Lines Matching refs:now
191 mbedtls_ecdh_compute_shared()) are supported for now. Contributed by
291 * The truncated HMAC extension now conforms to RFC 6066. This means
293 HMAC extension, Mbed TLS can now interoperate with other
600 * Certificate verification functions now set flags to -1 in case the full
603 * With authmode set to optional, the TLS handshake is now aborted if the
830 scripts, which is also now called by all.sh.
939 * Fix non-compliance server extension handling. Extensions for SSLv3 are now
999 * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
1124 * The PEM parser now accepts a trailing space at end of lines (#226).
1125 * It is now possible to #include a user-provided configuration file at the
1154 You now need to link to all of them if you use TLS for example.
1163 * Headers are now found in the 'mbedtls' directory (previously 'polarssl').
1186 * mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set
1190 * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
1194 * mbedtls_ssl_conf_truncated_hmac() now returns void.
1195 * mbedtls_memory_buffer_alloc_init() now returns void.
1196 * X.509 verification flags are now an uint32_t. Affect the signature of:
1210 * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
1222 mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect the
1225 * calloc() is now used instead of malloc() everywhere. API of platform
1229 (support for renegotiation now needs explicit enabling in config.h).
1250 * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on).
1274 * The default minimum TLS version is now TLS 1.0.
1275 * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the
1277 * Support for receiving SSLv2 ClientHello is now disabled by default at
1279 * The default authmode for SSL/TLS clients is now REQUIRED.
1280 * Support for RSA_ALT contexts in the PK layer is now optional. Since is is
1284 * A minimum RSA key size of 2048 bits is now enforced during ceritificate
1286 * Negotiation of truncated HMAC is now disabled by default on server too.
1287 * The following functions are now case-sensitive:
1295 * The minimum MSVC version required is now 2010 (better C99 support).
1296 * The NET layer now unconditionnaly relies on getaddrinfo() and select().
1302 * The following functions now return void:
1314 * mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
1345 speed and RAM (heap only for now) usage.
1398 * Adjusting/overriding CFLAGS and LDFLAGS with the make build system is now
1438 * Support for renegotiation can now be disabled at compile-time
1463 * ssl_get_verify_result() now works even if the handshake was aborted due
1476 * ssl_set_own_cert() now returns an error on key-certificate mismatch.
1478 * debug_print_buf() now prints a text view in addition to hexadecimal.
1479 * A specific error is now returned when there are ciphersuites in common
1482 * It is now possible to disable negotiation of truncated HMAC server-side
1484 * Example programs for SSL client and server now disable SSLv3 by default.
1485 * Example programs for SSL client and server now disable RC4 by default.
1521 * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
1527 * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
1529 * POLARSSL_MPI_MAX_SIZE now defaults to 1024 in order to allow 8192 bits
1546 * Blowfish in the cipher layer now supports variable length keys.
1561 * md_list() now returns hashes strongest first
1562 * Selection of hash for signing ServerKeyExchange in TLS 1.2 now picks
1564 * All public contexts have _init() and _free() functions now for simpler
1616 * AES-NI now compiles with "old" assemblers too
1617 * Ciphersuites based on RC4 now have the lowest priority by default
1629 * rsa_check_pubkey() now allows an E up to N
1650 * x509_crt_info() now prints information about parsed extensions as well
1651 * pk_verify() now returns a specific error code when the signature is valid
1699 * Entropy module now supports seed writing and reading
1704 now thread-safe if POLARSSL_THREADING_C defined
1759 * ssl_mail_client now terminates lines with CRLF, instead of LF
1786 * Curves are now stored fully in ROM
1793 * SSL now gracefully handles missing RNG
1815 * Padding checks in cipher layer are now constant-time
1816 * Value comparisons in SSL layer are now constant-time
1892 * Client and server now filter sent and accepted ciphersuites on minimum
1900 * x509_crt_verify() now case insensitive for cn (RFC 6125 6.4)
1962 * ssl_get_verify_result() now works even if the handshake was aborted due
1999 * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
2005 * Entropy module now supports seed writing and reading
2032 * SSL now gracefully handles missing RNG
2042 * ssl_mail_client now terminates lines with CRLF, instead of LF
2059 * rsa_check_pubkey() now allows an E up to N
2084 * x509_verify() now case insensitive for cn (RFC 6125 6.4)
2120 * x509parse_crt() now better handles PEM error situations
2121 * ssl_parse_certificate() now calls x509parse_crt_der() directly
2124 * x509parse_crtpath() is now reentrant and uses more portable stat()
2138 * Default Blowfish keysize is now 128-bits
2162 * The SSL session cache module (ssl_cache) now also retains peer_cert
2213 * Depth that the certificate verify callback receives is now numbered
2278 * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
2284 * mpi_add_abs() now correctly handles adding short numbers to long numbers
2309 * x509parse_crt() now better handles PEM error situations
2310 * ssl_parse_certificate() now calls x509parse_crt_der() directly
2340 * mpi_add_abs() now correctly handles adding short numbers to long numbers
2344 * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
2412 So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
2429 * All error codes are now negative. Even on mermory failures and IO errors.
2440 * If certificate serial is longer than 32 octets, serial number is now
2453 * The generic cipher and message digest layer now have normal error
2465 * Functions requiring File System functions can now be disabled
2478 * mpi_init() and mpi_free() now only accept a single MPI
2481 is now done with a PLUS instead of an OR as error codes
2484 net_recv() now returns 0 on EOF instead of
2489 * Network functions now return POLARSSL_ERR_NET_WANT_READ or
2503 * Debug print of MPI now removes leading zero octets and
2510 * Debug output of MPI's now the same independent of underlying
2522 are now supported as well (Fixes ticket #5)
2598 * rsa_check_private() now supports PKCS1v2 keys as well
2618 * X509 signature algorithm determination is now
2637 * Coverage test definitions now support 'depends_on'
2639 * Tests requiring specific hashing algorithms now honor
2710 * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
2820 * Ciphers used in SSL/TLS can now be disabled at compile