Lines Matching refs:now

22      scripts, which is also now called by all.sh.
131    * Fix non-compliance server extension handling. Extensions for SSLv3 are now
191    * mbedtls_x509_crt_verify(_with_profile)() now also checks the key type and
316    * The PEM parser now accepts a trailing space at end of lines (#226).
317    * It is now possible to #include a user-provided configuration file at the
346      You now need to link to all of them if you use TLS for example.
355    * Headers are now found in the 'mbedtls' directory (previously 'polarssl').
378    * mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set
382    * On server, mbedtls_ssl_conf_session_tickets_cb() must now be used in
386    * mbedtls_ssl_conf_truncated_hmac() now returns void.
387    * mbedtls_memory_buffer_alloc_init() now returns void.
388    * X.509 verification flags are now an uint32_t. Affect the signature of:
402    * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
414      mbedtls_pk_parse_public_key() and mbedtls_dhm_parse_dhm() now expect the
417    * calloc() is now used instead of malloc() everywhere. API of platform
421      (support for renegotiation now needs explicit enabling in config.h).
442    * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on).
466    * The default minimum TLS version is now TLS 1.0.
467    * RC4 is now blacklisted by default in the SSL/TLS layer, and excluded from the
469    * Support for receiving SSLv2 ClientHello is now disabled by default at
471    * The default authmode for SSL/TLS clients is now REQUIRED.
472    * Support for RSA_ALT contexts in the PK layer is now optional. Since is is
476    * A minimum RSA key size of 2048 bits is now enforced during ceritificate
478    * Negotiation of truncated HMAC is now disabled by default on server too.
479    * The following functions are now case-sensitive:
487    * The minimum MSVC version required is now 2010 (better C99 support).
488    * The NET layer now unconditionnaly relies on getaddrinfo() and select().
494    * The following functions now return void:
506    * mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
537      speed and RAM (heap only for now) usage.
590    * Adjusting/overriding CFLAGS and LDFLAGS with the make build system is now
630    * Support for renegotiation can now be disabled at compile-time
655    * ssl_get_verify_result() now works even if the handshake was aborted due
668    * ssl_set_own_cert() now returns an error on key-certificate mismatch.
670    * debug_print_buf() now prints a text view in addition to hexadecimal.
671    * A specific error is now returned when there are ciphersuites in common
674    * It is now possible to disable negotiation of truncated HMAC server-side
676    * Example programs for SSL client and server now disable SSLv3 by default.
677    * Example programs for SSL client and server now disable RC4 by default.
713    * Ciphersuites using SHA-256 or SHA-384 now require TLS 1.x (there is no
719    * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
721    * POLARSSL_MPI_MAX_SIZE now defaults to 1024 in order to allow 8192 bits
738    * Blowfish in the cipher layer now supports variable length keys.
753    * md_list() now returns hashes strongest first
754    * Selection of hash for signing ServerKeyExchange in TLS 1.2 now picks
756    * All public contexts have _init() and _free() functions now for simpler
808    * AES-NI now compiles with "old" assemblers too
809    * Ciphersuites based on RC4 now have the lowest priority by default
821    * rsa_check_pubkey() now allows an E up to N
842    * x509_crt_info() now prints information about parsed extensions as well
843    * pk_verify() now returns a specific error code when the signature is valid
891    * Entropy module now supports seed writing and reading
896      now thread-safe if POLARSSL_THREADING_C defined
951    * ssl_mail_client now terminates lines with CRLF, instead of LF
978    * Curves are now stored fully in ROM
985    * SSL now gracefully handles missing RNG
1007    * Padding checks in cipher layer are now constant-time
1008    * Value comparisons in SSL layer are now constant-time
1084    * Client and server now filter sent and accepted ciphersuites on minimum
1092    * x509_crt_verify() now case insensitive for cn (RFC 6125 6.4)
1154    * ssl_get_verify_result() now works even if the handshake was aborted due
1191    * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
1197    * Entropy module now supports seed writing and reading
1224    * SSL now gracefully handles missing RNG
1234    * ssl_mail_client now terminates lines with CRLF, instead of LF
1251    * rsa_check_pubkey() now allows an E up to N
1276    * x509_verify() now case insensitive for cn (RFC 6125 6.4)
1312    * x509parse_crt() now better handles PEM error situations
1313    * ssl_parse_certificate() now calls x509parse_crt_der() directly
1316    * x509parse_crtpath() is now reentrant and uses more portable stat()
1330    * Default Blowfish keysize is now 128-bits
1354    * The SSL session cache module (ssl_cache) now also retains peer_cert
1405    * Depth that the certificate verify callback receives is now numbered
1470    * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
1476    * mpi_add_abs() now correctly handles adding short numbers to long numbers
1501    * x509parse_crt() now better handles PEM error situations
1502    * ssl_parse_certificate() now calls x509parse_crt_der() directly
1532    * mpi_add_abs() now correctly handles adding short numbers to long numbers
1536    * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
1604      So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
1621    * All error codes are now negative. Even on mermory failures and IO errors.
1632    * If certificate serial is longer than 32 octets, serial number is now
1645    * The generic cipher and message digest layer now have normal error
1657    * Functions requiring File System functions can now be disabled
1670    * mpi_init() and mpi_free() now only accept a single MPI
1673      is now done with a PLUS instead of an OR as error codes
1676      net_recv() now returns 0 on EOF instead of
1681    * Network functions now return POLARSSL_ERR_NET_WANT_READ or
1695    * Debug print of MPI now removes leading zero octets and 
1702    * Debug output of MPI's now the same independent of underlying
1714      are now supported as well (Fixes ticket #5)
1790    * rsa_check_private() now supports PKCS1v2 keys as well
1810    * X509 signature algorithm determination is now
1829    * Coverage test definitions now support 'depends_on'
1831    * Tests requiring specific hashing algorithms now honor
1902    * Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
2012     * Ciphers used in SSL/TLS can now be disabled at compile