Merge branch 'iotssl-1419-safermemcmp-volatile_backport-2.1' into mbedtls-2.1-restricted

ChangeLog

@@ -18,6 +18,7 @@ Security
      application layer can be forced into sending such large packets. The issue
      was independently reported by Tim Nordell via e-mail and by Florin Petriuc
      and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022. Fixes #707.
+   * Tighten should-be-constant-time memcmp against compiler optimizations.
 
 Bugfix
    * Fix some invalid RSA-PSS signatures with keys of size 8N+1 that were

include/mbedtls/ssl_internal.h

@@ -584,9 +584,9 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
 static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
 {
     size_t i;
-    const unsigned char *A = (const unsigned char *) a;
+    volatile const unsigned char *A = (volatile const unsigned char *) a;
-    const unsigned char *B = (const unsigned char *) b;
+    volatile const unsigned char *B = (volatile const unsigned char *) b;
-    unsigned char diff = 0;
+    volatile unsigned char diff = 0;
 
     for( i = 0; i < n; i++ )
         diff |= A[i] ^ B[i];