Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fadacb9d0b 
								
							 
						 
						
							
							
								
								Merge branch 'development' into iotssl-461-ecjpake-finalization  
							
							... 
							
							
							
							* development: (73 commits)
  Bump yotta dependencies version
  Fix typo in documentation
  Corrected misleading fn description in ssl_cache.h
  Corrected URL/reference to MPI library
  Fix yotta dependencies
  Fix minor spelling mistake in programs/pkey/gen_key.c
  Bump version to 2.1.2
  Fix CVE number in ChangeLog
  Add 'inline' workaround where needed
  Fix references to non-standard SIZE_T_MAX
  Fix yotta version dependencies again
  Upgrade yotta dependency versions
  Fix compile error in net.c with musl libc
  Add missing warning in doc
  Remove inline workaround when not useful
  Fix macroization of inline in C++
  Changed attribution for Guido Vranken
  Merge of IOTSSL-476 - Random malloc in pem_read()
  Fix for IOTSSL-473 Double free error
  Fix potential overflow in CertificateRequest
  ...
Conflicts:
	include/mbedtls/ssl_internal.h
	library/ssl_cli.c 
							
						 
						
							2015-10-20 15:00:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								70905a7855 
								
							 
						 
						
							
							
								
								Add ecjpake_pw option to ssl_client2/server2  
							
							
							
						 
						
							2015-09-16 22:58:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								22311ae62e 
								
							 
						 
						
							
							
								
								Improve help message of ssl_*2.c  
							
							
							
						 
						
							2015-09-09 11:22:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3f09b6d4c2 
								
							 
						 
						
							
							
								
								Fix API  
							
							
							
						 
						
							2015-09-08 11:58:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								37ff14062e 
								
							 
						 
						
							
							
								
								Change main license to Apache 2.0  
							
							
							
						 
						
							2015-09-04 14:21:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								ed51594337 
								
							 
						 
						
							
							
								
								Merge pull request  #265  from ARMmbed/iotssl-460-bugfixes  
							
							... 
							
							
							
							Iotssl 460 bugfixes 
							
						 
						
							2015-09-02 23:36:36 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a2cda6bfaf 
								
							 
						 
						
							
							
								
								Add mbedtls_ssl_get_max_frag_len()  
							
							... 
							
							
							
							This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing. 
							
						 
						
							2015-08-31 20:47:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ea35666f50 
								
							 
						 
						
							
							
								
								Fix -Wshadow warnings  
							
							... 
							
							
							
							Checked that it is supported by gcc 4.2.1 (FreeBSD 9).
fixes  #240  
							
						 
						
							2015-08-31 10:34:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6fb8187279 
								
							 
						 
						
							
							
								
								Update date in copyright line  
							
							
							
						 
						
							2015-07-28 17:11:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6755717f18 
								
							 
						 
						
							
							
								
								Fix stupid typo in ssl_server2.c  
							
							
							
						 
						
							2015-07-02 11:15:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9de64f5af1 
								
							 
						 
						
							
							
								
								Fix MSVC warnings in library and programs  
							
							
							
						 
						
							2015-07-01 16:56:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								052f28853b 
								
							 
						 
						
							
							
								
								Cosmetics in debug in ssl_{client,server}2.c  
							
							... 
							
							
							
							Print only the basename from the file, and print level too. 
							
						 
						
							2015-07-01 12:01:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								abc729e664 
								
							 
						 
						
							
							
								
								Simplify net_accept() with UDP sockets  
							
							... 
							
							
							
							This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it. 
							
						 
						
							2015-07-01 01:28:24 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3d7d00ad23 
								
							 
						 
						
							
							
								
								Rename mbedtls_net_close() to mbedtls_net_free()  
							
							... 
							
							
							
							close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules 
							
						 
						
							2015-06-30 16:50:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5db64328ab 
								
							 
						 
						
							
							
								
								Adapt programs to the new NET API  
							
							
							
						 
						
							2015-06-30 16:48:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1c5b9fc19f 
								
							 
						 
						
							
							
								
								Avoid truncating peer cert info in ssl_server2  
							
							
							
						 
						
							2015-06-27 14:38:51 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								61ee351af4 
								
							 
						 
						
							
							
								
								Adapt programs to the new debug API  
							
							
							
						 
						
							2015-06-23 23:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c0d749418b 
								
							 
						 
						
							
							
								
								Make 'port' a string in NET module  
							
							... 
							
							
							
							- avoids dependency on snprintf
- allows using "smtps" instead of "456" if desired 
							
						 
						
							2015-06-23 13:09:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6ea831dcf4 
								
							 
						 
						
							
							
								
								Add tests for mbedtls_set_hs_ca_chain()  
							
							
							
						 
						
							2015-06-22 17:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4d6f178376 
								
							 
						 
						
							
							
								
								Add support for SNI CA and authmode in ssl_server2  
							
							
							
						 
						
							2015-06-22 14:52:40 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b31c5f68b1 
								
							 
						 
						
							
							
								
								Add SSL presets.  
							
							... 
							
							
							
							No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values. 
							
						 
						
							2015-06-17 14:59:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7551cb9ee9 
								
							 
						 
						
							
							
								
								Replace malloc with calloc  
							
							... 
							
							
							
							- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too 
							
						 
						
							2015-05-26 16:04:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								56273daea0 
								
							 
						 
						
							
							
								
								Move some includes to ssl_internal.h  
							
							... 
							
							
							
							Also removed one from ssl.h and add it in programs where it belongs 
							
						 
						
							2015-05-26 15:01:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a0adc1bbe4 
								
							 
						 
						
							
							
								
								Make cipher used in ssl tickets configurable  
							
							
							
						 
						
							2015-05-25 10:35:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d59675d92c 
								
							 
						 
						
							
							
								
								Move to callback for session tickets  
							
							
							
						 
						
							2015-05-20 11:14:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0b104b056b 
								
							 
						 
						
							
							
								
								Adapt prototype of net_accept() for explicit size  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d4f04dba42 
								
							 
						 
						
							
							
								
								net.c now depends on select() unconditionally  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								151dc77732 
								
							 
						 
						
							
							
								
								Fix some old names that remained  
							
							... 
							
							
							
							- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me 
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								66dc5555f0 
								
							 
						 
						
							
							
								
								mbedtls_ssl_conf_arc4_support() depends on ARC4_C  
							
							
							
						 
						
							2015-05-14 12:31:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d2377e7e78 
								
							 
						 
						
							
							
								
								ssl_client/server2 shouln't depend on timing.c  
							
							... 
							
							
							
							Would break test-ref-configs.pl. 
							
						 
						
							2015-05-13 13:58:56 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e3c41ad8a4 
								
							 
						 
						
							
							
								
								Use the new timer callback API in programs  
							
							
							
						 
						
							2015-05-13 10:04:32 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								db1cc76091 
								
							 
						 
						
							
							
								
								Fix depend issue in program/ssl/ssl_*2.c  
							
							
							
						 
						
							2015-05-12 11:27:25 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e6ef16f98c 
								
							 
						 
						
							
							
								
								Change X.509 verify flags to uint32_t  
							
							
							
						 
						
							2015-05-11 19:54:43 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								06939cebef 
								
							 
						 
						
							
							
								
								Fix order of ssl_conf vs ssl_setup in programs  
							
							... 
							
							
							
							Except ssl_phtread_server that will be done later 
							
						 
						
							2015-05-11 14:35:42 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								01e5e8c1f8 
								
							 
						 
						
							
							
								
								Change a few ssl_conf return types to void  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6729e79482 
								
							 
						 
						
							
							
								
								Rename ssl_set_xxx() to ssl_conf_xxx()  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								17a40cd255 
								
							 
						 
						
							
							
								
								Change ssl_own_cert to work on ssl_config  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1af6c8500b 
								
							 
						 
						
							
							
								
								Add ssl_set_hs_own_cert()  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								120fdbdb3d 
								
							 
						 
						
							
							
								
								Change ssl_set_psk() to act on ssl_config  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4b68296626 
								
							 
						 
						
							
							
								
								Use a specific function in the PSK callback  
							
							
							
						 
						
							2015-05-11 14:35:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								750e4d7769 
								
							 
						 
						
							
							
								
								Move ssl_set_rng() to act on config  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5cb3308e5f 
								
							 
						 
						
							
							
								
								Merge contexts for session cache  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ae31914990 
								
							 
						 
						
							
							
								
								Rename ssl_legacy_renegotiation() to ssl_set_...  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1028b74cff 
								
							 
						 
						
							
							
								
								Upgrade default DHM params size  
							
							
							
						 
						
							2015-05-11 12:33:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								8836994f6b 
								
							 
						 
						
							
							
								
								Move WANT_READ/WANT_WRITE codes to SSL  
							
							
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1b511f93c6 
								
							 
						 
						
							
							
								
								Rename ssl_set_bio_timeout() to set_bio()  
							
							... 
							
							
							
							Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway... 
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								97fd52c529 
								
							 
						 
						
							
							
								
								Split ssl_set_read_timeout() out of bio_timeout()  
							
							
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bc2b771af4 
								
							 
						 
						
							
							
								
								Move ssl_set_ca_chain() to work on config  
							
							
							
						 
						
							2015-05-11 12:33:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2b49445876 
								
							 
						 
						
							
							
								
								Move session ticket keys to conf  
							
							... 
							
							
							
							This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!! 
							
						 
						
							2015-05-07 10:19:13 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6bf89d6ad9 
								
							 
						 
						
							
							
								
								Move ssl_set_max_fragment_len to work on conf  
							
							
							
						 
						
							2015-05-07 10:19:13 +01:00