mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-23 12:01:11 +00:00
Merge remote-tracking branch 'public/pr/1656' into mbedtls-2.1
This commit is contained in:
Simon Butcher
commit
0a715b1587
|
|
@ -7,8 +7,13 @@ option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF)
|
||||||
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
|
option(ENABLE_PROGRAMS "Build mbed TLS programs." ON)
|
||||||
|
|
||||||
|
|
||||||
|
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
|
||||||
|
string(REGEX MATCH "GNU" CMAKE_COMPILER_IS_GNU "${CMAKE_C_COMPILER_ID}")
|
||||||
|
string(REGEX MATCH "IAR" CMAKE_COMPILER_IS_IAR "${CMAKE_C_COMPILER_ID}")
|
||||||
|
string(REGEX MATCH "MSVC" CMAKE_COMPILER_IS_MSVC "${CMAKE_C_COMPILER_ID}")
|
||||||
|
|
||||||
# the test suites currently have compile errors with MSVC
|
# the test suites currently have compile errors with MSVC
|
||||||
if(MSVC)
|
if(CMAKE_COMPILER_IS_MSVC)
|
||||||
option(ENABLE_TESTING "Build mbed TLS tests." OFF)
|
option(ENABLE_TESTING "Build mbed TLS tests." OFF)
|
||||||
else()
|
else()
|
||||||
option(ENABLE_TESTING "Build mbed TLS tests." ON)
|
option(ENABLE_TESTING "Build mbed TLS tests." ON)
|
||||||
|
|
@ -48,7 +53,7 @@ endfunction(link_to_source)
|
||||||
|
|
||||||
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
|
string(REGEX MATCH "Clang" CMAKE_COMPILER_IS_CLANG "${CMAKE_C_COMPILER_ID}")
|
||||||
|
|
||||||
if(CMAKE_COMPILER_IS_GNUCC)
|
if(CMAKE_COMPILER_IS_GNU)
|
||||||
# some warnings we want are not available with old GCC versions
|
# some warnings we want are not available with old GCC versions
|
||||||
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
|
# note: starting with CMake 2.8 we could use CMAKE_C_COMPILER_VERSION
|
||||||
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
|
execute_process(COMMAND ${CMAKE_C_COMPILER} -dumpversion
|
||||||
|
|
@ -67,7 +72,7 @@ if(CMAKE_COMPILER_IS_GNUCC)
|
||||||
set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ")
|
set(CMAKE_C_FLAGS_ASANDBG "-Werror -fsanitize=address -fno-common -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls ")
|
||||||
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
||||||
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
|
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
|
||||||
endif(CMAKE_COMPILER_IS_GNUCC)
|
endif(CMAKE_COMPILER_IS_GNU)
|
||||||
|
|
||||||
if(CMAKE_COMPILER_IS_CLANG)
|
if(CMAKE_COMPILER_IS_CLANG)
|
||||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow")
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow")
|
||||||
|
|
@ -81,16 +86,20 @@ if(CMAKE_COMPILER_IS_CLANG)
|
||||||
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
set(CMAKE_C_FLAGS_CHECK "-Werror -Os")
|
||||||
endif(CMAKE_COMPILER_IS_CLANG)
|
endif(CMAKE_COMPILER_IS_CLANG)
|
||||||
|
|
||||||
if(MSVC)
|
if(CMAKE_COMPILER_IS_IAR)
|
||||||
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts --warnings_are_errors -Ohz")
|
||||||
|
endif(CMAKE_COMPILER_IS_IAR)
|
||||||
|
|
||||||
|
if(CMAKE_COMPILER_IS_MSVC)
|
||||||
# Strictest warnings, and treat as errors
|
# Strictest warnings, and treat as errors
|
||||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W3")
|
||||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
|
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX")
|
||||||
endif(MSVC)
|
endif(CMAKE_COMPILER_IS_MSVC)
|
||||||
|
|
||||||
if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
||||||
if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
|
if(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
|
||||||
set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
|
set(CMAKE_SHARED_LINKER_FLAGS "--coverage")
|
||||||
endif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)
|
endif(CMAKE_COMPILER_IS_GNU OR CMAKE_COMPILER_IS_CLANG)
|
||||||
endif(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
endif(CMAKE_BUILD_TYPE STREQUAL "Coverage")
|
||||||
|
|
||||||
if(LIB_INSTALL_DIR)
|
if(LIB_INSTALL_DIR)
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,8 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
||||||
= mbed TLS x.x.x branch released xxxx-xx-xx
|
= mbed TLS x.x.x branch released xxxx-xx-xx
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
|
* Fix compilation warnings with IAR toolchain, on 32 bit platform.
|
||||||
|
Reported by rahmanih in #683
|
||||||
* Fix braces in mbedtls_memory_buffer_alloc_status(). Found by sbranden, #552.
|
* Fix braces in mbedtls_memory_buffer_alloc_status(). Found by sbranden, #552.
|
||||||
* Added the macro MBEDTLS_X509_MAX_FILE_PATH_LEN that enables the user to
|
* Added the macro MBEDTLS_X509_MAX_FILE_PATH_LEN that enables the user to
|
||||||
configure the maximum length of a file path that can be buffered when
|
configure the maximum length of a file path that can be buffered when
|
||||||
|
|
|
||||||
|
|
@ -613,7 +613,13 @@ static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t
|
||||||
volatile unsigned char diff = 0;
|
volatile unsigned char diff = 0;
|
||||||
|
|
||||||
for( i = 0; i < n; i++ )
|
for( i = 0; i < n; i++ )
|
||||||
diff |= A[i] ^ B[i];
|
{
|
||||||
|
/* Read volatile data in order before computing diff.
|
||||||
|
* This avoids IAR compiler warning:
|
||||||
|
* 'the order of volatile accesses is undefined ..' */
|
||||||
|
unsigned char x = A[i], y = B[i];
|
||||||
|
diff |= x ^ y;
|
||||||
|
}
|
||||||
|
|
||||||
return( diff );
|
return( diff );
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -249,8 +249,10 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
|
||||||
memset( counter, 0, 4 );
|
memset( counter, 0, 4 );
|
||||||
counter[3] = 1;
|
counter[3] = 1;
|
||||||
|
|
||||||
|
#if UINT_MAX > 0xFFFFFFFF
|
||||||
if( iteration_count > 0xFFFFFFFF )
|
if( iteration_count > 0xFFFFFFFF )
|
||||||
return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
|
||||||
|
#endif
|
||||||
|
|
||||||
while( key_length )
|
while( key_length )
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -2086,7 +2086,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
int ret;
|
int ret;
|
||||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||||
ssl->transform_negotiate->ciphersuite_info;
|
ssl->transform_negotiate->ciphersuite_info;
|
||||||
unsigned char *p, *end;
|
unsigned char *p = NULL, *end = NULL;
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -2686,7 +2686,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
|
||||||
unsigned char *p = ssl->out_msg + 4;
|
unsigned char *p = ssl->out_msg + 4;
|
||||||
size_t len;
|
size_t len = 0;
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
|
||||||
unsigned char *dig_signed = p;
|
unsigned char *dig_signed = p;
|
||||||
size_t dig_signed_len = 0;
|
size_t dig_signed_len = 0;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue