Merge branch 'polarssl-1.2-restricted' of ssh://github.com/ARMmbed/mbedtls-restricted into polarssl-1.2-restricted

This commit is contained in:
Simon Butcher 2015-10-05 17:34:36 +01:00
commit 697b37a365
7 changed files with 20 additions and 26 deletions

View file

@ -26,6 +26,11 @@ Security
unless you allow third parties to pick trust CAs for client auth. Found by unless you allow third parties to pick trust CAs for client auth. Found by
Guido Vranken, Intelworks. Guido Vranken, Intelworks.
Bugfix
* Fix compile error in net.c with musl libc. Found and patch provided by
zhasha (#278).
* Fix macroization of 'inline' keywork when building as C++. (#279)
Changes Changes
* ssl_set_hostname() now rejects host names longer that 255 bytes (maximum * ssl_set_hostname() now rejects host names longer that 255 bytes (maximum
defined by RFC 1035) defined by RFC 1035)

View file

@ -29,13 +29,10 @@
#include <string.h> #include <string.h>
#if defined(_MSC_VER) && !defined(inline) #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
#define inline _inline !defined(inline) && !defined(__cplusplus)
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline #define inline __inline
#endif /* __ARMCC_VERSION */ #endif
#endif /*_MSC_VER */
#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ #define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */
#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ #define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */

View file

@ -331,8 +331,9 @@
* If set, the X509 parser will not break-off when parsing an X509 certificate * If set, the X509 parser will not break-off when parsing an X509 certificate
* and encountering an unknown critical extension. * and encountering an unknown critical extension.
* *
* Uncomment to prevent an error. * \warning Depending on your PKI use, enabling this can be a security risk!
* *
* Uncomment to prevent an error.
#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION #define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
*/ */

View file

@ -28,13 +28,10 @@
#include <string.h> #include <string.h>
#if defined(_MSC_VER) && !defined(inline) #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
#define inline _inline !defined(inline) && !defined(__cplusplus)
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline #define inline __inline
#endif /* __ARMCC_VERSION */ #endif
#endif /*_MSC_VER */
#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ #define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */

View file

@ -34,13 +34,10 @@
#include <pkcs11-helper-1.0/pkcs11h-certificate.h> #include <pkcs11-helper-1.0/pkcs11h-certificate.h>
#if defined(_MSC_VER) && !defined(inline) #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
#define inline _inline !defined(inline) && !defined(__cplusplus)
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline #define inline __inline
#endif /* __ARMCC_VERSION */ #endif
#endif /*_MSC_VER */
/** /**
* Context for PKCS #11 private keys. * Context for PKCS #11 private keys.

View file

@ -43,13 +43,10 @@
#include "zlib.h" #include "zlib.h"
#endif #endif
#if defined(_MSC_VER) && !defined(inline) #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
#define inline _inline !defined(inline) && !defined(__cplusplus)
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline #define inline __inline
#endif /* __ARMCC_VERSION */ #endif
#endif /*_MSC_VER */
/* /*
* SSL Error codes * SSL Error codes

View file

@ -268,7 +268,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip )
struct sockaddr_in client_addr; struct sockaddr_in client_addr;
#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ #if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \
defined(_SOCKLEN_T_DECLARED) defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t)
socklen_t n = (socklen_t) sizeof( client_addr ); socklen_t n = (socklen_t) sizeof( client_addr );
#else #else
int n = (int) sizeof( client_addr ); int n = (int) sizeof( client_addr );