TrustedFirmware Git Browser
Code Review
Sign In
review.trustedfirmware.org
/
mirror
/
mbed-tls.git
/
2a0cd5a031acdba55a6178abff210df175eaabc8
/
library
/
ssl_tls.c
02f2609
Introduce configuration option and API for SSL record checking
by Hanno Becker
· 6 years ago
cdb83e7
Merge pull request #616 from mpg/context-s11n
by Manuel Pégourié-Gonnard
· 6 years ago
69a3e41
Improve reability and debugability of large if
by Manuel Pégourié-Gonnard
· 6 years ago
18332c5
Improve getter for renegotiation enabled
by Manuel Pégourié-Gonnard
· 6 years ago
b3bb31b
Introduce getter function for disable_renego
by Manuel Pégourié-Gonnard
· 6 years ago
14e2a8a
Fix a typo in a comment
by Manuel Pégourié-Gonnard
· 6 years ago
42a6b04
Don't forget about pending alerts after ssl_get_next_record()
by Hanno Becker
· 6 years ago
b82350b
Introduce helper function to send pending fatal alerts
by Hanno Becker
· 6 years ago
c8f5299
Rename pend_alert_msg -> pending_fatal_alert_msg
by Hanno Becker
· 6 years ago
2e8d133
Reintroduce return code checking when sending NoRenego alert
by Hanno Becker
· 6 years ago
3caf718
Remove field to store level of pending alert
by Hanno Becker
· 6 years ago
de62da9
Use separate functions to pend fatal and non-fatal alerts
by Hanno Becker
· 6 years ago
1facd55
Replace xxx_send_alert by xxx_pend_alert to save code
by Hanno Becker
· 6 years ago
f46e1ce
Introduce SSL helper function to mark pending alerts
by Hanno Becker
· 6 years ago
7af7375
Fix MSVC warning
by Manuel Pégourié-Gonnard
· 6 years ago
2cc9223
Fix compile error in reduced configurations
by Manuel Pégourié-Gonnard
· 6 years ago
3b014fc
Merge remote-tracking branch 'origin/pr/604' into baremetal
by Simon Butcher
· 6 years ago
7ce9446
Avoid duplication of session format header
by Manuel Pégourié-Gonnard
· 6 years ago
a7cd483
Implement config-checking header to context s11n
by Manuel Pégourié-Gonnard
· 6 years ago
4c1d06e
Provide serialisation API only if it's enabled
by Manuel Pégourié-Gonnard
· 6 years ago
73a4636
Adapt to hardcoded single version
by Manuel Pégourié-Gonnard
· 6 years ago
2f3fa62
Fix compiler warning: comparing signed to unsigned
by Manuel Pégourié-Gonnard
· 6 years ago
bc847ca
Actually reset the context on save as advertised
by Manuel Pégourié-Gonnard
· 6 years ago
ff22200
Re-use buffer allocated by handshake_init()
by Manuel Pégourié-Gonnard
· 6 years ago
138079d
Add setting of forced fields when deserializing
by Manuel Pégourié-Gonnard
· 6 years ago
16d1485
Add saved fields from top-level structure
by Manuel Pégourié-Gonnard
· 6 years ago
322f3c7
Add transform (de)serialization
by Manuel Pégourié-Gonnard
· 6 years ago
8175816
Fix English in comments
by Manuel Pégourié-Gonnard
· 6 years ago
f1f3e52
Add session saving/loading
by Manuel Pégourié-Gonnard
· 6 years ago
d0dd104
Add (stub) header writing and checking
by Manuel Pégourié-Gonnard
· 6 years ago
5e534ba
Add usage checks in context_load()
by Manuel Pégourié-Gonnard
· 6 years ago
b6163ef
Document internal serialisation format
by Manuel Pégourié-Gonnard
· 6 years ago
569ed6b
Implement usage checks in context_save()
by Manuel Pégourié-Gonnard
· 6 years ago
a3024ee
Save Hello random bytes for later use
by Manuel Pégourié-Gonnard
· 6 years ago
95d1b93
Don't reset timer during mbedtls_ssl_setup()
by Hanno Becker
· 6 years ago
56595f4
Allow hardcoding single signature hash at compile-time
by Hanno Becker
· 6 years ago
f1bc9e1
Introduce helper functions to traverse signature hashes
by Hanno Becker
· 6 years ago
627fbee
Don't offer SHA-1 in CertificateRequest message in TLS 1.2
by Hanno Becker
· 6 years ago
0a64170
Remove redundant check in mbedtls_ssl_set_calc_verify_md()
by Hanno Becker
· 6 years ago
feb1cee
Merge remote-tracking branch 'origin/pr/602' into baremetal
by Simon Butcher
· 6 years ago
c1096e7
Allow hardcoding single supported elliptic curve
by Hanno Becker
· 6 years ago
ee24f8c
Remove unnecessary check for presence of supported EC list
by Hanno Becker
· 6 years ago
a4a9c69
Introduce helper macro for traversal of supported EC TLS IDs
by Hanno Becker
· 6 years ago
33b9b25
Remove SSL version configuration API if versions are hardcoded
by Hanno Becker
· 6 years ago
0a92b81
Remove mbedtls_ssl_transform::minor_ver if the version is hardcoded
by Hanno Becker
· 6 years ago
7b628e5
Make mbedtls_ssl_read/write_version static inline
by Hanno Becker
· 6 years ago
2881d80
Introduce getter function for max/min SSL version
by Hanno Becker
· 6 years ago
e965bd3
Allow hardcoding of min/max minor/major SSL version at compile-time
by Hanno Becker
· 6 years ago
fabfb85
Merge remote-tracking branch 'origin/pr/603' into baremetal
by Simon Butcher
· 6 years ago
14a4a44
Remove mbedtls_ssl_conf_dbg() if !MBEDTLS_DEBUG_C
by Hanno Becker
· 6 years ago
272063a
Don't store debug func ptr cb + ctx in SSL config if !DEBUG_C
by Hanno Becker
· 6 years ago
73f4cb1
Rename XXX_SINGLE_CIPHERSUITE -> XXX_CONF_SINGLE_CIPHERSUITE
by Hanno Becker
· 6 years ago
e02758c
Remove ciphersuite from SSL session if single suite hardcoded
by Hanno Becker
· 6 years ago
6ace465
Remove ciphersuite from SSL config if single suite hardcoded
by Hanno Becker
· 6 years ago
df64596
Remove ciphersuite from handshake params if single suite hardcoded
by Hanno Becker
· 6 years ago
473f98f
Introduce ciphersuite handle type
by Hanno Becker
· 6 years ago
5455afd
Merge pull request #599 from ARMmbed/baremetal-ec-preparation
by Manuel Pégourié-Gonnard
· 6 years ago
d3b2fcb
Don't store client-supported ECs in heap-allocated buffer
by Hanno Becker
· 6 years ago
0ae6b24
Allow compile-time configuration of timer callbacks
by Hanno Becker
· 6 years ago
a58a896
Allow compile-time configuration of I/O function pointers
by Hanno Becker
· 6 years ago
ece325c
Allow compile-time configuration of PRNG in SSL module
by Hanno Becker
· 6 years ago
b391766
Fix unused variable that happened during merge
by Manuel Pégourié-Gonnard
· 6 years ago
de8869c
Merge remote-tracking branch 'restricted/pr/608' into baremetal-proposed
by Manuel Pégourié-Gonnard
· 6 years ago
44ba6b0
Merge remote-tracking branch 'restricted/pr/594' into baremetal-proposed
by Manuel Pégourié-Gonnard
· 6 years ago
37261e6
Merge remote-tracking branch 'restricted/pr/601' into baremetal-proposed
by Manuel Pégourié-Gonnard
· 6 years ago
417d2ce
Merge remote-tracking branch 'restricted/pr/584' into baremetal-proposed
by Manuel Pégourié-Gonnard
· 6 years ago
c2cfdaa
Allow config'n of incl of CertificateReq CA list Y/N at compile-time
by Hanno Becker
· 6 years ago
2d9623f
Allow configuration of endpoint (cli/srv) at compile-time
by Hanno Becker
· 6 years ago
1f835fa
Allow configuration of read timeouts at compile-time
by Hanno Becker
· 6 years ago
e0200da
Allow configuration of ConnectionID at compile-time
by Hanno Becker
· 6 years ago
b0b2b67
Allow compile-time configuration of legacy renegotiation
by Hanno Becker
· 6 years ago
acd4fc0
Allow compile-time configuration of authentication mode
by Hanno Becker
· 6 years ago
de67154
Allow compile-time configuration of DTLS badmac limit
by Hanno Becker
· 6 years ago
7b80c64
Fix compile-time guard for optional field in struct
by Manuel Pégourié-Gonnard
· 6 years ago
29f2dd0
Address review comments
by Jarno Lamsa
· 6 years ago
59bd12b
Add new config MBEDTLS_SSL_SESSION_RESUMPTION
by Jarno Lamsa
· 6 years ago
7be1406
Add config MBEDTLS_SSL_SESSION_CACHE
by Jarno Lamsa
· 6 years ago
abd929c
Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19
by Hanno Becker
· 6 years ago
2224ccf
Don't use assertion for failures of mbedtls_x509_crt_x_acquire()
by Hanno Becker
· 6 years ago
c6d1c3e
Remove frame/pk parameter from mbedtls_x509_crt_xxx_release()
by Hanno Becker
· 6 years ago
8c13ee6
Make use of CRT acquire/release in ssl_parse_certificate_verify()
by Hanno Becker
· 6 years ago
7f376f4
Allow compile-time configuration of DTLS anti replay
by Hanno Becker
· 6 years ago
f765ce6
Remove ExtendedMS configuration API if hardcoded at compile-time
by Hanno Becker
· 6 years ago
a49ec56
Introduce getter function for `extended_ms` field in HS struct
by Hanno Becker
· 6 years ago
aabbb58
Exemplify harcoding SSL config at compile-time in example of ExtMS
by Hanno Becker
· 6 years ago
393338c
Merge pull request #586 from ARMmbed/remove_peer_crt_after_handshake_no_digest-baremetal
by Manuel Pégourié-Gonnard
· 6 years ago
79cf74a
Merge pull request #583 from ARMmbed/remove_peer_crt_after_handshake-baremetal
by Manuel Pégourié-Gonnard
· 6 years ago
cc3b7cc
Merge pull request #579 from Patater/bm-dont-use-non-existent-encrypt-then-mac
by Manuel Pégourié-Gonnard
· 6 years ago
7f132cc
Merge remote-tracking branch 'origin/pr/2714' into mbedtls-2.16
by Jaeden Amero
· 6 years ago
16529b2
ssl_tls: Enable Suite B with subset of ECP curves
by Jaeden Amero
· 6 years ago
5882dd0
Remove CRT digest from SSL session if !RENEGO + !KEEP_PEER_CERT
by Hanno Becker
· 6 years ago
0528f82
Clarify documentation of serialized session format
by Hanno Becker
· 6 years ago
17daaa5
Move return statement in ssl_srv_check_client_no_crt_notification
by Hanno Becker
· 6 years ago
2326d20
Validate consistency of certificate hash type and length in session
by Hanno Becker
· 6 years ago
fd5dc8a
Fix unused variable warning in ssl_parse_certificate_coordinate()
by Hanno Becker
· 6 years ago
42de8f8
Fix typo in documentation of ssl_parse_certificate_chain()
by Hanno Becker
· 6 years ago
9d64b78
Set peer CRT length only after successful allocation
by Hanno Becker
· 6 years ago
257ef65
Remove question in comment about verify flags on cli vs. server
by Hanno Becker
· 6 years ago
34106f6
Free peer CRT chain immediately after verifying it
by Hanno Becker
· 6 years ago
0cc7af5
Parse peer's CRT chain in-place from the input buffer
by Hanno Becker
· 6 years ago
Next »