1. 62f2dee - Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS by Paul Bakker · 12 years ago
  2. 915275b - Revamped x509_verify() and the SSL f_vrfy callback implementations by Paul Bakker · 12 years ago
  3. 5701cdc - Added ServerName extension parsing (SNI) at server side by Paul Bakker · 12 years ago
  4. eb2c658 - Generalized external private key implementation handling (like PKCS#11) in SSL/TLS by Paul Bakker · 12 years ago
  5. 321df6f - Expanded rsa_check_privkey() to check DP, DQ and QP as well by Paul Bakker · 12 years ago
  6. 5531c6d - Change buffer size on mpi_write_file() to cover larger size MPIs by Paul Bakker · 12 years ago
  7. 49d7567 - Support INTEGRITY OS by Paul Bakker · 12 years ago
  8. d14277d - Added PBKDF2 error code by Paul Bakker · 12 years ago
  9. 0a59707 - Added simple SSL session cache implementation by Paul Bakker · 12 years ago
  10. b00ca42 - Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob by Paul Bakker · 12 years ago
  11. 29b6476 - Added predefined DHM groups from RFC 5114 by Paul Bakker · 12 years ago
  12. d0f6fa7 - Sending of handshake_failures during renegotiation added by Paul Bakker · 12 years ago
  13. 2d319fd - Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover. by Paul Bakker · 12 years ago
  14. 48916f9 - Added Secure Renegotiation (RFC 5746) by Paul Bakker · 12 years ago
  15. b5b20f1 - Extra sanity check for input added by Paul Bakker · 12 years ago
  16. 5f70b25 - Correctly handle SHA256 ciphersuites in SSLv3 by Paul Bakker · 12 years ago
  17. ec636f3 - Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation) by Paul Bakker · 12 years ago
  18. 94a6796 - Correctly handle MS certificate's key usage bits by Paul Bakker · 12 years ago
  19. f518b16 - Added PKCS#5 PBKDF2 key derivation function by Paul Bakker · 12 years ago
  20. 535e97d - Better checking for reading over buffer boundaries by Paul Bakker · 12 years ago
  21. b68cad6 - Made cipersuites in ssl context const (no intention to modify) by Paul Bakker · 12 years ago
  22. bb51f0c - Only include md.h if needed by POLARSSL_PKCS1_V21 by Paul Bakker · 12 years ago
  23. 6a2f857 - Added DragonflyBSD support by Paul Bakker · 12 years ago
  24. 3c16db9 - Fixed potential memory zeroization on miscrafted RSA key by Paul Bakker · 12 years ago
  25. 6132d0a - Added Blowfish to generic cipher layer by Paul Bakker · 12 years ago
  26. 83f00bb - Updated strerror codes for SSL Compression and Blowfish by Paul Bakker · 12 years ago
  27. a9379c0 - Added base blowfish algorithm by Paul Bakker · 12 years ago
  28. 2770fbd - Added DEFLATE compression support as per RFC3749 (requires zlib) by Paul Bakker · 12 years ago
  29. cefb396 - Handle empty certificate subject names by Paul Bakker · 12 years ago
  30. e4791f3 - Bugfix for Windows in cert path handling by Paul Bakker · 12 years ago
  31. 67820bd - Only include padlock header when POLARSSL_PADLOCK_C is defined by Paul Bakker · 12 years ago
  32. 8d91458 - Added X509 CA Path support by Paul Bakker · 12 years ago
  33. e6ee41f - Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL) by Paul Bakker · 13 years ago
  34. 5054692 - Moved to prevent uninitialized exit var by Paul Bakker · 13 years ago
  35. f6198c1 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) by Paul Bakker · 13 years ago
  36. 2a5c7a8 - Add Windows required library by Paul Bakker · 13 years ago
  37. 62f88dc Makefile more compatible with WINDOWS environment by Paul Bakker · 13 years ago
  38. cd5b529 - Added automatic WINDOWS define in Makefile by Paul Bakker · 13 years ago
  39. 4d2c124 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. by Paul Bakker · 13 years ago
  40. 7e2c728 - Updated to support NetBSD by Paul Bakker · 13 years ago
  41. 186751d - Moved out_msg to out_hdr + 32 to support hardware acceleration by Paul Bakker · 13 years ago
  42. 3aac1da - Added exception error parsing when FATAL ssl message is received by Paul Bakker · 13 years ago
  43. 6b906e5 - Const correctness mpi_get_bit() - Documentation mpi_lsb(), mpi_msb() by Paul Bakker · 13 years ago
  44. 05ef835 - Added support for Hardware Acceleration hooking in SSL/TLS by Paul Bakker · 13 years ago
  45. 430ffbe - Fixed potential heap corruption in x509_name allocation by Paul Bakker · 13 years ago
  46. aec37cb - Added extra sanity check to DHM values by Paul Bakker · 13 years ago
  47. 279432a - Fixed size of clean by Paul Bakker · 13 years ago
  48. 901c656 - Fill full buffer (Wrong parameter usage) by Paul Bakker · 13 years ago
  49. 380da53 - Abstracted checksum updating during handshake by Paul Bakker · 13 years ago
  50. ca4ab49 - Added GCM ciphersuites to TLS implementation by Paul Bakker · 13 years ago
  51. d8ef167 - Updated for latest GCM error by Paul Bakker · 13 years ago
  52. fc5183c - Added input checking and more efficient buffer overlap use by Paul Bakker · 13 years ago
  53. 369e14b - Small code rewrite by Paul Bakker · 13 years ago
  54. 030277a - Updated error.c to include GCM errors by Paul Bakker · 13 years ago
  55. 13ed9ab - Removed unused variable by Paul Bakker · 13 years ago
  56. 0a92518 - Report unexpected_message if unknown record type is received by Paul Bakker · 13 years ago
  57. 10cd225 - Added support for the SHA256 ciphersuites of AES and Camellia by Paul Bakker · 13 years ago
  58. bf63b36 - Updated comments by Paul Bakker · 13 years ago
  59. c3f177a - Added client side support for signature_algorithm extension and affiliated handling by Paul Bakker · 13 years ago
  60. 1ef83d6 - Initial bare version of TLS 1.2 by Paul Bakker · 13 years ago
  61. f34cf85 - Fixed too restrictive test by Paul Bakker · 13 years ago
  62. 96d42da - Removed debug value by Paul Bakker · 13 years ago
  63. c7ffd36 - Added automatic debug flags to CFLAGS if DEBUG is set in shell by Paul Bakker · 13 years ago
  64. 452d532 - Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST) by Paul Bakker · 13 years ago
  65. 6126481 - Added compat for sun in net.c by Paul Bakker · 13 years ago
  66. 56a7684 - Added alternative for SHA1 signature structure to check for (without NULL) by Paul Bakker · 13 years ago
  67. 0c8f73b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong by Paul Bakker · 13 years ago
  68. f916962 - Removed unused variables by Paul Bakker · 13 years ago
  69. 89e80c9 - Added base Galois/Counter mode (GCM) for AES by Paul Bakker · 13 years ago
  70. b6ad62d - Added missing x509write.c by Paul Bakker · 13 years ago
  71. 02f6169 - Removed trailing char by Paul Bakker · 13 years ago
  72. f654371 - Only include dependencies when required by Paul Bakker · 13 years ago
  73. ad8d354 - Updated RFC ref by Paul Bakker · 13 years ago
  74. 3cac5e0 - x509_write_cert_req() now supports all available hash functions by Paul Bakker · 13 years ago
  75. 0588815 - Certificate Requests written now have the Email address written in IA5String by Paul Bakker · 13 years ago
  76. bdb912d - Added preliminary ASN.1 buffer writing support by Paul Bakker · 13 years ago
  77. 048d04e - AES code only check for Padlock once by Paul Bakker · 13 years ago
  78. 39dfdac - Fixed mpi_fill_random() to fill and create right size MPI by Paul Bakker · 13 years ago
  79. 8afa70d - Clean Subject Alternative Name data by Paul Bakker · 13 years ago
  80. 57b1298 - Multi-domain certificates support wildcards as well by Paul Bakker · 13 years ago
  81. 1504af5 - Removed redundant POLARSSL_DEBUG_MSG define by Paul Bakker · 13 years ago
  82. a8cd239 - Added support for wildcard certificates by Paul Bakker · 13 years ago
  83. fab5c82 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! by Paul Bakker · 13 years ago
  84. 3c18a83 - Made changes for 1.1.1 release by Paul Bakker · 13 years ago
  85. 17caec1 - Changed back statement by Paul Bakker · 13 years ago
  86. e88186d - Fixed selftest for CTR_DRBG by Paul Bakker · 13 years ago
  87. cf0360a - Fixed compiler error on 64-bit systems not using GCC by Paul Bakker · 13 years ago
  88. ec1b984 - Fixed type of length in get_pkcs_padding() by Paul Bakker · 13 years ago
  89. 87e5cda - Fixed warning for t if no debugging defined by Paul Bakker · 13 years ago
  90. ed375ca - Fixed signed status of ret by Paul Bakker · 13 years ago
  91. 8913f82 - Fixed compiler warning for unreferenced ret in md_file() when POLARSSL_FS_IO not declared by Paul Bakker · 13 years ago
  92. b15b851 - Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink) by Paul Bakker · 13 years ago
  93. 394c56f - Support for FreeBSD _SOCKLEN_T_DECLARED by Paul Bakker · 13 years ago
  94. 43655f4 - Added option to prevent default entropy sources from loading (POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) by Paul Bakker · 13 years ago
  95. 28c7e7f - Added HAVEGE as a default entropy source by Paul Bakker · 13 years ago
  96. b1dee1c - Changed commands to lowercase where it was not the case by Paul Bakker · 13 years ago
  97. 55d3fd9 - Enlarged maximum size of DHM a client accepts to 512 bytes by Paul Bakker · 13 years ago
  98. 69e095c - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it. by Paul Bakker · 13 years ago
  99. 18d3291 - Added internal ctr_drbg_init_entropy_len() to allow NIST determined entropy tests to work by Paul Bakker · 13 years ago
  100. bd4a9d0 - Changed entropy accumulator to have per-source thresholds by Paul Bakker · 13 years ago