Janos Follath 
							
						 
						
							
							
							
							
								
							
							
								fe049db8ef 
								
							 
						 
						
							
							
								
								Fix issue  #429  in ssl_fork_server.c  
							
							
							
						 
						
							2016-04-29 00:12:19 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								d3138c35c6 
								
							 
						 
						
							
							
								
								Fixes SSL sample apps for non-default configs  
							
							... 
							
							
							
							Fixes the SSL sample applications to build for the non-default configs
which don't build if MBEDTLS_PLATFORM_C isn't defined. 
							
						 
						
							2016-04-27 01:26:50 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								SimonB 
							
						 
						
							
							
							
							
								
							
							
								d5800b7761 
								
							 
						 
						
							
							
								
								Abstracts away time()/stdlib.h into platform  
							
							... 
							
							
							
							Substitutes time() into a configurable platform interface to allow it to be
easily substituted. 
							
						 
						
							2016-04-26 14:49:59 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								90ab4a45b5 
								
							 
						 
						
							
							
								
								Fix Unix detection in mini_client  
							
							... 
							
							
							
							fixes  #398  
						
							2016-03-09 19:32:08 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fadacb9d0b 
								
							 
						 
						
							
							
								
								Merge branch 'development' into iotssl-461-ecjpake-finalization  
							
							... 
							
							
							
							* development: (73 commits)
  Bump yotta dependencies version
  Fix typo in documentation
  Corrected misleading fn description in ssl_cache.h
  Corrected URL/reference to MPI library
  Fix yotta dependencies
  Fix minor spelling mistake in programs/pkey/gen_key.c
  Bump version to 2.1.2
  Fix CVE number in ChangeLog
  Add 'inline' workaround where needed
  Fix references to non-standard SIZE_T_MAX
  Fix yotta version dependencies again
  Upgrade yotta dependency versions
  Fix compile error in net.c with musl libc
  Add missing warning in doc
  Remove inline workaround when not useful
  Fix macroization of inline in C++
  Changed attribution for Guido Vranken
  Merge of IOTSSL-476 - Random malloc in pem_read()
  Fix for IOTSSL-473 Double free error
  Fix potential overflow in CertificateRequest
  ...
Conflicts:
	include/mbedtls/ssl_internal.h
	library/ssl_cli.c 
							
						 
						
							2015-10-20 15:00:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								70905a7855 
								
							 
						 
						
							
							
								
								Add ecjpake_pw option to ssl_client2/server2  
							
							
							
						 
						
							2015-09-16 22:58:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								22311ae62e 
								
							 
						 
						
							
							
								
								Improve help message of ssl_*2.c  
							
							
							
						 
						
							2015-09-09 11:22:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3f09b6d4c2 
								
							 
						 
						
							
							
								
								Fix API  
							
							
							
						 
						
							2015-09-08 11:58:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								dbd23079d0 
								
							 
						 
						
							
							
								
								Add option reconnect_hard to ssl_client2  
							
							... 
							
							
							
							- interrupt the connection abruptly (no close_notify)
- reconnect from the same port while server sill has an active connection from
  this port.
Some real-world clients do that, see section 4.2.8 of RFC 6347. 
							
						 
						
							2015-09-08 10:39:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								37ff14062e 
								
							 
						 
						
							
							
								
								Change main license to Apache 2.0  
							
							
							
						 
						
							2015-09-04 14:21:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Simon Butcher 
							
						 
						
							
							
							
							
								
							
							
								ed51594337 
								
							 
						 
						
							
							
								
								Merge pull request  #265  from ARMmbed/iotssl-460-bugfixes  
							
							... 
							
							
							
							Iotssl 460 bugfixes 
							
						 
						
							2015-09-02 23:36:36 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a2cda6bfaf 
								
							 
						 
						
							
							
								
								Add mbedtls_ssl_get_max_frag_len()  
							
							... 
							
							
							
							This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing. 
							
						 
						
							2015-08-31 20:47:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ea35666f50 
								
							 
						 
						
							
							
								
								Fix -Wshadow warnings  
							
							... 
							
							
							
							Checked that it is supported by gcc 4.2.1 (FreeBSD 9).
fixes  #240  
							
						 
						
							2015-08-31 10:34:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6fb8187279 
								
							 
						 
						
							
							
								
								Update date in copyright line  
							
							
							
						 
						
							2015-07-28 17:11:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6755717f18 
								
							 
						 
						
							
							
								
								Fix stupid typo in ssl_server2.c  
							
							
							
						 
						
							2015-07-02 11:15:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								046589e424 
								
							 
						 
						
							
							
								
								Rm obsolete defines for snprintf in programs  
							
							... 
							
							
							
							Now centralized in the platform layer 
							
						 
						
							2015-07-01 17:26:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9de64f5af1 
								
							 
						 
						
							
							
								
								Fix MSVC warnings in library and programs  
							
							
							
						 
						
							2015-07-01 16:56:08 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								052f28853b 
								
							 
						 
						
							
							
								
								Cosmetics in debug in ssl_{client,server}2.c  
							
							... 
							
							
							
							Print only the basename from the file, and print level too. 
							
						 
						
							2015-07-01 12:01:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								abc729e664 
								
							 
						 
						
							
							
								
								Simplify net_accept() with UDP sockets  
							
							... 
							
							
							
							This is made possible by the new API where net_accept() gets a pointer to
bind_ctx, so it can update it. 
							
						 
						
							2015-07-01 01:28:24 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3d7d00ad23 
								
							 
						 
						
							
							
								
								Rename mbedtls_net_close() to mbedtls_net_free()  
							
							... 
							
							
							
							close() may be more meaningful, but free() is symmetric with _init(), and more
consistent with all other modules 
							
						 
						
							2015-06-30 16:50:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5db64328ab 
								
							 
						 
						
							
							
								
								Adapt programs to the new NET API  
							
							
							
						 
						
							2015-06-30 16:48:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								1c5b9fc19f 
								
							 
						 
						
							
							
								
								Avoid truncating peer cert info in ssl_server2  
							
							
							
						 
						
							2015-06-27 14:38:51 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								216a1831de 
								
							 
						 
						
							
							
								
								Fix whitespace in CMakeLists.txt  
							
							... 
							
							
							
							- all spaces no tabs
- indent with 4 spaces everywhere 
							
						 
						
							2015-06-25 10:59:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								61ee351af4 
								
							 
						 
						
							
							
								
								Adapt programs to the new debug API  
							
							
							
						 
						
							2015-06-23 23:30:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c0d749418b 
								
							 
						 
						
							
							
								
								Make 'port' a string in NET module  
							
							... 
							
							
							
							- avoids dependency on snprintf
- allows using "smtps" instead of "456" if desired 
							
						 
						
							2015-06-23 13:09:11 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6ea831dcf4 
								
							 
						 
						
							
							
								
								Add tests for mbedtls_set_hs_ca_chain()  
							
							
							
						 
						
							2015-06-22 17:30:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								4d6f178376 
								
							 
						 
						
							
							
								
								Add support for SNI CA and authmode in ssl_server2  
							
							
							
						 
						
							2015-06-22 14:52:40 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b31c5f68b1 
								
							 
						 
						
							
							
								
								Add SSL presets.  
							
							... 
							
							
							
							No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values. 
							
						 
						
							2015-06-17 14:59:27 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9096682352 
								
							 
						 
						
							
							
								
								Add dhmlen option in ssl_client2.c  
							
							
							
						 
						
							2015-06-17 11:37:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								bf27eaac79 
								
							 
						 
						
							
							
								
								Fix help string in ssl_client2.c  
							
							
							
						 
						
							2015-06-12 11:22:02 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ba56136b5c 
								
							 
						 
						
							
							
								
								Avoid in-out length in base64  
							
							
							
						 
						
							2015-06-02 16:30:35 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7551cb9ee9 
								
							 
						 
						
							
							
								
								Replace malloc with calloc  
							
							... 
							
							
							
							- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too 
							
						 
						
							2015-05-26 16:04:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								56273daea0 
								
							 
						 
						
							
							
								
								Move some includes to ssl_internal.h  
							
							... 
							
							
							
							Also removed one from ssl.h and add it in programs where it belongs 
							
						 
						
							2015-05-26 15:01:37 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a0adc1bbe4 
								
							 
						 
						
							
							
								
								Make cipher used in ssl tickets configurable  
							
							
							
						 
						
							2015-05-25 10:35:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b596abfdc0 
								
							 
						 
						
							
							
								
								Refine cli/srv ifdefs for session tickets  
							
							... 
							
							
							
							- Only the server needs to generate/parse tickets
- Only the client needs to store them
Also adjust prototype of ssl_conf_session_tickets() while at it. 
							
						 
						
							2015-05-20 11:14:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d59675d92c 
								
							 
						 
						
							
							
								
								Move to callback for session tickets  
							
							
							
						 
						
							2015-05-20 11:14:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								53ebe138c6 
								
							 
						 
						
							
							
								
								Fix copyright lines still mentioning Brainspark  
							
							
							
						 
						
							2015-05-15 12:01:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0b104b056b 
								
							 
						 
						
							
							
								
								Adapt prototype of net_accept() for explicit size  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d4f04dba42 
								
							 
						 
						
							
							
								
								net.c now depends on select() unconditionally  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a63bc94a2d 
								
							 
						 
						
							
							
								
								Remove timing_m_sleep() -> net_usleep()  
							
							
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								151dc77732 
								
							 
						 
						
							
							
								
								Fix some old names that remained  
							
							... 
							
							
							
							- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me 
							
						 
						
							2015-05-14 21:58:34 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								66dc5555f0 
								
							 
						 
						
							
							
								
								mbedtls_ssl_conf_arc4_support() depends on ARC4_C  
							
							
							
						 
						
							2015-05-14 12:31:10 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d2377e7e78 
								
							 
						 
						
							
							
								
								ssl_client/server2 shouln't depend on timing.c  
							
							... 
							
							
							
							Would break test-ref-configs.pl. 
							
						 
						
							2015-05-13 13:58:56 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e3c41ad8a4 
								
							 
						 
						
							
							
								
								Use the new timer callback API in programs  
							
							
							
						 
						
							2015-05-13 10:04:32 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								db1cc76091 
								
							 
						 
						
							
							
								
								Fix depend issue in program/ssl/ssl_*2.c  
							
							
							
						 
						
							2015-05-12 11:27:25 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e6ef16f98c 
								
							 
						 
						
							
							
								
								Change X.509 verify flags to uint32_t  
							
							
							
						 
						
							2015-05-11 19:54:43 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								159c82ecc6 
								
							 
						 
						
							
							
								
								Fix ssl_set_hostname usage (duplication, ifdef)  
							
							
							
						 
						
							2015-05-11 17:59:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								55fab2de5d 
								
							 
						 
						
							
							
								
								Fix a few more #ifdef's  
							
							
							
						 
						
							2015-05-11 17:54:38 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								30eceb766a 
								
							 
						 
						
							
							
								
								Fix warning in ssl_pthread_server  
							
							... 
							
							
							
							GCC 4.9 with ASan + UBSan on OS X complains that we were casting to int from a
wider integer type. Anyway, this cast is totally non-portable (pthread_t could
even be structure), switching to long gets rid of the warning... 
							
						 
						
							2015-05-11 14:42:56 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fd862b14c5 
								
							 
						 
						
							
							
								
								Fix typos in mini_client.c  
							
							
							
						 
						
							2015-05-11 14:35:42 +02:00