cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-31 03:30:35 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,634 Commits 7 Branches 115 Tags
Commit Graph

74 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
77cfe177e1 Remove now-useless typedef in ssl.h 2015-06-02 11:18:35 +01:00
Manuel Pégourié-Gonnard
81abefd46c Fix typos/style in doxygen documentation 2015-05-29 12:53:47 +02:00
Manuel Pégourié-Gonnard
b48ef9cce9 Improve documentation about HelloVerifyRequest 2015-05-28 17:28:39 +02:00
Manuel Pégourié-Gonnard
398b206ff0 Update doc for ssl_conf_renegotiation 2015-05-28 17:28:38 +02:00
Manuel Pégourié-Gonnard
6a8ca33fa5 Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED 2015-05-28 16:25:05 +02:00
Manuel Pégourié-Gonnard
160e384360 Fix bad name choice 2015-05-27 20:27:06 +02:00
Manuel Pégourié-Gonnard
f7c2eebfcf Remove unused struct member in ssl_context 
Actually belongs to ssl_session
 2015-05-27 18:06:02 +02:00
Manuel Pégourié-Gonnard
065122cfe9 Move some defines to ssl_internal.h 2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
56273daea0 Move some includes to ssl_internal.h 
Also removed one from ssl.h and add it in programs where it belongs
 2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
cd4fcc6c8b Move some structures to ssl_internal.h 2015-05-26 15:01:37 +02:00
Manuel Pégourié-Gonnard
5e94ddebbc Create ssl_internal.h and move some functions 2015-05-26 11:57:05 +02:00
Manuel Pégourié-Gonnard
e057d3bf6b Relax some dependencies 
- DTLS_HELLO_VERIFY no longer depends on SRV_C
- SSL_COOKIE_C no longer depends on DTLS_HELLO_VERIFY

Not that much work for us, and easier on users (esp. since it allows just
disabling SRV_C alone).
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b596abfdc0 Refine cli/srv ifdefs for session tickets 
- Only the server needs to generate/parse tickets
- Only the client needs to store them

Also adjust prototype of ssl_conf_session_tickets() while at it.
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
cf141ca7e7 Fix #ifdefs on ssl_cli.c or ssl_srv.c 
Nothing to do with the current branch except I'm going to refine such #ifdefs
for tickets next and I want to start from a clean state
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
0c0f11f4b3 Update dependencies & includes for session tickets 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
d59675d92c Move to callback for session tickets 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
b0394bebdb Further adapt prototypes of ticket functions 
Moving everything in ticket_keys structure, that will soon become
ticket_context.
 2015-05-20 11:14:57 +02:00
Manuel Pégourié-Gonnard
151dc77732 Fix some old names that remained 
- most in doxygen doc that was never renamed
- some re-introduced in comments/doc/strings by me
 2015-05-14 21:58:34 +02:00
Manuel Pégourié-Gonnard
66dc5555f0 mbedtls_ssl_conf_arc4_support() depends on ARC4_C 2015-05-14 12:31:10 +02:00
Manuel Pégourié-Gonnard
e391c8deda Doc tune-up 2015-05-13 20:34:24 +02:00
Manuel Pégourié-Gonnard
70860adccc SSL timers are no longer just for DTLS 
Also, clean up leftover temporary stuff... embarassing
 2015-05-13 10:25:28 +02:00
Manuel Pégourié-Gonnard
bbd28f7bcc Improve SSL doc about I/O and timeouts 2015-05-13 10:21:42 +02:00
Manuel Pégourié-Gonnard
2e01291739 Prepare the SSL modules for using timer callbacks 2015-05-13 09:43:39 +02:00
Manuel Pégourié-Gonnard
eecb43cf0b Manually merge doc fixes from 1.3 2015-05-12 12:56:41 +02:00
Manuel Pégourié-Gonnard
e6ef16f98c Change X.509 verify flags to uint32_t 2015-05-11 19:54:43 +02:00
Manuel Pégourié-Gonnard
06939cebef Fix order of ssl_conf vs ssl_setup in programs 
Except ssl_phtread_server that will be done later
 2015-05-11 14:35:42 +02:00
Manuel Pégourié-Gonnard
01e5e8c1f8 Change a few ssl_conf return types to void 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
6729e79482 Rename ssl_set_xxx() to ssl_conf_xxx() 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
22bfa4bb53 Add ssl_set_hs_ca_chain() 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1897af9e93 Make conf const inside ssl_context (finally) 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
17a40cd255 Change ssl_own_cert to work on ssl_config 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
1af6c8500b Add ssl_set_hs_own_cert() 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
8f618a8e65 Rework ssl_set_own_cert() internals 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
120fdbdb3d Change ssl_set_psk() to act on ssl_config 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
4b68296626 Use a specific function in the PSK callback 2015-05-11 14:35:41 +02:00
Manuel Pégourié-Gonnard
750e4d7769 Move ssl_set_rng() to act on config 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
5cb3308e5f Merge contexts for session cache 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
ae31914990 Rename ssl_legacy_renegotiation() to ssl_set_... 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
662c6e8cdd Disable truncated HMAC by default 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
1028b74cff Upgrade default DHM params size 2015-05-11 12:33:27 +02:00
Manuel Pégourié-Gonnard
8836994f6b Move WANT_READ/WANT_WRITE codes to SSL 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
1b511f93c6 Rename ssl_set_bio_timeout() to set_bio() 
Initially thought it was best to keep the old function around and add a new
one, but this so many ssl_set_xxx() functions are changing anyway...
 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
97fd52c529 Split ssl_set_read_timeout() out of bio_timeout() 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
cc3195e81f Fix misplaced #ifdef 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
8620f73cdc Documentation tune-ups 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
bc2b771af4 Move ssl_set_ca_chain() to work on config 2015-05-11 12:33:26 +02:00
Manuel Pégourié-Gonnard
ba26c24769 Change how hostname is stored internally 2015-05-07 10:19:14 +01:00
Manuel Pégourié-Gonnard
2b49445876 Move session ticket keys to conf 
This is temporary, they will soon be replaced by callbacks.
!!! In this intermediate step security is removed !!!
 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
e51bba05cf Make mfl_code a bitfield member 2015-05-07 10:19:13 +01:00
Manuel Pégourié-Gonnard
684b0592cb Move ssl_set_fallback() to work on conf 
Initially thought it would be per-connection, but since max_version is in conf
too, and you need to lower that for a fallback connection, the fallback flag
should be in the same place
 2015-05-07 10:19:13 +01:00