ChangeLog - OpenGrok cross reference for /openthread-3.7.0/third

Lines Matching refs:extension
73    * Add support for record size limit extension as defined by RFC 8449
275      allocated to hold the extension. The extension would then be copied into
350    * Add parsing of directoryName subtype for subjectAltName extension in
420      of subjectAltName extension in x509 certificates.
636      extension in x509 certificates.
640      extension in x509 certificates.
654    * Add support to include the SubjectAltName extension to a CSR.
722    * Fix parsing of X.509 SubjectAlternativeName extension. Previously,
965      HardwareModuleName as a Subject Alternative Name extension. Hardware
1303    * The identifier of the CID TLS extension can be configured by defining
1541      which allows to mark an extension as critical. Fixes #4055.
1827      (when the encrypt-then-MAC extension is not in use) with some ALT
1866      invalid max_fragment_length extension, or an
1867      unsupported extension used by the server.
1916      when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension
2017      include this extension in all CA certificates that contain public keys
2019      extension as critical in such certificates." Previous to this change,
2020      the extension was always marked as non-critical. This was fixed by
2225      subjecAltName extension is present, the expected name was compared to any
2226      name in that extension regardless of its type. This means that an
2243      Encrypt-then-Mac extension, use constant code flow memory access patterns
2333    * Pass the "certificate policies" extension to the callback supplied to
2414    * Abort the ClientHello writing function as soon as some extension doesn't
2768    * Add the oid certificate policy x509 extension.
2775      X.509 certificate extension, specifically type hardware module name,
2777    * Add support for parsing certificate policies extension, as defined in
2782    * Add support for draft-05 of the Connection ID extension, as specified
2784      The Connection ID extension allows to keep DTLS connections beyond the
3493    * Allow configuring the shared library extension by setting the DLEXT
3515    * The truncated HMAC extension now conforms to RFC 6066. This means
3517      HMAC extension, Mbed TLS can now interoperate with other
3525    * Fix implementation of the truncated HMAC extension. The previous
3597      extension. When the truncated HMAC extension is enabled and CBC is used,
3611      default enabled) maximum fragment length extension is disabled in the
3633    * Fix a potential heap buffer over-read in ALPN extension parsing
3710    * Parse signature algorithm extension when renegotiating. Previously,
3892    * Fix insufficient support for signature-hash-algorithm extension,
3937      replacement support for enabling the extension of the interface.
4163    * Fix non-compliance server extension handling. Extensions for SSLv3 are now
4295    * Fix off-by-one error in parsing Supported Point Format extension that
4603    * Fix potential unintended sign extension in asn1_get_len() on 64-bit
4689    * Skip writing and parsing signature_algorithm extension if none of the
4691      issue with some servers when a zero-length extension was sent. (Reported
4714    * Lowest common hash was selected from signature_algorithms extension in
4817    * Fix off-by-one error in parsing Supported Point Format extension that
4851    * Improve interoperability by not writing extension length in ClientHello /
4866    * Support for the ALPN SSL extension
4868    * Enable verification of the keyUsage extension for CA and leaf
4870    * Enable verification of the extendedKeyUsage extension
5093    * Support for max_fragment_length extension (RFC 6066)
5094    * Support for truncated_hmac extension (RFC 6066)
5118    * Ability to disable server_name extension (RFC 6066)
5156    * Fix potential unintended sign extension in asn1_get_len() on 64-bit
5188    * Skip writing and parsing signature_algorithm extension if none of the
5190      issue with some servers when a zero-length extension was sent. (Reported
5281    * Improve interoperability by not writing extension length in ClientHello
5340    * Secure renegotiation extension should only be sent in case client
5456      Alternative Name extension
5476    * Added ServerName extension parsing (SNI) at server side
5486      to not match CN if subjectAltName extension is present (Closes ticket #56)
5634    * Added a separate CRL entry extension parsing function
5978     * Added support on the client side for the TLS "hostname" extension
5996       as the Klima-Pokorny-Rosa extension of Bleichenbacher's attack