Merge branch 'development' into dtls

* development: (46 commits) Fix url again Fix small bug in base64_encode() Fix depend that was checked but not documented Fix dependency that was not checked Minor gitginore fixes Move some ignore patterns to subdirectories Ignore CMake/MSVC-related build files. Re-categorize changelog entry Fix misattribution Minor nits with stdout/stderr. Add cmake compatibility targets Add script for polarssl symlink creation Fix more stdio inclusion issues Add debug info for cert/suite selection Fix possible portability issue Fix bug in ssl_get_verify_result() aescrypt2.c local char array not initial Update Changelog Fix mips64 bignum implementation Fix usage string of ssl_client2 ... Conflicts: include/polarssl/ssl.h library/CMakeLists.txt library/Makefile programs/Makefile programs/ssl/ssl_client2.c programs/ssl/ssl_server2.c visualc/VS2010/PolarSSL.sln visualc/VS2010/mbedTLS.vcxproj visualc/VS6/mbedtls.dsp visualc/VS6/mbedtls.dsw
2015-01-29 11:29:12 +00:00 · 2015-01-29 11:29:12 +00:00 · 2a0718d947
commit 2a0718d947
parent dba564bc79 860b51642d
267 changed files with 5475 additions and 3350 deletions
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -5,7 +5,7 @@
 *
 *  Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
 *
- *  This file is part of mbed TLS (https://www.polarssl.org)
+ *  This file is part of mbed TLS (https://polarssl.org)
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
@ -155,7 +155,7 @@
 #define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO       -0x6B00  /**< Unexpected message at ServerHello in renegotiation. */
 #define POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED             -0x6A80  /**< DTLS client must retry for hello verification */
 #define POLARSSL_ERR_SSL_BUFFER_TOO_SMALL                  -0x6A00  /**< A buffer is too small to receive or write a message */
-#define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE             -0x6980  /**< None of the common ciphersuites is usable (eg, no suitable certificate) */
+#define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE             -0x6980  /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */

 /*
 * Various constants
@ -2051,11 +2051,11 @@ size_t ssl_get_bytes_avail( const ssl_context *ssl );
 *
 * \param ssl      SSL context
 *
- * \return         0 if successful, or a combination of:
- *                      BADCERT_EXPIRED
- *                      BADCERT_REVOKED
- *                      BADCERT_CN_MISMATCH
- *                      BADCERT_NOT_TRUSTED
+ * \return         0 if successful,
+ *                 -1 if result is not available (eg because the handshake was
+ *                 aborted too early), or
+ *                 a combination of BADCERT_xxx and BADCRL_xxx flags, see
+ *                 x509.h
 */
 int ssl_get_verify_result( const ssl_context *ssl );