mbedtls

mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-18 16:31:08 +00:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	967a2a5f8c	Change name to mbed TLS in the copyright notice	2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard	34377b1e1c	Fix send_close_notify usage.	2015-01-22 10:46:46 +00:00
Paul Bakker	5b8f7eaa3e	Merge new security defaults for programs (RC4 disabled, SSL3 disabled)	2015-01-14 16:26:54 +01:00
Paul Bakker	c82b7e2003	Merge option to disable truncated hmac on the server-side	2015-01-14 16:16:55 +01:00
Manuel Pégourié-Gonnard	687f89beab	Don't check errors on ssl_close_notify() Depending on timing we might get different errors (conn_reset, write failed) and ignoring them all ends up being almost the same as just not checking errors.	2015-01-13 21:48:12 +01:00
Paul Bakker	f3561154ff	Merge support for 1/n-1 record splitting	2015-01-13 16:31:34 +01:00
Paul Bakker	f6080b8557	Merge support for enabling / disabling renegotiation support at compile-time	2015-01-13 16:18:23 +01:00
Paul Bakker	d7e2483bfc	Merge miscellaneous fixes into development	2015-01-13 16:04:38 +01:00
Paul Bakker	8b9bcecaae	Stop assuming chars are signed	2015-01-13 15:59:55 +01:00
Paul Bakker	d9e2dd2bb0	Merge support for Encrypt-then-MAC	2015-01-13 14:23:56 +01:00
Manuel Pégourié-Gonnard	bd47a58221	Add ssl_set_arc4_support() Rationale: if people want to disable RC4 but otherwise keep the default suite list, it was cumbersome. Also, since it uses a global array, ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like the best place, even if it means temporarily adding one SSL setting.	2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard	982865618a	Stop assuming chars are signed (They aren't on ARM by default.)	2015-01-12 19:17:05 +01:00
Manuel Pégourié-Gonnard	448ea506bf	Set min version to TLS 1.0 in programs	2015-01-12 12:32:04 +01:00
Manuel Pégourié-Gonnard	265fe997ff	Use library default for trunc-hmac in ssl_client2	2015-01-09 12:53:19 +01:00
Manuel Pégourié-Gonnard	c82ee3555f	Fix tests that were failing with record splitting	2015-01-07 16:39:10 +01:00
Manuel Pégourié-Gonnard	615e677c0b	Make renegotiation a compile-time option	2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard	85d915b81d	Add tests for renego security enforcement	2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard	d3b90f797d	Fix bug in ssl_client2 reconnect option	2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard	be6ce835a2	Fix typo causing MSVC errors	2014-11-17 14:29:36 +01:00
Manuel Pégourié-Gonnard	699cafaea2	Implement initial negotiation of EtM Not implemented yet: - actually using EtM - conditions on renegotiation	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	367381fddd	Add negotiation of Extended Master Secret (But not the actual thing yet.)	2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard	1cbd39dbeb	Implement FALLBACK_SCSV client-side	2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard	f138874811	Properly send close_notify in ssl_client2	2014-08-19 16:14:36 +02:00
Manuel Pégourié-Gonnard	a8c0a0dbd0	Add "exchanges" option to test server and client Goal is to test renegotiation better: we need more than one exchange for server-initiated renego to work reliably (the previous hack for this wouldn't work with non-blocking I/O and probably not with DTLS either). Also check message termination in a semi-realistic way.	2014-08-19 13:26:05 +02:00
Manuel Pégourié-Gonnard	e08660e612	Fix ssl_read() and close_notify error handling in programs	2014-08-19 10:34:37 +02:00
Manuel Pégourié-Gonnard	dcab293bd4	Get rid of SERVERQUIT code in ssl_{client,server}2	2014-08-14 18:33:00 +02:00
Paul Bakker	a317a98221	Adapt programs / test suites	2014-07-09 10:19:24 +02:00
Manuel Pégourié-Gonnard	c5fd391e04	Check return value of ssl_set_xxx() in programs	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	481fcfde93	Make PSK_LEN configurable and adjust PMS size	2014-07-04 14:59:08 +02:00
Paul Bakker	2a45d1c8bb	Merge changes to config examples and configuration issues	2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard	dea29c51fd	Extend request_size to small sizes in ssl_client2	2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard	8a4d571af8	Fix warnings in no-SSL configs	2014-06-24 14:19:59 +02:00
Manuel Pégourié-Gonnard	8de259b953	Minor code simplification in ssl programs	2014-06-11 18:35:33 +02:00
Paul Bakker	525f87559f	Cast alpn_list to void * to prevent MSVC compiler warnings	2014-05-01 10:59:27 +02:00
Manuel Pégourié-Gonnard	cef4ad2509	Adapt sources to configurable config.h name	2014-04-30 16:40:20 +02:00
Paul Bakker	c73079a78c	Add debug_set_threshold() and thresholding of messages	2014-04-25 16:58:16 +02:00
Paul Bakker	93c32b21b3	Allow ssl_client to pad request to SSL_MAX_CONTENT_LEN	2014-04-25 16:58:12 +02:00
Manuel Pégourié-Gonnard	1bd2281260	Add an alpn option to ssl_client2 and ssl_server2	2014-04-05 14:51:42 +02:00
Manuel Pégourié-Gonnard	6b0d268bc9	Add ssl_close_notify() to servers that missed it	2014-03-31 11:28:11 +02:00
Manuel Pégourié-Gonnard	00d538f8f9	Disable renegotiation by default in example cli/srv	2014-03-31 11:03:06 +02:00
Paul Bakker	a4b0343edf	Merged massive SSL Testing improvements	2014-03-14 16:30:36 +01:00
Manuel Pégourié-Gonnard	84fd6877c6	Use ssl_client2 to terminate ssl_server2	2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard	5b2d776d2a	GnuTLS in compat.sh: server-side	2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard	3e1b178ba2	Add options for no certificates in test srv/cli	2014-03-14 08:41:02 +01:00
Manuel Pégourié-Gonnard	5575316385	Add options for non-blocking I/O in test cli & srv	2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard	0d8780b2cd	Add a server_adrr option to ssl_client2	2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard	c55a5b7d6f	Add tests for cache timeout	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	780d671f9d	Add tests for renegotiation	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	2fc243d06a	Rearrange help messages of example cli/srv	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	fcf2fc2960	Make auth_mode=required the default in ssl_client2	2014-03-13 19:25:07 +01:00

1 2 3

137 commits