mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-07 13:22:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,791 Commits 172 Branches 267 Tags
Commit Graph

233 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
cdc26ae099 Add mbedtls_ssl_set_hs_authmode 
While at it, fix the following:
- on server with RSA_PSK, we don't want to set flags (client auth happens via
  the PSK, no cert is expected).
- use safer tests (eg == OPTIONAL vs != REQUIRED)
 2015-06-22 14:52:40 +02:00
Manuel Pégourié-Gonnard
12ad798c87 Rename ssl_session.length to id_len 2015-06-18 15:50:37 +02:00
Manuel Pégourié-Gonnard
b31c5f68b1 Add SSL presets. 
No need to use a separate profile as in X.509, everything we need is already
in ssl_config. Just load appropriate values.
 2015-06-17 14:59:27 +02:00
Manuel Pégourié-Gonnard
36a8b575a9 Create API for mbedtls_ssl_conf_sig_hashes(). 
Not implemented yet.
 2015-06-17 14:27:39 +02:00
Manuel Pégourié-Gonnard
27716cc1da Clarify a point in the documentation 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
b541da6ef3 Fix define for ssl_conf_curves() 
This is a security feature, it shouldn't be optional.
 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
6e3ee3ad43 Add mbedtls_ssl_conf_cert_profile() 2015-06-17 14:27:38 +02:00
Manuel Pégourié-Gonnard
bd990d6629 Add ssl_conf_dhm_min_bitlen() 2015-06-17 11:37:04 +02:00
Manuel Pégourié-Gonnard
1b1e65f541 Fix typos and other small issues in doc 2015-06-11 13:38:03 +02:00
Manuel Pégourié-Gonnard
77cfe177e1 Remove now-useless typedef in ssl.h 2015-06-02 11:18:35 +01:00
Manuel Pégourié-Gonnard
81abefd46c Fix typos/style in doxygen documentation 2015-05-29 12:53:47 +02:00
Manuel Pégourié-Gonnard
b48ef9cce9 Improve documentation about HelloVerifyRequest 2015-05-28 17:28:39 +02:00
Manuel Pégourié-Gonnard
398b206ff0 Update doc for ssl_conf_renegotiation 2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
6a8ca33fa5 Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED 2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
160e384360 Fix bad name choice 2015-05-27 20:27:06 +02:00
Manuel Pégourié-Gonnard
f7c2eebfcf Remove unused struct member in ssl_context 
Actually belongs to ssl_session
 2015-05-27 18:06:02 +02:00
Manuel Pégourié-Gonnard
065122cfe9 Move some defines to ssl_internal.h 2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
56273daea0 Move some includes to ssl_internal.h 
Also removed one from ssl.h and add it in programs where it belongs
 2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
cd4fcc6c8b Move some structures to ssl_internal.h 2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
5e94ddebbc Create ssl_internal.h and move some functions 2015-05-26 11:57:05 +02:00
Manuel Pégourié-Gonnard
e057d3bf6b Relax some dependencies 
- DTLS_HELLO_VERIFY no longer depends on SRV_C
- SSL_COOKIE_C no longer depends on DTLS_HELLO_VERIFY

Not that much work for us, and easier on users (esp. since it allows just
disabling SRV_C alone).
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b596abfdc0 Refine cli/srv ifdefs for session tickets 
- Only the server needs to generate/parse tickets
- Only the client needs to store them

Also adjust prototype of ssl_conf_session_tickets() while at it.
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
cf141ca7e7 Fix #ifdefs on ssl_cli.c or ssl_srv.c 
Nothing to do with the current branch except I'm going to refine such #ifdefs
for tickets next and I want to start from a clean state
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
0c0f11f4b3 Update dependencies & includes for session tickets 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
d59675d92c Move to callback for session tickets 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b0394bebdb Further adapt prototypes of ticket functions 
Moving everything in ticket_keys structure, that will soon become
ticket_context.
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
151dc77732 Fix some old names that remained 
- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me
 2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
66dc5555f0 mbedtls_ssl_conf_arc4_support() depends on ARC4_C 2015-05-14 12:31:10 +02:00
Manuel Pégourié-Gonnard
e391c8deda Doc tune-up 2015-05-13 20:34:24 +02:00
Manuel Pégourié-Gonnard
70860adccc SSL timers are no longer just for DTLS 
Also, clean up leftover temporary stuff... embarassing
 2015-05-13 10:25:28 +02:00
Manuel Pégourié-Gonnard
bbd28f7bcc Improve SSL doc about I/O and timeouts 2015-05-13 10:21:42 +02:00
Manuel Pégourié-Gonnard
2e01291739 Prepare the SSL modules for using timer callbacks 2015-05-13 09:43:39 +02:00
Manuel Pégourié-Gonnard
eecb43cf0b Manually merge doc fixes from 1.3 2015-05-12 12:56:41 +02:00
Manuel Pégourié-Gonnard
e6ef16f98c Change X.509 verify flags to uint32_t 2015-05-11 19:54:43 +02:00
Manuel Pégourié-Gonnard
06939cebef Fix order of ssl_conf vs ssl_setup in programs 
Except ssl_phtread_server that will be done later
 2015-05-11 14:35:42 +02:00
Manuel Pégourié-Gonnard
01e5e8c1f8 Change a few ssl_conf return types to void 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
6729e79482 Rename ssl_set_xxx() to ssl_conf_xxx() 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
22bfa4bb53 Add ssl_set_hs_ca_chain() 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1897af9e93 Make conf const inside ssl_context (finally) 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
17a40cd255 Change ssl_own_cert to work on ssl_config 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1af6c8500b Add ssl_set_hs_own_cert() 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
8f618a8e65 Rework ssl_set_own_cert() internals 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
120fdbdb3d Change ssl_set_psk() to act on ssl_config 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
4b68296626 Use a specific function in the PSK callback 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
750e4d7769 Move ssl_set_rng() to act on config 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
5cb3308e5f Merge contexts for session cache 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
ae31914990 Rename ssl_legacy_renegotiation() to ssl_set_... 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
662c6e8cdd Disable truncated HMAC by default 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
1028b74cff Upgrade default DHM params size 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
8836994f6b Move WANT_READ/WANT_WRITE codes to SSL 2015-05-11 12:33:26 +02:00