TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/archive/mbedtls-1.3 / library / ssl_srv.c
  1. 8ae366f Merge remote-tracking branch 'upstream-restricted/pr/443' into mbedtls-1.3-restricted by Jaeden Amero · 7 years ago
  2. a9fc8c0 Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted by Gilles Peskine · 8 years ago
  3. f472a82 Fix heap-buffer overread in ALPN ext parsing by Manuel Pégourié-Gonnard · 8 years ago
  4. 1dc3443 Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge-1.3' into mbedtls-1.3-restricted by Gilles Peskine · 8 years ago
  5. c2f52b4 Wrong identifier used to check Encrypt-then-MAC flag by Hanno Becker · 8 years ago
  6. 4491a79 Parse Signature Algorithm ext when renegotiating by Ron Eldor · 8 years ago
  7. b2ee6b4 Prevent bounds check bypass through overflow in PSK identity parsing by Hanno Becker · 8 years ago
  8. 5745778 Don't parse or write extensions in SSLv3 by Hanno Becker · 8 years ago
  9. c2b9d98 Remember suitable hash function for any signature algorithm. by Hanno Becker · 8 years ago
  10. a697bf5 Fix for MSVC Compiler warnings by Simon B · 9 years ago
  11. 7458bc3 Fix guards in SSL for ECDH key exchanges by Simon Butcher · 9 years ago
  12. 307e181 Fix non compliance SSLv3 in server extension handling. by Janos Follath · 9 years ago
  13. 14400c8 Merge memory leak fix into branch 'mbedtls-1.3' by Simon Butcher · 10 years ago
  14. cf16b79 Avoid seemingly-possible overflow by Manuel Pégourié-Gonnard · 10 years ago
  15. de9c8a5 Fix potential overflow in CertificateRequest by Manuel Pégourié-Gonnard · 10 years ago
  16. a701d2f Fix bug in server parsing point formats extension by Manuel Pégourié-Gonnard · 10 years ago
  17. 8e8ae3d Fix potential NULL dereference on bad usage by Manuel Pégourié-Gonnard · 10 years ago
  18. b26b75e Clean up RSA PMS checking code by Manuel Pégourié-Gonnard · 10 years ago
  19. e16b62c Make results of (ext)KeyUsage accessible by Manuel Pégourié-Gonnard · 10 years ago
  20. ce60fbe Fix potential timing difference with RSA PMS by Manuel Pégourié-Gonnard · 10 years ago
  21. fe44643 Rename website and repository by Manuel Pégourié-Gonnard · 10 years ago
  22. 2ee8d24 Simplify some constant-time code by Manuel Pégourié-Gonnard · 10 years ago
  23. 00ab470 cleanup library and some basic tests. Includes, add guards to includes by Rich Evans · 10 years ago
  24. 6674cce Fix potential timing issue in RSA pms handling by Manuel Pégourié-Gonnard · 10 years ago
  25. 860b516 Fix url again by Manuel Pégourié-Gonnard · 10 years ago
  26. 607d663 Add debug info for cert/suite selection by Manuel Pégourié-Gonnard · 11 years ago
  27. 085ab04 Fix website url to use https. by Manuel Pégourié-Gonnard · 11 years ago
  28. 9698f58 Remove maintainer line. by Manuel Pégourié-Gonnard · 11 years ago
  29. 19f6b5d Remove redundant "all rights reserved" by Manuel Pégourié-Gonnard · 11 years ago
  30. a658a40 Update copyright by Manuel Pégourié-Gonnard · 11 years ago
  31. 967a2a5 Change name to mbed TLS in the copyright notice by Manuel Pégourié-Gonnard · 11 years ago
  32. 59c6f2e Avoid nested if's without braces. by Manuel Pégourié-Gonnard · 11 years ago
  33. 5b8f7ea Merge new security defaults for programs (RC4 disabled, SSL3 disabled) by Paul Bakker · 11 years ago
  34. c82b7e2 Merge option to disable truncated hmac on the server-side by Paul Bakker · 11 years ago
  35. e522d0f Merge smarter certificate selection for pre-TLS-1.2 clients by Paul Bakker · 11 years ago
  36. f6080b8 Merge support for enabling / disabling renegotiation support at compile-time by Paul Bakker · 11 years ago
  37. d7e2483 Merge miscellaneous fixes into development by Paul Bakker · 11 years ago
  38. bd47a58 Add ssl_set_arc4_support() by Manuel Pégourié-Gonnard · 11 years ago
  39. e117a8f Make truncated hmac a runtime option server-side by Manuel Pégourié-Gonnard · 11 years ago
  40. f01768c Specific error for suites in common but none good by Manuel Pégourié-Gonnard · 11 years ago
  41. df331a5 Prefer SHA-1 certificates for pre-1.2 clients by Manuel Pégourié-Gonnard · 11 years ago
  42. 6458e3b Some more refactoring/tuning. by Manuel Pégourié-Gonnard · 11 years ago
  43. 846ba47 Minor refactoring by Manuel Pégourié-Gonnard · 11 years ago
  44. d942323 Skip signature_algorithms ext if PSK only by Manuel Pégourié-Gonnard · 11 years ago
  45. eaecbd3 Fix warning in reduced configs by Manuel Pégourié-Gonnard · 11 years ago
  46. 615e677 Make renegotiation a compile-time option by Manuel Pégourié-Gonnard · 11 years ago
  47. 78e745f Don't send back EtM extension if not using CBC by Manuel Pégourié-Gonnard · 11 years ago
  48. 699cafa Implement initial negotiation of EtM by Manuel Pégourié-Gonnard · 11 years ago
  49. b575b54 Forbid extended master secret with SSLv3 by Manuel Pégourié-Gonnard · 11 years ago
  50. 367381f Add negotiation of Extended Master Secret by Manuel Pégourié-Gonnard · 11 years ago
  51. 01b2699 Implement FALLBACK_SCSV server-side by Manuel Pégourié-Gonnard · 11 years ago
  52. 43c3b28 Fix memory leak with crafted ClientHello by Manuel Pégourié-Gonnard · 11 years ago
  53. 480905d Fix selection of hash from sig_alg ClientHello ext. by Manuel Pégourié-Gonnard · 11 years ago
  54. 84bbeb5 Adapt cipher and MD layer with _init() and _free() by Paul Bakker · 11 years ago
  55. accaffe Restructure ssl_handshake_init() and small fixes by Paul Bakker · 11 years ago
  56. 5b4af39 Add _init() and _free() for hash modules by Paul Bakker · 11 years ago
  57. d27680b Clarify code using PSK callback by Manuel Pégourié-Gonnard · 11 years ago
  58. 14beb08 Fix missing const by Manuel Pégourié-Gonnard · 11 years ago
  59. 08e81e0 Change selection of hash algorithm for TLS 1.2 by Manuel Pégourié-Gonnard · 11 years ago
  60. dd0c0f3 Better usage of dhm_calc_secret in SSL by Manuel Pégourié-Gonnard · 11 years ago
  61. 4d2a8eb SSL modules now using x509_crt_parse_der() by Manuel Pégourié-Gonnard · 11 years ago
  62. 66d5d07 Fix formatting in various code to match spacing from coding style by Paul Bakker · 11 years ago
  63. db20c10 Add #endif comments for #endif more than 10 lines from #if / #else by Paul Bakker · 11 years ago
  64. 3461772 Introduce polarssl_zeroize() instead of memset() for zeroization by Paul Bakker · 11 years ago
  65. 14877e6 Remove unused 'ret' variable by Paul Bakker · 11 years ago
  66. 14b16c6 Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker) by Paul Bakker · 11 years ago
  67. 0f651c7 Stricter check on SSL ClientHello internal sizes compared to actual packet size by Paul Bakker · 11 years ago
  68. 61edffe Normalize "should never happen" messages/errors by Manuel Pégourié-Gonnard · 11 years ago
  69. b9e4e2c Fix formatting: fix some 'easy' > 80 length lines by Paul Bakker · 11 years ago
  70. 9af723c Fix formatting: remove trailing spaces, #endif with comments (> 10 lines) by Paul Bakker · 11 years ago
  71. cef4ad2 Adapt sources to configurable config.h name by Manuel Pégourié-Gonnard · 11 years ago
  72. a703663 Improve interop by not writing ext_len in ClientHello / ServerHello when 0 by Paul Bakker · 11 years ago
  73. c70e425 Only iterate over actual certificates in ssl_write_certificate_request() by Paul Bakker · 11 years ago
  74. 4f42c11 Remove arbitrary maximum length for cipher_list and content length by Paul Bakker · 11 years ago
  75. d893aef Force default value to curve parameter by Paul Bakker · 11 years ago
  76. 7f2a07d Check keyUsage in SSL client and server by Manuel Pégourié-Gonnard · 11 years ago
  77. f6521de Add ALPN tests to ssl-opt.sh by Manuel Pégourié-Gonnard · 11 years ago
  78. 89e3579 Implement ALPN server-side by Manuel Pégourié-Gonnard · 11 years ago
  79. 969ccc6 Fix length checking of various ClientKeyExchange's by Manuel Pégourié-Gonnard · 11 years ago
  80. b2bf5a1 Fix possible buffer overflow with PSK by Manuel Pégourié-Gonnard · 11 years ago
  81. d701c9a Fix memory leak in server with expired tickets by Manuel Pégourié-Gonnard · 11 years ago
  82. 145dfcb Fix bug with NewSessionTicket and non-blocking I/O by Manuel Pégourié-Gonnard · 11 years ago
  83. 96ea2f2 Add tests for SNI by Manuel Pégourié-Gonnard · 11 years ago
  84. 8520dac Add tests for auth_mode by Manuel Pégourié-Gonnard · 11 years ago
  85. f7c5201 Add basic tests for session resumption by Manuel Pégourié-Gonnard · 11 years ago
  86. 6b1e207 Fix verion-major intolerance by Manuel Pégourié-Gonnard · 11 years ago
  87. 7dc4c44 Library files moved to use platform layer by Paul Bakker · 11 years ago
  88. f6dc5e1 Remove temporary debug code by Manuel Pégourié-Gonnard · 11 years ago
  89. c3f6b62c Print curve name instead of size in debugging by Manuel Pégourié-Gonnard · 11 years ago
  90. de05390 Rename ecdh_curve_list to curve_list by Manuel Pégourié-Gonnard · 11 years ago
  91. 5de2580 Make ssl_set_ecdh_curves() a compile-time option by Manuel Pégourié-Gonnard · 11 years ago
  92. 987bfb5 Added the possibility to define the allowed curves for ECDHE handshake. It also defines the preference of the curves. by Gergely Budai · 12 years ago
  93. 5538970 Add server support for ECDH key exchanges by Manuel Pégourié-Gonnard · 12 years ago
  94. 1a9f2c7 Add option to respect client ciphersuite order by Manuel Pégourié-Gonnard · 12 years ago
  95. 011a8db Complete refactoring of ciphersuite choosing by Manuel Pégourié-Gonnard · 12 years ago
  96. 3252560 Move some functions up by Manuel Pégourié-Gonnard · 12 years ago
  97. 59b81d7 Refactor ciphersuite selection for version > 2 by Manuel Pégourié-Gonnard · 12 years ago
  98. da1ff38 Don't accept CertificateRequest with PSK suites by Manuel Pégourié-Gonnard · 12 years ago
  99. dc953e8 Add missing defines/cases for RSA_PSK key exchange by Manuel Pégourié-Gonnard · 12 years ago
  100. a9a028e SSL now gracefully handles missing RNG by Paul Bakker · 12 years ago