TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / d829d0fbd0f873aaa5cb2bde307f3b58d15bea10 / library / ssl_tls.c
  1. 2e8d133 Reintroduce return code checking when sending NoRenego alert by Hanno Becker · 6 years ago
  2. 3caf718 Remove field to store level of pending alert by Hanno Becker · 6 years ago
  3. de62da9 Use separate functions to pend fatal and non-fatal alerts by Hanno Becker · 6 years ago
  4. 1facd55 Replace xxx_send_alert by xxx_pend_alert to save code by Hanno Becker · 6 years ago
  5. f46e1ce Introduce SSL helper function to mark pending alerts by Hanno Becker · 6 years ago
  6. 3b014fc Merge remote-tracking branch 'origin/pr/604' into baremetal by Simon Butcher · 6 years ago
  7. 95d1b93 Don't reset timer during mbedtls_ssl_setup() by Hanno Becker · 6 years ago
  8. 56595f4 Allow hardcoding single signature hash at compile-time by Hanno Becker · 6 years ago
  9. f1bc9e1 Introduce helper functions to traverse signature hashes by Hanno Becker · 6 years ago
  10. 627fbee Don't offer SHA-1 in CertificateRequest message in TLS 1.2 by Hanno Becker · 6 years ago
  11. 0a64170 Remove redundant check in mbedtls_ssl_set_calc_verify_md() by Hanno Becker · 6 years ago
  12. feb1cee Merge remote-tracking branch 'origin/pr/602' into baremetal by Simon Butcher · 6 years ago
  13. c1096e7 Allow hardcoding single supported elliptic curve by Hanno Becker · 6 years ago
  14. ee24f8c Remove unnecessary check for presence of supported EC list by Hanno Becker · 6 years ago
  15. a4a9c69 Introduce helper macro for traversal of supported EC TLS IDs by Hanno Becker · 6 years ago
  16. 33b9b25 Remove SSL version configuration API if versions are hardcoded by Hanno Becker · 6 years ago
  17. 0a92b81 Remove mbedtls_ssl_transform::minor_ver if the version is hardcoded by Hanno Becker · 6 years ago
  18. 7b628e5 Make mbedtls_ssl_read/write_version static inline by Hanno Becker · 6 years ago
  19. 2881d80 Introduce getter function for max/min SSL version by Hanno Becker · 6 years ago
  20. e965bd3 Allow hardcoding of min/max minor/major SSL version at compile-time by Hanno Becker · 6 years ago
  21. fabfb85 Merge remote-tracking branch 'origin/pr/603' into baremetal by Simon Butcher · 6 years ago
  22. 14a4a44 Remove mbedtls_ssl_conf_dbg() if !MBEDTLS_DEBUG_C by Hanno Becker · 6 years ago
  23. 272063a Don't store debug func ptr cb + ctx in SSL config if !DEBUG_C by Hanno Becker · 6 years ago
  24. 73f4cb1 Rename XXX_SINGLE_CIPHERSUITE -> XXX_CONF_SINGLE_CIPHERSUITE by Hanno Becker · 6 years ago
  25. e02758c Remove ciphersuite from SSL session if single suite hardcoded by Hanno Becker · 6 years ago
  26. 6ace465 Remove ciphersuite from SSL config if single suite hardcoded by Hanno Becker · 6 years ago
  27. df64596 Remove ciphersuite from handshake params if single suite hardcoded by Hanno Becker · 6 years ago
  28. 473f98f Introduce ciphersuite handle type by Hanno Becker · 6 years ago
  29. 5455afd Merge pull request #599 from ARMmbed/baremetal-ec-preparation by Manuel Pégourié-Gonnard · 6 years ago
  30. d3b2fcb Don't store client-supported ECs in heap-allocated buffer by Hanno Becker · 6 years ago
  31. 0ae6b24 Allow compile-time configuration of timer callbacks by Hanno Becker · 6 years ago
  32. a58a896 Allow compile-time configuration of I/O function pointers by Hanno Becker · 6 years ago
  33. ece325c Allow compile-time configuration of PRNG in SSL module by Hanno Becker · 6 years ago
  34. b391766 Fix unused variable that happened during merge by Manuel Pégourié-Gonnard · 6 years ago
  35. de8869c Merge remote-tracking branch 'restricted/pr/608' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  36. 44ba6b0 Merge remote-tracking branch 'restricted/pr/594' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  37. 37261e6 Merge remote-tracking branch 'restricted/pr/601' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  38. 417d2ce Merge remote-tracking branch 'restricted/pr/584' into baremetal-proposed by Manuel Pégourié-Gonnard · 6 years ago
  39. c2cfdaa Allow config'n of incl of CertificateReq CA list Y/N at compile-time by Hanno Becker · 6 years ago
  40. 2d9623f Allow configuration of endpoint (cli/srv) at compile-time by Hanno Becker · 6 years ago
  41. 1f835fa Allow configuration of read timeouts at compile-time by Hanno Becker · 6 years ago
  42. e0200da Allow configuration of ConnectionID at compile-time by Hanno Becker · 6 years ago
  43. b0b2b67 Allow compile-time configuration of legacy renegotiation by Hanno Becker · 6 years ago
  44. acd4fc0 Allow compile-time configuration of authentication mode by Hanno Becker · 6 years ago
  45. de67154 Allow compile-time configuration of DTLS badmac limit by Hanno Becker · 6 years ago
  46. 7b80c64 Fix compile-time guard for optional field in struct by Manuel Pégourié-Gonnard · 6 years ago
  47. 29f2dd0 Address review comments by Jarno Lamsa · 6 years ago
  48. 59bd12b Add new config MBEDTLS_SSL_SESSION_RESUMPTION by Jarno Lamsa · 6 years ago
  49. 7be1406 Add config MBEDTLS_SSL_SESSION_CACHE by Jarno Lamsa · 6 years ago
  50. abd929c Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19 by Hanno Becker · 6 years ago
  51. 2224ccf Don't use assertion for failures of mbedtls_x509_crt_x_acquire() by Hanno Becker · 6 years ago
  52. c6d1c3e Remove frame/pk parameter from mbedtls_x509_crt_xxx_release() by Hanno Becker · 6 years ago
  53. 8c13ee6 Make use of CRT acquire/release in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  54. 7f376f4 Allow compile-time configuration of DTLS anti replay by Hanno Becker · 6 years ago
  55. f765ce6 Remove ExtendedMS configuration API if hardcoded at compile-time by Hanno Becker · 6 years ago
  56. a49ec56 Introduce getter function for `extended_ms` field in HS struct by Hanno Becker · 6 years ago
  57. aabbb58 Exemplify harcoding SSL config at compile-time in example of ExtMS by Hanno Becker · 6 years ago
  58. 393338c Merge pull request #586 from ARMmbed/remove_peer_crt_after_handshake_no_digest-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  59. 79cf74a Merge pull request #583 from ARMmbed/remove_peer_crt_after_handshake-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  60. cc3b7cc Merge pull request #579 from Patater/bm-dont-use-non-existent-encrypt-then-mac by Manuel Pégourié-Gonnard · 6 years ago
  61. 7f132cc Merge remote-tracking branch 'origin/pr/2714' into mbedtls-2.16 by Jaeden Amero · 6 years ago
  62. 16529b2 ssl_tls: Enable Suite B with subset of ECP curves by Jaeden Amero · 6 years ago
  63. 5882dd0 Remove CRT digest from SSL session if !RENEGO + !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  64. 0528f82 Clarify documentation of serialized session format by Hanno Becker · 6 years ago
  65. 17daaa5 Move return statement in ssl_srv_check_client_no_crt_notification by Hanno Becker · 6 years ago
  66. 2326d20 Validate consistency of certificate hash type and length in session by Hanno Becker · 6 years ago
  67. fd5dc8a Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
  68. 42de8f8 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  69. 9d64b78 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  70. 257ef65 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  71. 34106f6 Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
  72. 0cc7af5 Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
  73. 1757247 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
  74. bfab9df Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
  75. 81d11aa Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
  76. 5062897 Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  77. d5258fa Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  78. cf291d6 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
  79. 3bf8cdf Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
  80. 2e6d347 Remove peer CRT from mbedtls_ssl_session if !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  81. 4a2f8e5 Add peer CRT digest to session tickets by Hanno Becker · 6 years ago
  82. e4aeb76 Parse and verify peer CRT chain in local variable by Hanno Becker · 6 years ago
  83. df75938 Mitigate triple handshake attack by comparing digests only by Hanno Becker · 6 years ago
  84. 3008d28 Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
  85. 9fb6e2e Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 6 years ago
  86. 58fccf2 Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
  87. 35e4177 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  88. 3cf5061 Introduce helper function for peer CRT chain verification by Hanno Becker · 6 years ago
  89. a7c1df6 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 6 years ago
  90. 6b9a6f3 Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
  91. 5097cba Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 6 years ago
  92. b71e90a Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 6 years ago
  93. 613d490 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
  94. a46c287 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 6 years ago
  95. b8a0857 Introduce helper to check for no-CRT notification from client by Hanno Becker · 6 years ago
  96. 8794fd9 Introduce CRT counter to CRT chain parsing function by Hanno Becker · 6 years ago
  97. 2214159 Introduce helper function to clear peer CRT from session structure by Hanno Becker · 6 years ago
  98. 933b9fc Break overly long line in definition of mbedtls_ssl_get_session() by Hanno Becker · 6 years ago
  99. 1332f35 Don't reuse CRT from initial handshake during renegotiation by Hanno Becker · 6 years ago
  100. f2ef573 Merge remote-tracking branch 'origin/pr/598' into baremetal by Simon Butcher · 6 years ago