Lines Matching refs:client
24 * In a PSA-client-only build (i.e. MBEDTLS_PSA_CRYPTO_CLIENT &&
31 * By default, the handling of TLS 1.3 tickets by the Mbed TLS client is now
101 client, if the client-provided certificate does not have appropriate values
106 than TLS client authentication could be able to use it for TLS client
113 * Fix TLS 1.3 client build and runtime when support for session tickets is
161 * Fix TLS connection failure in applications using an Mbed TLS client in
340 malicious client could cause information disclosure or a denial of service.
363 client could put the TLS 1.3-only server in an infinite loop processing
366 - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client
416 * In TLS 1.3 clients, fix an interoperability problem due to the client
631 be completely zeroized during TLS 1.2 handshake, in both server and client
687 (previously accepted values were limited to "client" or "server").
710 * In TLS 1.3, fix handshake failure when a client in its ClientHello
875 * Fix a potential heap buffer overread in TLS 1.3 client-side when
895 calculation on the client side. It prevents a server with more accurate
898 than the age computed and transmitted by the client and thus potentially
943 This is a partial fix that allows only "client" and "server" identifiers.
946 * In the TLS 1.3 server, select the preferred client cipher suite, not the
1122 * Fix an interoperability failure between an Mbed TLS client with both
1156 * Add a configuration check to exclude optional client authentication
1284 * Add support for server HelloRetryRequest message. The TLS 1.3 client is
1287 * Add support for client-side TLS version negotiation. If both TLS 1.2 and
1288 TLS 1.3 protocols are enabled in the build of Mbed TLS, the TLS client now
1333 MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled. An unauthenticated client
1341 client or server could cause an MbedTLS server or client to overread up
1348 provided by a client or server certificate for authentication was not
1350 client or server to be able to authenticate itself through a certificate
1351 to an Mbed TLS TLS 1.3 server or client while it does not own a proper
1359 * Fixed swap of client and server random bytes when exporting them alongside
1365 client would fail to check that the curve selected by the server for
1366 ECDHE was indeed one that was offered. As a result, the client would
1418 * Fix a TLS 1.3 handshake failure when the first attempt to send the client
1424 connection identifier, the Mbed TLS client now properly sends the server
1996 * In a TLS client, enforce the Diffie-Hellman minimum parameter size
2220 the PSA code needed by a PSA crypto client when the PSA crypto
2650 DTLS client when parsing the Hello Verify Request message.
2824 from modifying the client/server hello.
2864 the parent process closes the client socket and continue accepting, and
2865 the child process closes the listening socket and handles the client
3024 client programs to fail at the peer's certificate verification
3260 implemented client-side, for ECDHE-ECDSA ciphersuites in TLS 1.2,
3261 including client authentication).
3325 * Close a test gap in (D)TLS between the client side and the server side:
3326 test the handling of large packets and small packets on the client side
3598 * Fix a client-side bug in the validation of the server's ciphersuite choice
3599 which could potentially lead to the client accepting a ciphersuite it didn't
4071 The issue could only happen client-side with renegotiation enabled.
4289 * Fix compatibility issue with Internet Explorer client authentication,
4290 where the limited hash choices prevented the client from sending its
4461 * Fix potential heap buffer overflow in servers that perform client
4463 unless you allow third parties to pick trust CAs for client auth.
4483 * Fix possible client-side NULL pointer dereference (read) when the client
4496 * When a client initiates a reconnect from the same port as a live
4535 * Fix memory corruption on client with overlong PSK identity, around
4807 * Fix bug related to ssl_set_curves(): the client didn't check that the
4838 client certificate) (found using Codenomicon Defensics).
4840 (TLS server is not affected if it doesn't ask for a client certificate)
4843 (TLS server is not affected if it doesn't ask for a client certificate)
4903 * Example programs for SSL client and server now disable SSLv3 by default.
4904 * Example programs for SSL client and server now disable RC4 by default.
4912 (server is not affected if it doesn't ask for a client certificate)
4928 renegotation was pending, and on client when a HelloRequest was received.
4957 It was possible to crash the server (and client) using crafted messages
4982 strongest offered by client.
5158 client certificate.
5159 * ssl_srv was leaking memory when client presented a timed out ticket
5160 containing a client certificate
5190 * Support for adhering to client ciphersuite order preference
5241 * Server does not send out extensions not advertised by client
5338 * Fix potential invalid memory read in the server, that allows a client to
5341 client to crash the server remotely if client authentication is enabled
5361 for a client certificate) (found using Codenomicon Defensics).
5363 (TLS server is not affected if it doesn't ask for a client certificate)
5366 (TLS server is not affected if it doesn't ask for a client certificate)
5369 (TLS server is not affected if it doesn't ask for a client certificate).
5399 (server is not affected if it doesn't ask for a client certificate).
5412 renegotation was pending, and on client when a HelloRequest was received.
5446 It was possible to crash the server (and client) using crafted messages
5535 * Secure renegotiation extension should only be sent in case client
5613 * Correctly handle CertificateRequest message in client for <= TLS 1.1
5627 * Fixed client authentication compatibility
5795 * Fixed potential memory corruption on miscrafted client messages (found by
5958 * Do not bail out if no client certificate specified. Try
6173 * Added support on the client side for the TLS "hostname" extension
6182 serial number, setup correct server port in the ssl client example
6201 message digests, which fixes IE6/IE7 client authentication
6255 * Implemented session resuming and client authentication
6269 generated) and in ssl_parse_client_hello (max. client