TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 7afdb88216957dae57e80c0c255b3638b52fae17 / library / ssl_tls.c
  1. 77f4f39 Make sure no random pointer occur during failed malloc()'s by Paul Bakker · 11 years ago
  2. 91c61bc Further tightened the padlen check to prevent underflow / overflow by Paul Bakker · 11 years ago
  3. b2bf5a1 Fix possible buffer overflow with PSK by Manuel Pégourié-Gonnard · 11 years ago
  4. 3d6504a ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr by Paul Bakker · 11 years ago
  5. 83cdffc Forbid sequence number wrapping by Manuel Pégourié-Gonnard · 11 years ago
  6. 796c6f3 Countermeasure against "triple handshake" attack by Manuel Pégourié-Gonnard · 11 years ago
  7. 7dc4c44 Library files moved to use platform layer by Paul Bakker · 12 years ago
  8. ab24010 Enforce our choice of allowed curves. by Manuel Pégourié-Gonnard · 11 years ago
  9. 7f38ed0 ssl_set_curves is no longer ECDHE only by Manuel Pégourié-Gonnard · 11 years ago
  10. ac71941 Renamings and other fixes by Manuel Pégourié-Gonnard · 11 years ago
  11. e40c469 The default ECDH curve list will be dynamically built in the ecp module based on ecp_supported_curves[]. by Gergely Budai · 12 years ago
  12. de05390 Rename ecdh_curve_list to curve_list by Manuel Pégourié-Gonnard · 11 years ago
  13. 5de2580 Make ssl_set_ecdh_curves() a compile-time option by Manuel Pégourié-Gonnard · 12 years ago
  14. 987bfb5 Added the possibility to define the allowed curves for ECDHE handshake. It also defines the preference of the curves. by Gergely Budai · 12 years ago
  15. 7c59363 Remove a few dead stores by Manuel Pégourié-Gonnard · 12 years ago
  16. 7cfdcb8 Add a length check in ssl_derive_keys() by Manuel Pégourié-Gonnard · 12 years ago
  17. 6992eb7 Fixed potential overflow in certificate size in ssl_write_certificate() by Paul Bakker · 12 years ago
  18. 956c9e0 Reduced the input / output overhead with 200+ bytes and covered corner case by Paul Bakker · 12 years ago
  19. 1e5369c Variables in proper block or within proper defines in ssl_decrypt_buf() by Paul Bakker · 12 years ago
  20. fdf9469 Merged support for ECDH-RSA / ECDH-ECDSA key exchanges and ciphersuites by Paul Bakker · 12 years ago
  21. 77e257e Fixed bad check for maximum size of fragment length index by Paul Bakker · 12 years ago
  22. 6f0636a Potential memory leak in ssl_ticket_keys_init() by Paul Bakker · 12 years ago
  23. d18cc57 Add client-side support for ECDH key exchanges by Manuel Pégourié-Gonnard · 12 years ago
  24. c72ac7c Fix SSLv3 handling of SHA-384 suites by Manuel Pégourié-Gonnard · 12 years ago
  25. dc953e8 Add missing defines/cases for RSA_PSK key exchange by Manuel Pégourié-Gonnard · 12 years ago
  26. 08b028f Prevent unlikely NULL dereference by Paul Bakker · 12 years ago
  27. 0333b97 Handshake key_cert should be set on first addition to the key_cert chain by Paul Bakker · 12 years ago
  28. 993e386 Merged renegotiation refactoring by Paul Bakker · 12 years ago
  29. 37ce0ff Added defines around renegotiation code for SSL_SRV and SSL_CLI by Paul Bakker · 12 years ago
  30. 31ff1d2 Safer buffer comparisons in the SSL modules by Manuel Pégourié-Gonnard · 12 years ago
  31. 6d8404d Server: enforce renegotiation by Manuel Pégourié-Gonnard · 12 years ago
  32. 9c1e189 Move some code around, improve documentation by Manuel Pégourié-Gonnard · 12 years ago
  33. 214eed3 Make ssl_renegotiate the only interface by Manuel Pégourié-Gonnard · 12 years ago
  34. caed054 Allow ssl_renegotiate() to be called in a loop by Manuel Pégourié-Gonnard · 12 years ago
  35. e5e1bb9 Fix misplaced initialisation by Manuel Pégourié-Gonnard · 12 years ago
  36. f3dc2f6 Add code for testing server-initiated renegotiation by Manuel Pégourié-Gonnard · 12 years ago
  37. 6edcd41 Addition conditions for UEFI environment under MSVC by Paul Bakker · 12 years ago
  38. fa6a620 Defines for UEFI environment under MSVC added by Paul Bakker · 12 years ago
  39. a8a25ae Fix bad error codes by Manuel Pégourié-Gonnard · 12 years ago
  40. 7109624 Skip MAC computation/check when GCM is used by Manuel Pégourié-Gonnard · 12 years ago
  41. 8866591 Don't special-case NULL cipher in ssl_tls.c by Manuel Pégourié-Gonnard · 12 years ago
  42. 126a66f Simplify switching on mode in ssl_tls.c by Manuel Pégourié-Gonnard · 12 years ago
  43. 8d01eea Add Camellia-GCM ciphersuites by Manuel Pégourié-Gonnard · 12 years ago
  44. f34673e Merged RSA-PSK key-exchange and ciphersuites by Paul Bakker · 12 years ago
  45. 376e815 Merged ECDHE-PSK ciphersuites by Paul Bakker · 12 years ago
  46. 8a3c64d Fix and simplify *-PSK ifdef's by Manuel Pégourié-Gonnard · 12 years ago
  47. 0fae60b Implement RSA-PSK key exchange by Manuel Pégourié-Gonnard · 12 years ago
  48. b9cfaa0 Explicit conversions and minor changes to prevent MSVC compiler warnings by Paul Bakker · 12 years ago
  49. 1b62c7f Fix dependencies and related issues by Manuel Pégourié-Gonnard · 12 years ago
  50. bd1ae24 Factor PSK pms computation to ssl_tls.c by Manuel Pégourié-Gonnard · 12 years ago
  51. 3ce3bbd Add support for ECDHE_PSK key exchange by Manuel Pégourié-Gonnard · 12 years ago
  52. beccd9f Explicit void pointer cast for buggy MS compiler by Paul Bakker · 12 years ago
  53. 1677033 TLS compression only allocates working buffer once by Paul Bakker · 12 years ago
  54. ca9c87e Removed possible cache-timing difference for pad check by Paul Bakker · 12 years ago
  55. 8372454 Rework SNI to fix memory issues by Manuel Pégourié-Gonnard · 12 years ago
  56. 705fcca Adapt support for SNI to recent changes by Manuel Pégourié-Gonnard · 12 years ago
  57. d09453c Check our ECDSA cert(s) against supported curves by Manuel Pégourié-Gonnard · 12 years ago
  58. f71e587 Fix memory leak in ssl cipher usage by Manuel Pégourié-Gonnard · 12 years ago
  59. 3ebb2cd Add support for multiple server certificates by Manuel Pégourié-Gonnard · 12 years ago
  60. 834ea85 Change internal structs for multi-cert support by Manuel Pégourié-Gonnard · 12 years ago
  61. 1a48383 SSL_TLS doesn't depend on PK any more by Manuel Pégourié-Gonnard · 12 years ago
  62. 5ad403f Prepared for 1.3.0 RC0 by Paul Bakker · 12 years ago polarssl-1.3.0-rc0
  63. 6db455e PSK callback added to SSL server by Paul Bakker · 12 years ago
  64. a310459 Fix a few things that broke with RSA compiled out by Manuel Pégourié-Gonnard · 12 years ago
  65. b6b0956 Rm of memset instead of x509_crt_init() by Paul Bakker · 12 years ago
  66. c559c7a Renamed x509_cert structure to x509_crt for consistency by Paul Bakker · 12 years ago
  67. ddf26b4 Renamed x509parse_* functions to new form by Paul Bakker · 12 years ago
  68. 7c6b2c3 Split up X509 files into smaller modules by Paul Bakker · 12 years ago
  69. 2292d1f Fixed warnings in case POLARSSL_X509_PARSE_C is not defined by Paul Bakker · 12 years ago
  70. f7dc378 Make CBC an option, step 1: ssl ciphersuites by Manuel Pégourié-Gonnard · 12 years ago
  71. bfb355c Fix memory leak on missed session reuse by Manuel Pégourié-Gonnard · 12 years ago
  72. d13a409 GCM ciphersuites using only cipher layer by Manuel Pégourié-Gonnard · 12 years ago
  73. b8bd593 Restrict cipher_update() for GCM by Manuel Pégourié-Gonnard · 12 years ago
  74. 226d5da GCM ciphersuites partially using cipher layer by Manuel Pégourié-Gonnard · 12 years ago
  75. 45125bc Changes to handle merged enhancements by Paul Bakker · 12 years ago
  76. ea6ad3f ARC4 ciphersuites using only cipher layer by Paul Bakker · 12 years ago
  77. cca5b81 All CBC ciphersuites via the cipher layer by Paul Bakker · 12 years ago
  78. da02a7f AES_CBC ciphersuites now run purely via cipher layer by Paul Bakker · 12 years ago
  79. c852a68 More robust selection of ctx_enc size by Manuel Pégourié-Gonnard · 12 years ago
  80. 577e006 Merged ECDSA-based key-exchange and ciphersuites into development by Paul Bakker · 12 years ago
  81. 2fb15f6 Un-rename ssl_set_own_cert_alt() by Manuel Pégourié-Gonnard · 12 years ago
  82. a20c58c Use convert functions for SSL_SIG_* and SSL_HASH_* by Manuel Pégourié-Gonnard · 12 years ago
  83. 0d42049 Merge code for RSA and ECDSA in SSL by Manuel Pégourié-Gonnard · 12 years ago
  84. 070cc7f Use the new PK RSA-alt interface by Manuel Pégourié-Gonnard · 12 years ago
  85. 8df2769 Introduce pk_sign() and use it in ssl by Manuel Pégourié-Gonnard · 12 years ago
  86. ac75523 Adapt ssl_set_own_cert() to generic keys by Manuel Pégourié-Gonnard · 12 years ago
  87. 0be444a Ability to disable server_name extension (RFC 6066) by Paul Bakker · 12 years ago
  88. d2f068e Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually by Paul Bakker · 12 years ago
  89. fb08fd2 Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available by Paul Bakker · 12 years ago
  90. 38d1eba Move verify_result from ssl_context to session by Manuel Pégourié-Gonnard · 12 years ago
  91. 75c1a6f Fixed potential heap buffer overflow on large hostname setting by Paul Bakker · 12 years ago
  92. 5fd4917 Add missing ifdefs in ssl modules by Paul Bakker · 12 years ago
  93. 1f2bc62 Made support for the truncated_hmac extension configurable by Paul Bakker · 12 years ago
  94. 05decb2 Made support for the max_fragment_length extension configurable by Paul Bakker · 12 years ago
  95. 606b4ba Session ticket expiration checked on server by Paul Bakker · 12 years ago
  96. a503a63 Made session tickets support configurable from config.h by Paul Bakker · 12 years ago
  97. 56dc9e8 Authenticate session tickets. by Manuel Pégourié-Gonnard · 12 years ago
  98. 990c51a Encrypt session tickets by Manuel Pégourié-Gonnard · 12 years ago
  99. 779e429 Start adding ticket keys (only key_name for now) by Manuel Pégourié-Gonnard · 12 years ago
  100. aa0d4d1 Add ssl_set_session_tickets() by Manuel Pégourié-Gonnard · 12 years ago