca4e4dc79 Move things to conf substructure 
A simple series of sed invocations.

This is the first step, purely internal changes. The conf substructure is not
ready to be shared between contexts yet.
 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard 8a81e84638 Merge branch 'mbedtls-1.3' into development 
* mbedtls-1.3:
  Add countermeasure against cache-based lucky 13

Conflicts:
	library/ssl_tls.c
 2015-04-29 02:13:42 +02:00
Manuel Pégourié-Gonnard 41d479e7df Split ssl_init() -> ssl_setup() 2015-04-29 02:08:34 +02:00
Manuel Pégourié-Gonnard 47fede0d6d Add countermeasure against cache-based lucky 13 2015-04-29 01:35:48 +02:00
Manuel Pégourié-Gonnard e6028c93f5 Fix some X509 macro names 
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
 2015-04-20 12:19:02 +01:00
Manuel Pégourié-Gonnard e6efa6f54e manually merge 9f98251 make extKeyUsage accessible 2015-04-20 11:23:24 +01:00
Manuel Pégourié-Gonnard 144bc224e9 Merge branch 'mbedtls-1.3' into development 
* commit 'a2fce21':
  Fix potential NULL dereference on bad usage

Conflicts:
	library/ssl_tls.c
 2015-04-17 20:39:07 +02:00
Manuel Pégourié-Gonnard 9f98251e72 Make results of (ext)KeyUsage accessible 2015-04-17 19:57:21 +02:00
Manuel Pégourié-Gonnard a2fce21ae5 Fix potential NULL dereference on bad usage 2015-04-15 21:04:19 +02:00
Manuel Pégourié-Gonnard 8408a94969 Remove MBEDTLS_ from internal macros 2015-04-09 13:52:55 +02:00
Manuel Pégourié-Gonnard 2cf5a7c98e The Great Renaming 
A simple execution of tmp/invoke-rename.pl
 2015-04-08 13:25:31 +02:00
Manuel Pégourié-Gonnard 932e3934bd Fix typos & Co 2015-04-03 18:46:55 +02:00
Manuel Pégourié-Gonnard 8c8be1ebbb Change default min TLS version to TLS 1.0 2015-03-31 14:22:30 +02:00
Manuel Pégourié-Gonnard d16df8f60a Cleanup unused bit in ssl 
Became unused when removing deprecated ssl_set_own_cert_xxx() functions
 2015-03-31 14:04:51 +02:00
Manuel Pégourié-Gonnard fa44f20b9f Change authmode default to Required on client 2015-03-27 17:52:25 +01:00
Manuel Pégourié-Gonnard e960818735 Check return value of the TLS PRF 2015-03-26 11:47:47 +01:00
Manuel Pégourié-Gonnard b7fcca33b9 Make tls1_prf and tls12_prf more efficient 
Repeatedly allocating a context and setting the key was a waste
 2015-03-26 11:41:28 +01:00
Manuel Pégourié-Gonnard 6890c6b64e Factor tls_prf_sha{256,384} together 2015-03-26 11:11:49 +01:00
Manuel Pégourié-Gonnard abb674467b Rename md_init_ctx() to md_setup() 2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard 4063ceb281 Make hmac_ctx optional 
Note from future self: actually md_init_ctx will be re-introduced with the
same signature later, and a new function with the additional argument will be
added.
 2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard 7da726bb53 Remove calls to xxx_hmac() from SSL modules 2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard 9a65e80e4f Properly mark ssl_set_bio() as deprecated 2015-03-25 18:09:46 +01:00
Manuel Pégourié-Gonnard c70581c272 Add POLARSSL_DEPRECATED_{WARNING,REMOVED} 2015-03-23 14:11:11 +01:00
Manuel Pégourié-Gonnard 849b174e57 Disable RC4 by default in the library 2015-03-20 19:14:19 +00:00
Manuel Pégourié-Gonnard 47723147f5 Remove functions deprecated in 1.3 2015-03-20 18:21:12 +00:00
Manuel Pégourié-Gonnard 852a6d3d8f Rename ssl.renegotiation to ssl.renego_status 2015-03-19 16:15:20 +00:00
Manuel Pégourié-Gonnard 0db107e4ba Fix pk_can_do() constness issue 2015-03-19 14:01:57 +00:00
Manuel Pégourié-Gonnard 57a26da593 Merge branch 'mbedtls-1.3' into development 
* mbedtls-1.3:
  Use link-time garbage collection in memory.sh
  scripts/memory.sh only work on Linux
  Add missing 'const' on selftest data
  Use only headers for doxygen (no doc in C files)
  Add missing extern "C" guard in aesni.h
  Fix compile error with renego disabled
  Remove slow PKCS5 test
  Stop checking key-cert match systematically
  Make tests/*.sh runnable from anywhere
  Update visual C files
 2015-03-11 10:30:21 +00:00
Manuel Pégourié-Gonnard f427f8854a Stop checking key-cert match systematically 2015-03-10 15:35:29 +00:00
Manuel Pégourié-Gonnard 69849f8595 Drop renego state from context if no renego support 2015-03-10 11:54:02 +00:00
Manuel Pégourié-Gonnard 7f8099773e Rename include directory to mbedtls 2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard 2f5a1b4e55 Rename SSL_RENEGOTIATION macro 
- new name is more explicit
- avoids collision with POLARSSL_SSL_RENEGOTIATION config flag when prefixing
  will be applied
 2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard 9b6699066e Fix typos in macro names 2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard 998897be3d Merge branch 'mbedtls-1.3' into development 
* mbedtls-1.3:
  Rename website and repository
  Move private macro from header to C file
  Add some missing 'static' on a few objects
  Fix whitespace issues
  Minor portability fix in benchmark
 2015-03-06 13:25:41 +00:00
Manuel Pégourié-Gonnard fe44643b0e Rename website and repository 2015-03-06 13:17:10 +00:00
Manuel Pégourié-Gonnard 4e41c99ed8 Merge branch 'development' into dtls 
* development:
  Avoid possible dangling pointers

Conflicts:
	library/ssl_tls.c
 2015-02-18 10:39:49 +00:00
Manuel Pégourié-Gonnard f7db5e0a4a Avoid possible dangling pointers 
If the allocation fails, we don't really want ssl->in_ctr = 8 lying around.
 2015-02-18 10:32:41 +00:00
Manuel Pégourié-Gonnard cd4cd1dd26 Merge branch 'development' into dtls 
* development:
  Fix the fix to ssl_set_psk()
  Update Changelog
  Finish fixing memleak in ssl_server2 arg parsing
  Fix another potential memory leak found by find-mem-leak.cocci.
  Add a rule for another type of memory leak to find-mem-leak.cocci.
  Fix a potential memory leak found by find-mem-leak.cocci.
  Add a semantic patch to find potential memory leaks.
  Fix whitespace of 369e6c20.
  Apply the semantic patch rm-malloc-cast.cocci.
  Add a semantic patch to remove casts of malloc.
 2015-02-18 10:25:16 +00:00
Manuel Pégourié-Gonnard f45850c493 Fix the fix to ssl_set_psk() 
- possible for the first malloc to fail and the second to succeed
- missing = NULL assignment
 2015-02-18 10:23:52 +00:00