Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								14400c8fb0 
								
							 
						 
						
							
							
								
								Merge memory leak fix into branch 'mbedtls-1.3'  
							
							... 
							
							
							
							Merge of fix for memory leak in RSA-SSA signing - #372  
							
						 
						
							2016-01-02 00:28:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f3e6e4badb 
								
							 
						 
						
							
							
								
								Add extra check before integer conversion  
							
							... 
							
							
							
							end < p should never happen, but just be extra sure 
							
						 
						
							2015-10-02 09:53:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								643a922c56 
								
							 
						 
						
							
							
								
								Reordered extension fields and added to ChangeLog  
							
							... 
							
							
							
							Reordered the transmission sequence of TLS extension fields in client hello
and added to ChangeLog. 
							
						 
						
							2015-10-01 01:17:10 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								b1e325d6b2 
								
							 
						 
						
							
							
								
								Added bounds checking for TLS extensions  
							
							... 
							
							
							
							IOTSSL-478 - Added checks to prevent buffer overflows. 
							
						 
						
							2015-10-01 00:24:36 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bb564e0fb4 
								
							 
						 
						
							
							
								
								Fix possible client crash on API misuse  
							
							
							
						 
						
							2015-09-03 10:44:32 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6512554f42 
								
							 
						 
						
							
							
								
								Fix handling of long PSK identities  
							
							... 
							
							
							
							backport from c3b5d83
see #238  
							
						 
						
							2015-08-31 11:43:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9ea1b23cc4 
								
							 
						 
						
							
							
								
								Up min size of DHM params to 1024 bits on client  
							
							
							
						 
						
							2015-06-29 18:52:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								29f777ef54 
								
							 
						 
						
							
							
								
								Fix bug with ssl_set_curves() check on client  
							
							
							
						 
						
							2015-04-03 17:57:59 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								51bccd3889 
								
							 
						 
						
							
							
								
								Fix compile error with renego disabled  
							
							
							
						 
						
							2015-03-10 16:09:08 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fe44643b0e 
								
							 
						 
						
							
							
								
								Rename website and repository  
							
							
							
						 
						
							2015-03-06 13:17:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Rich Evans 
							
						 
						
							
							
							
							
								
							
							
								00ab47026b 
								
							 
						 
						
							
							
								
								cleanup library and some basic tests. Includes, add guards to includes  
							
							
							
						 
						
							2015-02-10 11:28:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								860b51642d 
								
							 
						 
						
							
							
								
								Fix url again  
							
							
							
						 
						
							2015-01-28 17:12:07 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								085ab040aa 
								
							 
						 
						
							
							
								
								Fix website url to use https.  
							
							
							
						 
						
							2015-01-23 11:06:27 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9698f5852c 
								
							 
						 
						
							
							
								
								Remove maintainer line.  
							
							
							
						 
						
							2015-01-23 10:59:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								19f6b5dfaa 
								
							 
						 
						
							
							
								
								Remove redundant "all rights reserved"  
							
							
							
						 
						
							2015-01-23 10:54:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a658a4051b 
								
							 
						 
						
							
							
								
								Update copyright  
							
							
							
						 
						
							2015-01-23 09:55:24 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								967a2a5f8c 
								
							 
						 
						
							
							
								
								Change name to mbed TLS in the copyright notice  
							
							
							
						 
						
							2015-01-22 14:28:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								59c6f2ef21 
								
							 
						 
						
							
							
								
								Avoid nested if's without braces.  
							
							... 
							
							
							
							Creates a potential for confusing code if we later want to add an else clause. 
							
						 
						
							2015-01-22 11:06:40 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5d9cde25da 
								
							 
						 
						
							
							
								
								Move renego SCSV after actual ciphersuites  
							
							
							
						 
						
							2015-01-22 10:49:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5b8f7eaa3e 
								
							 
						 
						
							
							
								
								Merge new security defaults for programs (RC4 disabled, SSL3 disabled)  
							
							
							
						 
						
							2015-01-14 16:26:54 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								f6080b8557 
								
							 
						 
						
							
							
								
								Merge support for enabling / disabling renegotiation support at compile-time  
							
							
							
						 
						
							2015-01-13 16:18:23 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d7e2483bfc 
								
							 
						 
						
							
							
								
								Merge miscellaneous fixes into development  
							
							
							
						 
						
							2015-01-13 16:04:38 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bd47a58221 
								
							 
						 
						
							
							
								
								Add ssl_set_arc4_support()  
							
							... 
							
							
							
							Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting. 
							
						 
						
							2015-01-13 13:03:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d94232389e 
								
							 
						 
						
							
							
								
								Skip signature_algorithms ext if PSK only  
							
							
							
						 
						
							2014-12-02 11:57:29 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								eaecbd3ba8 
								
							 
						 
						
							
							
								
								Fix warning in reduced configs  
							
							
							
						 
						
							2014-12-02 10:40:55 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								615e677c0b 
								
							 
						 
						
							
							
								
								Make renegotiation a compile-time option  
							
							
							
						 
						
							2014-12-02 10:40:54 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								699cafaea2 
								
							 
						 
						
							
							
								
								Implement initial negotiation of EtM  
							
							... 
							
							
							
							Not implemented yet:
- actually using EtM
- conditions on renegotiation 
							
						 
						
							2014-11-05 16:00:50 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b575b54cb9 
								
							 
						 
						
							
							
								
								Forbid extended master secret with SSLv3  
							
							
							
						 
						
							2014-11-05 16:00:50 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ada3030485 
								
							 
						 
						
							
							
								
								Implement extended master secret  
							
							
							
						 
						
							2014-11-05 16:00:49 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								367381fddd 
								
							 
						 
						
							
							
								
								Add negotiation of Extended Master Secret  
							
							... 
							
							
							
							(But not the actual thing yet.) 
							
						 
						
							2014-11-05 16:00:49 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1cbd39dbeb 
								
							 
						 
						
							
							
								
								Implement FALLBACK_SCSV client-side  
							
							
							
						 
						
							2014-11-05 16:00:49 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f7cdbc0e87 
								
							 
						 
						
							
							
								
								Fix potential bad read of length  
							
							
							
						 
						
							2014-10-17 17:02:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								44ade654c5 
								
							 
						 
						
							
							
								
								Implement (partial) renego delay on client  
							
							
							
						 
						
							2014-08-19 13:58:40 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6591962f06 
								
							 
						 
						
							
							
								
								Allow delay on renego on client  
							
							... 
							
							
							
							Currently unbounded: will be fixed later 
							
						 
						
							2014-08-19 12:50:30 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								84bbeb58df 
								
							 
						 
						
							
							
								
								Adapt cipher and MD layer with _init() and _free()  
							
							
							
						 
						
							2014-07-09 10:19:24 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5b4af39a36 
								
							 
						 
						
							
							
								
								Add _init() and _free() for hash modules  
							
							
							
						 
						
							2014-07-09 10:19:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2a45d1c8bb 
								
							 
						 
						
							
							
								
								Merge changes to config examples and configuration issues  
							
							
							
						 
						
							2014-06-25 11:27:00 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								dd0c0f33c0 
								
							 
						 
						
							
							
								
								Better usage of dhm_calc_secret in SSL  
							
							
							
						 
						
							2014-06-25 11:26:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5c1f032653 
								
							 
						 
						
							
							
								
								Abort handshake if no point format in common  
							
							
							
						 
						
							2014-06-25 11:26:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fd35af1579 
								
							 
						 
						
							
							
								
								Fix off-by-one error in point format parsing  
							
							
							
						 
						
							2014-06-25 11:26:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5bfd968e01 
								
							 
						 
						
							
							
								
								Fix warning with TLS 1.2 without RSA or ECDSA  
							
							
							
						 
						
							2014-06-24 15:18:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								66d5d076f7 
								
							 
						 
						
							
							
								
								Fix formatting in various code to match spacing from coding style  
							
							
							
						 
						
							2014-06-17 17:06:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3461772559 
								
							 
						 
						
							
							
								
								Introduce polarssl_zeroize() instead of memset() for zeroization  
							
							
							
						 
						
							2014-06-14 16:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								61edffef28 
								
							 
						 
						
							
							
								
								Normalize "should never happen" messages/errors  
							
							
							
						 
						
							2014-05-22 13:52:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b9e4e2c97a 
								
							 
						 
						
							
							
								
								Fix formatting: fix some 'easy' > 80 length lines  
							
							
							
						 
						
							2014-05-01 14:18:25 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9af723cee7 
								
							 
						 
						
							
							
								
								Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
							
							
							
						 
						
							2014-05-01 13:03:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								cef4ad2509 
								
							 
						 
						
							
							
								
								Adapt sources to configurable config.h name  
							
							
							
						 
						
							2014-04-30 16:40:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a70366317d 
								
							 
						 
						
							
							
								
								Improve interop by not writing ext_len in ClientHello / ServerHello when 0  
							
							... 
							
							
							
							The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero. 
							
						 
						
							2014-04-30 10:16:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f6521de17b 
								
							 
						 
						
							
							
								
								Add ALPN tests to ssl-opt.sh  
							
							... 
							
							
							
							Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only) 
							
						 
						
							2014-04-07 12:42:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0b874dc580 
								
							 
						 
						
							
							
								
								Implement ALPN client-side  
							
							
							
						 
						
							2014-04-07 10:57:45 +02:00