Lines Matching refs:when
13 * Fix a buffer overread in mbedtls_lms_import_public_key() when the input is
20 * On x86/amd64 platforms, with some compilers, when the library is
24 AES to be used for some time when the program starts. This could allow
55 * Fix an integer underflow that could occur when parsing malformed PEM
68 * Fix failures of PSA multipart or interruptible operations when the
74 when using third-party drivers. This also affected one-shot MAC
78 This was sometimes not the case when an operation object is reused,
82 * Resolved build issue with C++ projects using Mbed TLS 3.6 when compiling
99 function reported the correct size in *olen when it returned
132 * MD module can now perform PSA dispatching also when
151 when deriving an ECC key pair.
154 or there was a cryptographic hardware failure when calculating the
168 * Fix undefined behavior in some cases when mbedtls_psa_raw_to_der() or
172 GCC-like compilers when building AES for generic x86_64 targets. This
178 limitations, notably a fragmented ClientHello is only supported when
187 implementatios if placed on the include path, eg. when building Mbed TLS
199 * Fix a buffer underrun in mbedtls_pk_write_key_der() when
203 when called on an opaque RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled
211 psa_key_derivation_output_key_ext() are no longer declared when compiling
218 !MBEDTLS_PSA_CRYPTO_C), do not automatically enable local crypto when the
284 not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when
288 mbedtls_ecdsa_raw_to_der() when the bits parameter is larger than the
293 * With TLS 1.3, when a server enables optional authentication of the
306 * Fix TLS 1.3 client build and runtime when support for session tickets is
308 * Fix compilation error when memcpy() is a function-like macros. Fixes #8994.
311 * Fix undefined behaviour (incrementing a NULL pointer by zero length) when
316 * Fix error handling when creating a key in a dynamic secure element
324 * Fix a compilation warning in pk.c when PSA is enabled and RSA is disabled.
325 * Fix the build when MBEDTLS_PSA_CRYPTO_CONFIG is enabled and the built-in
328 * Fix redefinition warnings when SECP192R1 and/or SECP192K1 are disabled.
333 when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
337 * Fix Clang compilation error when MBEDTLS_USE_PSA_CRYPTO is enabled
339 * Fix server mode only build when MBEDTLS_SSL_SRV_C is enabled but
345 * Fix unintended performance regression when using short RSA public keys.
351 * Fix TLS connections failing when the handshake selects TLS 1.3
360 * Fix a memory leak that could occur when failing to process an RSA
363 mbedtls_ssl_conf_ca_cb() would stop working when connections were
369 working when connections were upgraded to TLS 1.3. Fixed by adding
372 use authmode none, and to carefully check the results when using optional
376 mbedtls_ssl_conf_verify(), would stop working when connections were
430 when compiling for Thumb (T32) or 32-bit Arm (A32).
441 AES when compiling for Thumb (T32) or 32-bit Arm (A32).
464 * Improve performance of AES-GCM, AES-CTR and CTR-DRBG when
493 operations when hardware accelerated AES is not present. Improves
525 concurrently calling psa_crypto_init() when MBEDTLS_THREADING_C and
531 * Fix a stack buffer overread (less than 256 bytes) when parsing a TLS 1.3
548 when an SSL context is reset with the mbedtls_ssl_session_reset() API.
565 * Fix the build with CMake when Everest or P256-m is enabled through
567 * Fix compilation error in C++ programs when MBEDTLS_ASN1_PARSE_C is
574 which mainly causes failures when building Windows target using
579 instead of seconds. That avoids rounding errors when computing the age of
590 acceleration detection when the libc headers do not define the
611 * Fix the restoration of the ALPN when loading serialized connection with
613 * Fix NULL pointer dereference in mbedtls_pk_verify_ext() when called using
618 functions. Note that overlap is still only partially supported when
632 * mbedtls_pk_sign_ext() is now always available, not just when
641 saving code size when those are not otherwise enabled.
661 * Fix a failure to validate input when writing x509 extensions lengths which
680 of ECDSA and/or EC J-PAKE when those are provided by a driver. However,
718 drivers when MBEDTLS_PSA_CRYPTO_C is enabled and psa_crypto_init() has
848 small when MBEDTLS_SHA384_C was defined and MBEDTLS_SHA512_C was
852 * Fix a buffer overread when parsing short TLS application data records in
864 PSA_SIGNATURE_MAX_SIZE buffers when at least one accelerated EC is bigger
872 in the ecdsa.h header file. There was a build warning when the
875 * Fix an error when MBEDTLS_ECDSA_SIGN_ALT is defined but not
877 * Fix missing PSA initialization in sample programs when
881 * Fix clang and armclang compilation error when targeting certain Arm
884 * Fix "unterminated '#pragma clang attribute push'" in sha256/sha512.c when
887 * Fixed an issue that caused compile errors when using CMake and the IAR
891 * Fix a compilation failure in the constant_time module when
894 * Fix crypt_and_hash decryption fail when used with a stream cipher
898 when given a invalid name string if it did not contain '=' or ','.
903 * In TLS 1.3, fix handshake failure when a client in its ClientHello
910 * Fix a compilation error on some platforms when including mbedtls/ssl.h
912 * Fix x509 certificate generation to conform to RFC 5480 / RFC 5758 when
915 * Fix a potential corruption of the passed-in IV when mbedtls_aes_crypt_cbc()
917 * Fix compile failure due to empty enum in cipher_wrap.c, when building
921 * Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when
924 * Fix an issue when parsing an otherName subject alternative name into a
941 * Fix the build with CMake when Everest or P256-m is enabled through
945 * Enable Arm / Thumb bignum assembly for most Arm platforms when
947 * Enforce minimum RSA key size when generating a key
951 operations when MBEDTLS_PSA_CRYPTO_C is defined.
1016 This helps in saving code size when some of the above hashes are not
1020 * Use HOSTCC (if it is set) when compiling C code during generation of the
1021 configuration-independent files. This allows them to be generated when
1055 * AES-NI is now supported in 32-bit builds, or when MBEDTLS_HAVE_ASM
1056 is disabled, when compiling with GCC or Clang or a compatible compiler
1067 * Zeroize SSL cache entries when they are freed.
1068 * Fix a potential heap buffer overread in TLS 1.3 client-side when
1078 implementation as a fallback for when the assembly one cannot be used.
1087 * In TLS 1.3, when using a ticket for session resumption, tweak its age
1107 * Fix behavior of certain sample programs which could, when run with no
1120 * Reject OIDs with overlong-encoded subidentifiers when converting
1137 * Fix a compilation error when PSA Crypto is built with support for
1141 * Fix TLS 1.3 session resumption when the established pre-shared key is
1144 * Fix an issue when compiling with MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
1175 To fix the performance degradation when using default values the
1177 to best results when tested on Cortex-M4 and Intel i7.
1200 when building the library from the development branch rather than
1223 hashes from PSA when (and only when) MBEDTLS_MD_C is disabled.
1224 - PEM parsing of encrypted files now uses MD-5 from PSA when (and only
1225 when) MBEDTLS_MD5_C is disabled.
1237 though: that module only use hashes from PSA when MBEDTLS_MD_C is off).
1253 The ticket mechanism is supported when the configuration option
1303 * Fix a long-standing build failure when building x86 PIC code with old
1306 * Fix support for little-endian Microblaze when MBEDTLS_HAVE_ASM is defined.
1310 when building with Xcode.
1311 * Fix handling of broken symlinks when loading certificates using
1320 * Fix a compilation error when using CMake with an IAR toolchain.
1322 * Fix a build error due to a missing prototype warning when
1329 * Fix bugs and missing dependencies when building and testing
1333 * Fix compilation errors when trying to build with
1352 bytes when parsing certificates containing a binary RFC 4108
1369 when both operands are 0 and the left operand is represented with 0 limbs.
1370 * Fix undefined behavior (typically harmless in practice) when some bignum
1377 * Fix a build error when compiling the bignum module for some Arm platforms.
1448 * Add mbedtls_pk_sign_ext() which allows generating RSA-PSS signatures when
1474 * Add support for the ARMv8 SHA-2 acceleration instructions when building
1520 * Fix a potential heap buffer overread in TLS 1.2 server-side when
1529 when MBEDTLS_SSL_IN_CONTENT_LEN is less than a threshold that depends on
1542 checked properly when validating the certificate. This could cause a
1552 * Fixed swap of client and server random bytes when exporting them alongside
1555 in reduced configurations when MBEDTLS_USE_PSA_CRYPTO is enabled.
1556 * Fix a bug in (D)TLS curve negotiation: when MBEDTLS_USE_PSA_CRYPTO was
1569 * Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests
1571 * Fix a race condition in out-of-source builds with CMake when generated data
1573 * Fix the library search path when building a shared library with CMake
1590 * Fix compilation error when using C++ Builder on Windows. Reported by
1592 * psa_raw_key_agreement() now returns PSA_ERROR_BUFFER_TOO_SMALL when
1597 * Fix a TLS 1.3 handshake failure when the peer Finished message has not
1598 been received yet when we first try to fetch it.
1604 * Fix string representation of DNs when outputting values containing commas
1608 when MBEDTLS_SSL_PROTO_TLS1_3 is specified, and make this and other
1611 * Fix a TLS 1.3 handshake failure when the first attempt to send the client
1619 * Fix a null pointer dereference when performing some operations on zero
1631 * Fix CMake windows host detection, especially when cross compiling.
1649 * Assume source files are in UTF-8 when using MSVC with CMake.
1650 * Fix runtime library install location when building with CMake and MinGW.
1659 targets work when MbedTLS is built as a subdirectory. This allows the
1724 value when verifying a MAC or AEAD tag. This hardens the library in
1745 The check was accidentally not performed when cross-compiling for Windows
1757 * Fix mbedtls_cipher_crypt: AES-ECB when MBEDTLS_USE_PSA_CRYPTO is enabled.
1768 AEAD functions when ChachaPoly is disabled. Fixes #5065.
1778 * Fix the build of sample programs when neither MBEDTLS_ERROR_C nor
1782 that it produces when signing, as documented. Use the new algorithm
1792 * Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
1796 * Fix the build when no SHA2 module is included. Fixes #4930.
1797 * Fix the build when only the bignum module is included. Fixes #4929.
1799 pkcs12 functions when the password is empty. Fix the documentation to
1822 to remember when writing tests, or test configurations. Fixes #4653.
1839 yet supported when cross-compiling.
1894 when outputting a SHA-384 or SHA-224 hash into a buffer of exactly
2009 affect the maintained LTS branches, so when contributing changes please
2170 than PSA_ERROR_INVALID_HANDLE when the identifier specified for the key
2178 * Fix a bug in ECDSA that would cause it to fail when the hash is all-bits
2182 correctly by some bignum operations. This could happen when
2183 mbedtls_mpi_read_string() was called on "-0", or when
2186 * Fix a compilation error when MBEDTLS_ECP_RANDOMIZE_MXZ_ALT is
2188 * Fix an incorrect error code when parsing a PKCS#8 private key.
2198 nonetheless, resulting in undefined reference errors when building a
2201 when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384
2203 * Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499.
2215 (when the encrypt-then-MAC extension is not in use) with some ALT
2233 * Disallow inputs of length different from the corresponding hash when
2236 * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with
2242 * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no
2271 * fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on.
2281 when their input has length 0. Note that this is an implementation detail
2285 zero digits when operating from values constructed with an mpi_read
2302 * Implicitly add PSA_KEY_USAGE_SIGN_MESSAGE key usage policy flag when
2304 when PSA_KEY_USAGE_VERIFY_HASH flag is set. This usage flag extension
2305 is also applied when loading a key from storage.
2336 * Automatic fallback to a software implementation of ECP when
2357 * Fix a security reduction in CTR_DRBG when the initial seeding obtained a
2361 length, or when the entropy module uses SHA-256 and CTR_DRBG uses AES-256.
2366 * Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
2378 mbedtls_net_recv_timeout() when given a file descriptor that is
2385 * Fix memory leak that occured when calling psa_close_key() on a
2389 * Fix a resource leak in CTR_DRBG and HMAC_DRBG when MBEDTLS_THREADING_C
2394 twice is safe. This happens for RSA when some Mbed TLS library functions
2395 fail. Such a double-free was not safe when MBEDTLS_THREADING_C was
2398 when MBEDTLS_THREADING_C is enabled on platforms where initializing
2413 the PSA code needed by a PSA crypto client when the PSA crypto
2478 size of the output buffer when used with NIST_KW. As a result, code using
2483 MBEDTLS_MPI_MAX_SIZE to prevent a potential denial of service when
2493 algorithm parameters (only the size) when comparing the signature in the
2499 certs as invalid when mbedtls did not.
2510 when the input has trailing garbage. Fixes #2512.
2515 * Fix rsa_prepare_blinding() to retry when the blinding value is not
2521 * Fix the build when the macro _GNU_SOURCE is defined to a non-empty value.
2530 * Fix psa_generate_key() returning an error when asked to generate
2543 * Make arc4random_buf available on NetBSD and OpenBSD when _POSIX_C_SOURCE is
2549 fails. Previously the key identifier was just ignored when creating a
2555 * Fix a memory leak in mbedtls_mpi_sub_abs() when the result was negative
2610 * Fix a vulnerability in the verification of X.509 certificates when
2612 mbedtls_x509_crt_verify()) with the actual certificate name: when the
2630 * In (D)TLS record decryption, when using a CBC ciphersuites without the
2662 * Fix build errors when the only enabled elliptic curves are Montgomery
2665 * Fix self-test failure when the only enabled short Weierstrass elliptic
2671 * Fix a memory leak in mbedtls_md_setup() when using HMAC under low memory
2735 mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
2737 mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
2742 * Fix issue in Lucky 13 counter-measure that could make it ineffective when
2768 when PRNG function fails. Contributed by Jonas Lejeune in #3318.
2780 * Update iv and len context pointers manually when reallocating buffers
2782 when receiving a connection with CID, when these fields were shifted
2801 * Use FindPython3 when cmake version >= 3.15.0
2804 dropped. As a consequence, the TLS handshake now fails when the output
2835 happen when MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE was enabled in config.h
2843 DTLS client when parsing the Hello Verify Request message.
2851 * Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
2878 * Fix potential memory overread when performing an ECDSA signature
2884 * To avoid a side channel vulnerability when parsing an RSA private key,
2909 * Fix a possible error code mangling in psa_mac_verify_finish() when
2975 * Fix an unused variable warning when compiling without DTLS.
2979 * Fix a buffer overflow in the PSA HMAC code when using a long key with an
3091 * Fix build failure when building with mingw on Windows by including
3141 * Fix build failure when building with mingw on Windows by including
3193 * Fix 1-byte buffer overflow in mbedtls_mpi_write_string() when
3209 * Set the next sequence of the subject_alt_name to NULL when deleting
3264 when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242.
3271 * Fix returning the value 1 when mbedtls_ecdsa_genkey failed.
3279 * Fix false failure in all.sh when backup files exist in include/mbedtls
3281 * Ensure that unused bits are zero when writing ASN.1 bitstrings when using
3283 * Fix issue when writing the named bitstrings in KeyUsage and NsCertType
3311 * Ciphersuites based on 3DES now have the lowest priority by default when
3324 steps you have to take when enabling it.
3329 the return type from void to int to allow returning error codes when
3357 * Fix runtime error in `mbedtls_platform_entropy_poll()` when run
3360 * Fix an unsafe bounds check when restoring an SSL session from a ticket.
3382 the PSA Crypto API from Mbed Crypto when additionally used with the
3386 * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
3421 * Fix overly strict DN comparison when looking for CRLs belonging to a
3422 particular CA. This previously led to ignoring CRLs when the CRL's issuer
3492 * Fix failure in hmac_drbg in the benchmark sample application, when
3499 * Ignore IV in mbedtls_cipher_set_iv() when the cipher mode is
3526 * Remember the string format of X.509 DN attributes when replicating
3545 This allows users to configure such an implementation at compile time when
3568 handshake when flights do not get through (RFC 6347, section 4.1.1.1,
3596 with TLS versions 1.1 and earlier when the server requested authentication
3610 * Copy headers preserving timestamps when doing a "make install".
3676 * Fix "no symbols" warning issued by ranlib when building on Mac OS X. Fix
3684 * Fix compilation error when MBEDTLS_ARC4_C is disabled and
3695 * Fix decryption for zero length messages (which contain all padding) when a
3702 when the request_size argument is set to 0 as stated in the documentation.
3709 * Fail when receiving a TLS alert message with an invalid length, or invalid
3710 zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
3712 when calling with a NULL salt and non-zero salt_len. Contributed by
3788 where an optional signature algorithms list is expected when the signature
3813 This function is necessary to determine when it is safe to idle on the
3835 * Fix overriding and ignoring return values when parsing and writing to
3840 returned when unexpected messages were being discarded, ignoring that
3842 in the internal buffers; these cases led to deadlocks when event-driven
3868 * Provide an empty implementation of mbedtls_pkcs5_pbes2() when
3882 environment variable when using the project makefiles.
3885 * In the SSL module, when f_send, f_recv or f_recv_timeout report
3893 * Declare functions in header files even when an alternative implementation
3904 that when both sides of a TLS connection negotiate the truncated
3928 algorithms family when encrypting private keys using PKCS#5 v2.0.
3943 with flag MBEDTLS_X509_BADCERT_BAD_PK even when the key type was correct.
3951 * Fix compilation error on Mingw32 when _TRUNCATE is defined. Use _TRUNCATE
3954 * In test_suite_pk, pass valid parameters when testing for hash length
3959 * Fix X509 CRT parsing that would potentially accept an invalid tag when
3978 * Use (void) when defining functions with no parameters. Contributed by
3990 * Fix a buffer overflow in RSA-PSS verification when the hash was too large
3994 * Fix buffer overflow in RSA-PSS verification when the unmasked data is all
3996 * Fix an unsafe bounds check in ssl_parse_client_psk_identity() when adding
4033 when run on a heavily-loaded machine.
4067 returning error codes when using MBEDTLS_<MODULE>_ALT.
4095 * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
4098 * Parse signature algorithm extension when renegotiating. Previously,
4106 * Fix out-of-memory problem when parsing 4096-bit PKCS8-encrypted RSA keys.
4135 * Fix crash when calling mbedtls_ssl_cache_free() twice. Found by
4138 * Fix use of uninitialized memory in mbedtls_timing_get_timer() when reset=1.
4187 * Fix authentication bypass in SSL/TLS: when authmode is set to optional,
4188 mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's
4190 (default: 8) intermediates, even when it was not trusted. This could be
4230 compilation when using ARM Compiler 6.
4283 when sending the alert failed. The fix makes sure not to hide the error
4296 * Fix incorrect sign computation in modular exponentiation when the base is
4333 void to int to allow returning error codes when using MBEDTLS_AES_ALT,
4353 some data loss when casting a size_t to an unsigned int value in the
4365 when verifying the validity of a key on secp224k1. This could be
4372 * Fix output certificate verification flags set by x509_crt_verify_top() when
4375 set when the verification conditions are not met regardless of the cause.
4381 x509_csr.c that are reported when building mbed TLS with a config.h that
4386 renegotiation routines at unexpected times when the protocol is DTLS. Found
4388 * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
4402 by missing calls to mbedtls_pem_free() in cases when a
4408 * Fix a resource leak in ssl_cookie, when using MBEDTLS_THREADING_C.
4410 * Fix 1 byte buffer overflow in mbedtls_mpi_write_string() when the MPI
4432 mbedtls_x509write_csr_der() when the signature is copied to the buffer
4444 configure the maximum length of a file path that can be buffered when
4458 when GCM is used. Found by udf2457. #441
4463 * Fixed cert_app.c sample program for debug output and for use when no root
4478 * Fix potential byte overread when verifying malformed SERVER_HELLO in
4480 * Fix check for validity of date when parsing in mbedtls_x509_get_time().
4521 * Fix bug in mbedtls_mpi_add_mpi() that caused wrong results when the three
4527 * Fix memory leak that occurred only when ECJPAKE was enabled and ECDHE and
4534 * Fix issue that caused a hang when generating RSA keys of odd bitlength
4545 * On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5,
4557 * Fix potential double free when mbedtls_asn1_store_named_data() fails to
4568 when the first intermediate certificate has pathLenConstraint=0. Found by
4584 * Fix potential heap corruption on Windows when
4623 * Improved performance of mbedtls_ecp_muladd() when one of the scalars is 1
4637 mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
4648 * Fix possible heap buffer overflow in base64_encoded() when the input
4662 * Fix macroization of 'inline' keyword when building as C++. (#279)
4676 * Fix possible client-side NULL pointer dereference (read) when the client
4682 * Fix warning when using a 64bit platform. (found by embedthis) (#275)
4704 * Fix segfault in the benchmark program when benchmarking DHM.
4707 * Fix bug when parsing a ServerHello without extensions (found by David
4718 * Fix missing -static-libgcc when building shared libraries for Windows
4720 * Fix link error when building shared libraries for Windows with make.
4721 * Fix error when loading libmbedtls.so.
4731 * Fix unused function warning when using MBEDTLS_MDx_ALT or
4968 * Fix bug in entropy.c when THREADING_C is also enabled that caused
4970 * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than
4972 * Fix bug in ssl_mail_client when password is longer that username (found
4976 * mpi_size() and mpi_msb() would segfault when called on an mpi that is
4981 * Fix potential NULL pointer dereference (not trigerrable remotely) when
4994 * Fix compile error when POLARSSL_SSL_DISABLE_RENEGOTATION and
5025 * NULL pointer dereference in the buffer-based allocator when the buffer is
5053 for pre-1.2 clients when multiple certificates are available.
5070 * Fix potential failure in ECDSA signatures when POLARSSL_ECP_MAX_BITS is a
5079 issue with some servers when a zero-length extension was sent. (Reported
5087 * Blind RSA private operations even when POLARSSL_RSA_NO_CRT is defined.
5091 * A specific error is now returned when there are ciphersuites in common
5104 * Remotely-triggerable memory leak when parsing some X.509 certificates
5107 * Remotely-triggerable memory leak when parsing crafted ClientHello
5117 * Fix compile error in timing.c when POLARSSL_NET_C and POLARSSL_SELFTEST
5121 renegotation was pending, and on client when a HelloRequest was received.
5123 write callback returned WANT_WRITE when requesting renegotiation.
5151 when a GCM suite was chosen.
5190 * Very small records were incorrectly rejected when truncated HMAC was in
5240 ServerHello when no extensions are present (found by Matthew Page)
5244 big-endian platform when size was not an integer number of limbs
5246 * Some parts of ssl_tls.c were compiled even when the module was disabled.
5263 * pk_verify() now returns a specific error code when the signature is valid
5281 * Potential memory leak in mpi_exp_mod() when error occurs during
5288 * Fix compile errors when POLARSSL_ERROR_STRERROR_BC is undefined (found by
5327 "triple handshake" attack when authentication mode is 'optional' (the
5328 attack was already impossible when authentication is required).
5346 * ssl_cache was creating entries when max_entries=0 if TIMING_C was enabled.
5349 send() would return an EAGAIN error when sending the ticket.
5350 * ssl_cache was leaking memory when reusing a timed out entry containing a
5352 * ssl_srv was leaking memory when client presented a timed out ticket
5561 * Fix buffer overread of size 1 when parsing crafted X.509 certificates
5578 issue with some servers when a zero-length extension was sent. (Reported
5584 * Blind RSA private operations even when POLARSSL_RSA_NO_CRT is defined.
5591 * Remotely-triggerable memory leak when parsing some X.509 certificates
5605 renegotation was pending, and on client when a HelloRequest was received.
5632 "triple handshake" attack when authentication mode is optional (the
5633 attack was already impossible when authentication is required).
5640 when a GCM suite was chosen.
5667 * Potential memory leak in mpi_exp_mod() when error occurs during
5670 when no extensions are present (found by Matthew Page)
5674 big-endian platform when size was not an integer number of limbs
5699 * Fixed potential memory leak when failing to resume a session
5770 * Added support for custom labels when using rsa_rsaes_oaep_encrypt()
5772 * Re-added handling for SSLv2 Client Hello when the define
5804 * Memory leak when using RSA_PKCS_V21 operations fixed
5907 * Fixed potential memory leak when failing to resume a session
5963 * Memory leak when using RSA_PKCS_V21 operations fixed
6069 * Undid faulty bug fix in ssl_write() when flushing old data (Ticket
6076 enable and disable individual modes when needed
6125 * Fixed bug in ssl_write() when flushing old data (Fixed ticket
6146 * Support more exotic OID's when parsing certificates
6148 * Support more exotic name representations when parsing
6268 this is mind when checking for errors.
6307 * Fixed a bug in mpi_gcd() so that it also works when both
6350 be sent twice in non-blocking mode when send returns EAGAIN
6358 * Correctly handle the case in padlock_xcryptcbc() when input or
6368 * Make x509parse_verify() return BADCERT_CN_MISMATCH when an empty