Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a503a63b85 
								
							 
						 
						
							
							
								
								Made session tickets support configurable from config.h  
							
							
							
						 
						
							2013-08-14 14:26:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								aa0d4d1aff 
								
							 
						 
						
							
							
								
								Add ssl_set_session_tickets()  
							
							
							
						 
						
							2013-08-14 14:08:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								06650f6a37 
								
							 
						 
						
							
							
								
								Fix reusing session more than once  
							
							
							
						 
						
							2013-08-14 14:08:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								cf2e97eae2 
								
							 
						 
						
							
							
								
								ssl_client2: allow reconnecting twice  
							
							
							
						 
						
							2013-08-14 14:08:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								aaa1eab55a 
								
							 
						 
						
							
							
								
								Add an option to reconnect in ssl_client2  
							
							... 
							
							
							
							Purpose: test resuming sessions. 
							
						 
						
							2013-08-14 14:08:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								66c4810ffe 
								
							 
						 
						
							
							
								
								Better handling of ciphersuite version range and forced version in  
							
							... 
							
							
							
							ssl_client2 
							
						 
						
							2013-07-26 14:05:32 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								6c85279719 
								
							 
						 
						
							
							
								
								Newline fixes in help text for ssl_client2 / ssl_server2  
							
							
							
						 
						
							2013-07-26 14:02:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								dbd79ca617 
								
							 
						 
						
							
							
								
								ssl_client2 and ssl_server2 now exit with 1 on errors (shell  
							
							... 
							
							
							
							limitations) 
							
						 
						
							2013-07-24 16:28:35 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8c1ede655f 
								
							 
						 
						
							
							
								
								Changed prototype for ssl_set_truncated_hmac() to allow disabling  
							
							
							
						 
						
							2013-07-19 14:51:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e980a994f0 
								
							 
						 
						
							
							
								
								Add interface for truncated hmac  
							
							
							
						 
						
							2013-07-19 14:51:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5b55b79021 
								
							 
						 
						
							
							
								
								Better handling of ciphersuite version range and forced version in  
							
							... 
							
							
							
							ssl_server2 
							
						 
						
							2013-07-19 14:51:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e048b67d0a 
								
							 
						 
						
							
							
								
								Misc minor fixes  
							
							... 
							
							
							
							- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue 
							
						 
						
							2013-07-19 12:56:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0c017a55e0 
								
							 
						 
						
							
							
								
								Add max_frag_len option in ssl_server2  
							
							... 
							
							
							
							Also reformat code and output more information in ssl_client2 
							
						 
						
							2013-07-18 14:07:36 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8e714d7aca 
								
							 
						 
						
							
							
								
								Modified LONG_RESPONSE and comments in ssl_server2  
							
							
							
						 
						
							2013-07-18 11:23:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bd7ce63115 
								
							 
						 
						
							
							
								
								Adapt ssl_server2 to test sending long messages  
							
							
							
						 
						
							2013-07-18 11:23:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								787b658bb3 
								
							 
						 
						
							
							
								
								Implement max_frag_len write restriction  
							
							
							
						 
						
							2013-07-18 11:18:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0df6b1f068 
								
							 
						 
						
							
							
								
								ssl_client2: add max_frag_len option  
							
							
							
						 
						
							2013-07-18 11:18:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								82024bf7b9 
								
							 
						 
						
							
							
								
								ssl_server2 now uses alloc_buffer if present and can be 'SERVERQUIT'  
							
							
							
						 
						
							2013-07-16 17:48:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ba4878aa64 
								
							 
						 
						
							
							
								
								Rename x509parse_key & co with _rsa suffix  
							
							
							
						 
						
							2013-07-08 15:31:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								fa9b10050b 
								
							 
						 
						
							
							
								
								Also compiles / runs without time-based functions in OS  
							
							... 
							
							
							
							Can now run without need of time() / localtime() and gettimeofday() 
							
						 
						
							2013-07-03 17:22:32 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								03a8a79516 
								
							 
						 
						
							
							
								
								Programs adapted to use polarssl_strerror() instead of error_strerror()  
							
							
							
						 
						
							2013-06-30 12:18:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								c1516be99d 
								
							 
						 
						
							
							
								
								ssl_server2 and ssl_client2 adapted to support maximum protocol version  
							
							
							
						 
						
							2013-06-29 18:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3c5ef71322 
								
							 
						 
						
							
							
								
								Cleanup up non-prototyped functions (static) and const-correctness in programs  
							
							
							
						 
						
							2013-06-25 16:37:45 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								ef3f8c747e 
								
							 
						 
						
							
							
								
								Fixed const correctness issues in programs and tests  
							
							... 
							
							
							
							(cherry picked from commit e0225e4d7f 
							
						 
						
							2013-06-24 19:09:24 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								bcbe2d8d81 
								
							 
						 
						
							
							
								
								Prettier printing of the lists for longer ciphersuite names  
							
							
							
						 
						
							2013-04-19 09:10:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								ed27a041e4 
								
							 
						 
						
							
							
								
								More granular define selections within code to allow for smaller code  
							
							... 
							
							
							
							sizes 
							
						 
						
							2013-04-18 23:12:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								fbb17804d8 
								
							 
						 
						
							
							
								
								Added pre-shared key handling for the server side of SSL / TLS  
							
							... 
							
							
							
							Server side handling of the pure PSK ciphersuites is now in the base
code. 
							
						 
						
							2013-04-18 23:12:33 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d4a56ec6bf 
								
							 
						 
						
							
							
								
								Added pre-shared key handling for the client side of SSL / TLS  
							
							... 
							
							
							
							Client side handling of the pure PSK ciphersuites is now in the base
code. 
							
						 
						
							2013-04-18 23:12:33 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								41c83d3f67 
								
							 
						 
						
							
							
								
								Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS  
							
							... 
							
							
							
							Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included. 
							
						 
						
							2013-03-20 14:39:14 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								91ebfb5272 
								
							 
						 
						
							
							
								
								Made auth_mode as an command line option  
							
							
							
						 
						
							2012-11-23 14:04:08 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f9d02dc90 
								
							 
						 
						
							
							
								
								Added more notes / comments on own_cert, trust_ca purposes  
							
							
							
						 
						
							2012-11-20 10:30:55 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								75242c30fb 
								
							 
						 
						
							
							
								
								Added checking of CA peer cert to ssl_client1 as sane default  
							
							
							
						 
						
							2012-11-17 00:03:46 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								645ce3a2b4 
								
							 
						 
						
							
							
								
								- Moved ciphersuite naming scheme to IANA reserved names  
							
							
							
						 
						
							2012-10-31 12:32:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b0550d90c9 
								
							 
						 
						
							
							
								
								- Added ssl_get_peer_cert() to SSL API  
							
							
							
						 
						
							2012-10-30 07:51:03 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1d29fb5e33 
								
							 
						 
						
							
							
								
								- Added option to add minimum accepted SSL/TLS protocol version  
							
							
							
						 
						
							2012-09-28 13:28:45 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5d19f86fdd 
								
							 
						 
						
							
							
								
								- Added comment  
							
							
							
						 
						
							2012-09-28 07:33:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								cbbd9998da 
								
							 
						 
						
							
							
								
								- SSL/TLS now has default group  
							
							
							
						 
						
							2012-09-28 07:32:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								915275ba78 
								
							 
						 
						
							
							
								
								- Revamped x509_verify() and the SSL f_vrfy callback implementations  
							
							
							
						 
						
							2012-09-28 07:10:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								819370c7b7 
								
							 
						 
						
							
							
								
								- Removed lowercasing of parameters  
							
							
							
						 
						
							2012-09-28 07:04:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d43241060b 
								
							 
						 
						
							
							
								
								- Removed clutter from my_dhm values  
							
							
							
						 
						
							2012-09-26 08:29:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0a59707523 
								
							 
						 
						
							
							
								
								- Added simple SSL session cache implementation  
							
							... 
							
							
							
							- Revamped session resumption handling 
							
						 
						
							2012-09-25 21:55:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								29b64761fd 
								
							 
						 
						
							
							
								
								- Added predefined DHM groups from RFC 5114  
							
							
							
						 
						
							2012-09-25 09:36:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b60b95fd7f 
								
							 
						 
						
							
							
								
								- Added first version of ssl_server2 example application  
							
							
							
						 
						
							2012-09-25 09:05:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d0f6fa7bdc 
								
							 
						 
						
							
							
								
								- Sending of handshake_failures during renegotiation added  
							
							... 
							
							
							
							- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION 
							
						 
						
							2012-09-17 09:18:12 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								48916f9b67 
								
							 
						 
						
							
							
								
								- Added Secure Renegotiation (RFC 5746)  
							
							
							
						 
						
							2012-09-16 19:57:18 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								835b29e7c3 
								
							 
						 
						
							
							
								
								- Should not be debug_level 5 in repo (reset to 0)  
							
							
							
						 
						
							2012-08-23 08:31:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								92eeea4627 
								
							 
						 
						
							
							
								
								- Modified CMakeLists to support zlib  
							
							
							
						 
						
							2012-07-03 15:10:33 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2770fbd651 
								
							 
						 
						
							
							
								
								- Added DEFLATE compression support as per RFC3749 (requires zlib)  
							
							
							
						 
						
							2012-07-03 13:30:23 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8d914583f3 
								
							 
						 
						
							
							
								
								- Added X509 CA Path support  
							
							
							
						 
						
							2012-06-04 12:46:42 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								4248823f43 
								
							 
						 
						
							
							
								
								- Updated to handle x509parse_crtfile() positive return values  
							
							
							
						 
						
							2012-05-16 08:21:05 +00:00