Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d6d1f410e6 
								
							 
						 
						
							
							
								
								Cleaner initialization (values did not matter, but were uninitialized)  
							
							
							
						 
						
							2014-07-08 18:28:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a2eabadb07 
								
							 
						 
						
							
							
								
								Actually increment the loop counter to quit in ssl_fork_server  
							
							
							
						 
						
							2014-07-08 18:28:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3914840d78 
								
							 
						 
						
							
							
								
								Cleaned up location of init and free for some programs to prevent memory  
							
							... 
							
							
							
							leaks on incorrect arguments 
							
						 
						
							2014-07-08 18:28:30 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								993f02cda0 
								
							 
						 
						
							
							
								
								Added return value checking for correctness in programs  
							
							
							
						 
						
							2014-07-08 18:28:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3cbaf1e379 
								
							 
						 
						
							
							
								
								Add ssl_close_notify() to servers that missed it  
							
							
							
						 
						
							2014-07-08 14:30:35 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								875548ce67 
								
							 
						 
						
							
							
								
								Disable renegotiation by default in example cli/srv  
							
							
							
						 
						
							2014-07-08 12:21:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								516eb623df 
								
							 
						 
						
							
							
								
								Make auth_mode=required the default in ssl_client2  
							
							
							
						 
						
							2014-07-08 11:13:15 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								44e8b23462 
								
							 
						 
						
							
							
								
								Fixed file descriptor leak in generic_sum  
							
							
							
						 
						
							2014-07-07 17:46:30 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								af0ccc8fa0 
								
							 
						 
						
							
							
								
								SMTP lines are officially terminated with CRLF, ssl_mail_client fixed  
							
							
							
						 
						
							2014-07-07 17:46:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0ed42d6159 
								
							 
						 
						
							
							
								
								Minor fixes to o_p_test.c (CMakeLists.txt and includes)  
							
							
							
						 
						
							2014-07-07 16:04:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								238be3a207 
								
							 
						 
						
							
							
								
								Removed dependency on unistd.h for MSVC in apps  
							
							
							
						 
						
							2014-07-07 16:01:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0748895b68 
								
							 
						 
						
							
							
								
								Explicit conversions to int from size_t for MSVC (64-bit) in apps  
							
							
							
						 
						
							2014-07-07 16:01:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								256a4afb57 
								
							 
						 
						
							
							
								
								Removed making commandline arguments case insensitive  
							
							
							
						 
						
							2014-07-07 15:54:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a91d41e7a4 
								
							 
						 
						
							
							
								
								Removed Windows auto-spawn client code  
							
							
							
						 
						
							2014-07-07 14:37:05 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b9f6d507dd 
								
							 
						 
						
							
							
								
								crypt_and_hash: check MAC earlier  
							
							
							
						 
						
							2014-07-07 14:35:02 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								79f1ff84ed 
								
							 
						 
						
							
							
								
								Make all hash checking in programs constant-time  
							
							
							
						 
						
							2014-07-07 14:07:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2a8c2881f4 
								
							 
						 
						
							
							
								
								Check HMAC in constant-time in crypt_and_hash  
							
							
							
						 
						
							2014-07-07 14:06:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								43f9799ce6 
								
							 
						 
						
							
							
								
								RSA blinding on CRT operations to counter timing attacks  
							
							
							
						 
						
							2013-09-23 11:23:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								e0225e4d7f 
								
							 
						 
						
							
							
								
								Fixed const correctness issues in programs and tests  
							
							
							
						 
						
							2013-06-06 12:58:12 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8fe40dcd7d 
								
							 
						 
						
							
							
								
								Allow enabling of dummy error_strerror() to support some use-cases  
							
							... 
							
							
							
							Enable a dummy error function to make use of error_strerror() in
third party libraries easier.
Disable if you run into name conflicts and want to really remove the
error_strerror() 
							
						 
						
							2013-02-02 12:43:08 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								91ebfb5272 
								
							 
						 
						
							
							
								
								Made auth_mode as an command line option  
							
							
							
						 
						
							2012-11-23 14:04:08 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f9d02dc90 
								
							 
						 
						
							
							
								
								Added more notes / comments on own_cert, trust_ca purposes  
							
							
							
						 
						
							2012-11-20 10:30:55 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								25338d74ac 
								
							 
						 
						
							
							
								
								Added proper gitignores for Linux CMake use  
							
							
							
						 
						
							2012-11-18 22:56:39 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								90f309ffe7 
								
							 
						 
						
							
							
								
								Added proper gitignores for linux compilation  
							
							
							
						 
						
							2012-11-17 00:04:49 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								75242c30fb 
								
							 
						 
						
							
							
								
								Added checking of CA peer cert to ssl_client1 as sane default  
							
							
							
						 
						
							2012-11-17 00:03:46 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								580153573b 
								
							 
						 
						
							
							
								
								- Do not free uninitialized ssl context  
							
							
							
						 
						
							2012-11-14 12:15:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								645ce3a2b4 
								
							 
						 
						
							
							
								
								- Moved ciphersuite naming scheme to IANA reserved names  
							
							
							
						 
						
							2012-10-31 12:32:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b0550d90c9 
								
							 
						 
						
							
							
								
								- Added ssl_get_peer_cert() to SSL API  
							
							
							
						 
						
							2012-10-30 07:51:03 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								21654f392e 
								
							 
						 
						
							
							
								
								- Smaller default values  
							
							
							
						 
						
							2012-10-24 14:29:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								520ea911f6 
								
							 
						 
						
							
							
								
								- Fixed to support 4096 bit DHM params as well  
							
							
							
						 
						
							2012-10-24 14:17:01 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								f1ab0ec1ff 
								
							 
						 
						
							
							
								
								- Changed default compiler flags to include -O2  
							
							
							
						 
						
							2012-10-23 12:12:53 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1d56958963 
								
							 
						 
						
							
							
								
								- Updated examples to use appropriate sizes for larger RSA keys (up to 16k)  
							
							
							
						 
						
							2012-10-03 20:35:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3ad34d4110 
								
							 
						 
						
							
							
								
								- Added key_app_writer to CMakeLists.txt  
							
							
							
						 
						
							2012-10-03 20:34:37 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3fad7b3fdd 
								
							 
						 
						
							
							
								
								- Changed saved value to RCF 3526 2048 MODP group  
							
							
							
						 
						
							2012-10-03 19:50:54 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5da01caa50 
								
							 
						 
						
							
							
								
								- Added warning about example use  
							
							
							
						 
						
							2012-10-03 19:48:33 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1d29fb5e33 
								
							 
						 
						
							
							
								
								- Added option to add minimum accepted SSL/TLS protocol version  
							
							
							
						 
						
							2012-09-28 13:28:45 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5d19f86fdd 
								
							 
						 
						
							
							
								
								- Added comment  
							
							
							
						 
						
							2012-09-28 07:33:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								cbbd9998da 
								
							 
						 
						
							
							
								
								- SSL/TLS now has default group  
							
							
							
						 
						
							2012-09-28 07:32:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								915275ba78 
								
							 
						 
						
							
							
								
								- Revamped x509_verify() and the SSL f_vrfy callback implementations  
							
							
							
						 
						
							2012-09-28 07:10:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								819370c7b7 
								
							 
						 
						
							
							
								
								- Removed lowercasing of parameters  
							
							
							
						 
						
							2012-09-28 07:04:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5ef9db2ae3 
								
							 
						 
						
							
							
								
								- Added rsa_check_privkey() check to rsa_sign  
							
							
							
						 
						
							2012-09-27 13:19:22 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								db2509c9cd 
								
							 
						 
						
							
							
								
								- Added password and password_file options for reading private keys  
							
							
							
						 
						
							2012-09-27 12:44:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d43241060b 
								
							 
						 
						
							
							
								
								- Removed clutter from my_dhm values  
							
							
							
						 
						
							2012-09-26 08:29:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0a59707523 
								
							 
						 
						
							
							
								
								- Added simple SSL session cache implementation  
							
							... 
							
							
							
							- Revamped session resumption handling 
							
						 
						
							2012-09-25 21:55:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								4811b56524 
								
							 
						 
						
							
							
								
								- Added util/CMakelists.txt  
							
							
							
						 
						
							2012-09-25 11:45:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								29b64761fd 
								
							 
						 
						
							
							
								
								- Added predefined DHM groups from RFC 5114  
							
							
							
						 
						
							2012-09-25 09:36:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b60b95fd7f 
								
							 
						 
						
							
							
								
								- Added first version of ssl_server2 example application  
							
							
							
						 
						
							2012-09-25 09:05:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0f409a1911 
								
							 
						 
						
							
							
								
								- Added missing subdirectory line for util  
							
							
							
						 
						
							2012-09-25 08:19:18 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d0f6fa7bdc 
								
							 
						 
						
							
							
								
								- Sending of handshake_failures during renegotiation added  
							
							... 
							
							
							
							- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION 
							
						 
						
							2012-09-17 09:18:12 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								48916f9b67 
								
							 
						 
						
							
							
								
								- Added Secure Renegotiation (RFC 5746)  
							
							
							
						 
						
							2012-09-16 19:57:18 +00:00