ChangeLog - OpenGrok cross reference for /mbedtls-latest/ChangeLog

Lines Matching refs:authentication
100    * With TLS 1.3, when a server enables optional authentication of the
106      than TLS client authentication could be able to use it for TLS client
107      authentication anyway. Only TLS 1.3 servers were affected, and only with
108      optional authentication (required would abort the handshake with a fatal
174      optional/none authentication mode, by calling mbedtls_ssl_conf_authmode()
178      standard makes server authentication mandatory; users are advised not to
1046      for authentication in TLS 1.3.
1156    * Add a configuration check to exclude optional client authentication
1283    * Add support for authentication of TLS 1.3 clients by TLS 1.3 servers.
1348      provided by a client or server certificate for authentication was not
1634      For CCM* encryption/decryption without authentication, input
2681      library which allows TLS authentication to use keys stored in a
3168      This could lead to a buffer overflow, but only in case ticket authentication
3261      including client authentication).
3403      with TLS versions 1.1 and earlier when the server requested authentication
3994    * Fix authentication bypass in SSL/TLS: when authmode is set to optional,
4096    * Accept empty trusted CA chain in authentication mode
4099      fatal errors in authentication mode MBEDTLS_SSL_VERIFY_OPTIONAL and to
4289    * Fix compatibility issue with Internet Explorer client authentication,
4368      SLOTH attack on TLS 1.2 server authentication (other attacks from the
4462      authentication against a crafted CA cert. Cannot be triggered remotely
5134      "triple handshake" attack when authentication mode is 'optional' (the
5135      attack was already impossible when authentication is required).
5341      client to crash the server remotely if client authentication is enabled
5439      "triple handshake" attack when authentication mode is optional (the
5440      attack was already impossible when authentication is required).
5627    * Fixed client authentication compatibility
6201       message digests, which fixes IE6/IE7 client authentication
6255     * Implemented session resuming and client authentication