Simon Butcher
49ed628ede
Fix ChangeLog after merging fix for IOTSSL-628
2016-05-18 20:07:27 +01:00
Janos Follath
f383363d43
Extended ChangeLog entry
2016-05-18 20:01:46 +01:00
Janos Follath
c70515d455
Add Changelog entry for current branch
2016-05-18 20:00:19 +01:00
Simon Butcher
f31d9676d1
Fix ChangeLog for backport of IOTSSL-621
2016-05-18 19:58:41 +01:00
Janos Follath
21ca00243c
Add Changelog entry for current branch
2016-05-18 19:58:41 +01:00
Simon Butcher
2d49c4d2f6
Fix ChangeLog after merging fix for IOTSSL-628
2016-05-18 19:58:41 +01:00
Janos Follath
7295c189ee
Extended ChangeLog entry
2016-05-18 19:58:41 +01:00
Janos Follath
574b118bf8
Add Changelog entry for current branch
2016-05-18 19:58:40 +01:00
Janos Follath
a1ebe662f3
Add Changelog entry for current branch
2016-05-18 19:58:40 +01:00
Janos Follath
4e03439e6a
Fix bug in ssl_write_supported_elliptic_curves_ext
...
Passing invalid curves to mbedtls_ssl_conf_curves potentially could caused a
crash later in ssl_write_supported_elliptic_curves_ext. #373
2016-04-22 09:59:00 +01:00
Janos Follath
7ddc2cdfce
Fix null pointer dereference in the RSA module.
...
Introduced null pointer checks in mbedtls_rsa_rsaes_pkcs1_v15_encrypt
2016-04-19 10:28:24 +01:00
Janos Follath
d61fc6881a
Fix odd bitlength RSA key generation
...
Fix issue that caused a hang up when generating RSA keys of odd
bitlength.
2016-04-19 09:42:17 +01:00
Janos Follath
4dfecabb97
Update default configuration
...
Change the default settings for SSL and modify the tests accordingly.
2016-03-14 13:40:43 +00:00
Manuel Pégourié-Gonnard
54f2c490ed
Avoid build errors with -O0 due to assembly
2016-01-08 15:30:03 +01:00
Manuel Pégourié-Gonnard
20715dc73b
Make ar invocation more portable
...
armar doesn't understand the syntax without dash. OTOH, the syntax with dash
is the only one specified by POSIX, and it's accepted by GNU ar, BSD ar (as
bundled with OS X) and armar, so it looks like the most portable syntax.
fixes #386
2016-01-08 15:28:40 +01:00
Manuel Pégourié-Gonnard
40510a3a79
Update ChangeLog for latest PR merged
...
fixes #309
2016-01-08 15:22:41 +01:00
Manuel Pégourié-Gonnard
a3a1cd33d1
Update reference to attack in ChangeLog
...
We couldn't do that before the attack was public
2016-01-08 15:11:12 +01:00
Simon Butcher
84181adae8
Change version number to 1.3.16
...
Changed version for library files and yotta module
2016-01-04 22:49:30 +00:00
Simon Butcher
a39690e7bf
Correction to ChangeLog
...
Corrected function name for rsa_rsassa_pkcs1_v15_sign()
2016-01-02 00:49:12 +00:00
Simon Butcher
14400c8fb0
Merge memory leak fix into branch 'mbedtls-1.3'
...
Merge of fix for memory leak in RSA-SSA signing - #372
2016-01-02 00:28:19 +00:00
Simon Butcher
7d3f3a8ac8
Fix for memory leak in RSA-SSA signing
...
Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
2016-01-02 00:03:39 +00:00
Simon Butcher
a192c8f5d8
Merge branch 'iotssl-541-1.3-pathlen-bugfix'
2016-01-01 01:13:45 +00:00
Manuel Pégourié-Gonnard
c05014459e
Fix wrong length limit in GCM
...
See for example page 8 of
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
The previous constant probably came from a typo as it was 2^26 - 2^5 instead
of 2^36 - 2^5. Clearly the intention was to allow for a constant bigger than
2^32 as the ull suffix and cast to uint64_t show.
fixes #362
2015-12-10 16:34:32 +01:00
Manuel Pégourié-Gonnard
c4a47e3483
Fix bug checking pathlen on first intermediate
...
Remove check on the pathLenConstraint value when looking for a parent to the
EE cert, as the constraint is on the number of intermediate certs below the
parent, and that number is always 0 at that point, so the constraint is always
satisfied.
The check was actually off-by-one, which caused valid chains to be rejected
under the following conditions:
- the parent certificate is not a trusted root, and
- it has pathLenConstraint == 0 (max_pathlen == 1 in our representation)
fixes #280
2015-11-19 12:06:45 +01:00
Simon Butcher
1f4e08c979
Changed version number to 1.3.15
...
Changed for library
2015-11-05 15:44:46 +00:00
Simon Butcher
34fc23fa6a
Corrected typo in ChangeLog
2015-11-03 23:14:16 +00:00
Manuel Pégourié-Gonnard
edb2327609
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Use own implementation of strsep()
Add Changelog entries for this branch
Use symbolic constants in test data
Fixed pathlen contraint enforcement.
Additional corner cases for testing pathlen constrains. Just in case.
Added test case for pathlen constrains in intermediate certificates
2015-11-02 06:57:30 +09:00
Manuel Pégourié-Gonnard
f23d6c56a4
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Add ChangeLog entry for previous commit
cert_write : fix "Destination buffer is too small" error
Add ChangeLog entry for previous two commits
Test certificate "Server1 SHA1, key_usage" reissued.
Fix boolean values according to DER specs
Fix typo in an OID name
Disable reportedly broken assembly of Sparc(64)
ECHDE-PSK does not use a certificate
Actually ignore most non-fatal alerts
2015-10-30 10:17:05 +01:00
Manuel Pégourié-Gonnard
54150a36d1
Add Changelog entries for this branch
2015-10-30 09:45:00 +01:00
Manuel Pégourié-Gonnard
664b751572
Add ChangeLog entry for previous commit
2015-10-27 15:12:39 +01:00
Manuel Pégourié-Gonnard
96e75ac97c
Add ChangeLog entry for previous two commits
2015-10-27 15:12:39 +01:00
Manuel Pégourié-Gonnard
c4baf98ce6
Fix typo in an OID name
...
fixes #314
2015-10-27 15:12:39 +01:00
Manuel Pégourié-Gonnard
7bbabeae8f
Disable reportedly broken assembly of Sparc(64)
...
fixes #292
2015-10-27 15:12:39 +01:00
Manuel Pégourié-Gonnard
c094a97223
ECHDE-PSK does not use a certificate
...
fixes #270
2015-10-27 15:12:39 +01:00
Manuel Pégourié-Gonnard
0aaefcebc0
Actually ignore most non-fatal alerts
...
fixes #308
2015-10-27 15:12:39 +01:00
Manuel Pégourié-Gonnard
758f490c90
Fix potential buffer overflow in asn1write
...
Ref: IOTSSL-519
backport of 22c3b7b
2015-10-27 11:47:37 +01:00
Manuel Pégourié-Gonnard
215a14bf29
Fix potential heap corruption on Windows
...
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
Ref: IOTSSL-518
backport of 261faed725
2015-10-27 11:47:37 +01:00
Manuel Pégourié-Gonnard
9c52176776
Fix potential double-free in ssl_set_psk()
...
Internal ref: IOTSSL-517
2015-10-27 11:47:37 +01:00
Manuel Pégourié-Gonnard
f093bde91e
Bump version to 1.3.14
2015-10-05 19:06:46 +01:00
Manuel Pégourié-Gonnard
c5934272fc
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Fix spurious #endif from previous cherry-pick
Fix macroization of inline in C++
Add missing warning in doc
Fix compile error in net.c with musl libc
2015-10-05 17:06:24 +01:00
Simon Butcher
36abef4c5c
Merge multiple backported vulnerability fixes
2015-10-05 16:44:59 +01:00
Manuel Pégourié-Gonnard
20607bb0fa
Fix macroization of inline in C++
...
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 14:28:17 +01:00
Manuel Pégourié-Gonnard
614624790d
Fix compile error in net.c with musl libc
...
fixes #278
2015-10-05 14:15:46 +01:00
Manuel Pégourié-Gonnard
de9c8a5734
Fix potential overflow in CertificateRequest
2015-10-02 12:04:20 +02:00
Manuel Pégourié-Gonnard
c7e61a2e3f
Fix more typos in ChangeLog
2015-10-01 18:22:54 +02:00
Manuel Pégourié-Gonnard
6d6018383e
Fix typos in ChangeLog and comments
2015-10-01 18:20:55 +02:00
Manuel Pégourié-Gonnard
48ec2c7b5e
Fix potential overflow in base64_encode
2015-10-01 10:07:28 +02:00
Manuel Pégourié-Gonnard
5aff029f9d
Fix potential double-free in ssl_set_psk()
2015-10-01 09:58:50 +02:00
Simon Butcher
643a922c56
Reordered extension fields and added to ChangeLog
...
Reordered the transmission sequence of TLS extension fields in client hello
and added to ChangeLog.
2015-10-01 01:17:10 +01:00
Manuel Pégourié-Gonnard
9bf29bee22
Fix potential random malloc in pem_read()
2015-09-30 17:01:35 +02:00
Manuel Pégourié-Gonnard
59efb6a1b9
Fix potential buffer overflow in mpi_read_string()
...
Found by Guido Vranken.
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.
Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).
Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-09-30 16:50:31 +02:00
Manuel Pégourié-Gonnard
7b4b2ac378
Fix stack buffer overflow in pkcs12
2015-09-30 16:46:07 +02:00
Simon Butcher
21823f9a69
Refined credits in ChangeLog for fuzzing issue
...
Changed GDS to Gotham Digital Science
2015-09-22 10:20:58 +01:00
Manuel Pégourié-Gonnard
df048c59cf
Bump version to 1.3.13
2015-09-17 11:53:14 +02:00
Manuel Pégourié-Gonnard
a701d2f5e9
Fix bug in server parsing point formats extension
...
There is only one length byte but for some reason we skipped two, resulting in
reading one byte past the end of the extension. Fortunately, even if that
extension is at the very end of the ClientHello, it can't be at the end of the
buffer since the ClientHello length is at most SSL_MAX_CONTENT_LEN and the
buffer has some more room after that for MAC and so on. So there is no
buffer overread.
Possible consequences are:
- nothing, if the next byte is 0x00, which is a comment first byte for other
extensions, which is why the bug remained unnoticed
- using a point format that was not offered by the peer if next byte is 0x01.
In that case the peer will reject our ServerKeyExchange message and the
handshake will fail.
- thinking that we don't have a common point format even if we do, which will
cause us to immediately abort the handshake.
None of these are a security issue.
The same bug was fixed client-side in fd35af15
Backport of f7022d1
2015-09-17 11:46:56 +02:00
Manuel Pégourié-Gonnard
a1cdcd2364
Add counter-measure against RSA-CRT attack
...
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
backport of 5f50104
2015-09-09 12:23:47 +02:00
Manuel Pégourié-Gonnard
bb564e0fb4
Fix possible client crash on API misuse
2015-09-03 10:44:32 +02:00
Manuel Pégourié-Gonnard
5f6b2b67c4
Changelog entry for the previous commits
2015-09-01 19:40:02 +02:00
Manuel Pégourié-Gonnard
6512554f42
Fix handling of long PSK identities
...
backport from c3b5d83
see #238
2015-08-31 11:43:47 +02:00
Manuel Pégourié-Gonnard
6432c7e782
Fix memory corruption in rsa sign/verify programs
...
backport from d74c697
see #210
2015-08-31 11:30:07 +02:00
Manuel Pégourié-Gonnard
e217ceea38
Fix warning with MD/SHA ALT implementation
...
backport of 8b2641d
see #239
2015-08-31 11:22:47 +02:00
Manuel Pégourié-Gonnard
a67fd79e8f
Fix -Wshadow warnings
...
Backport of ea35666
and 824ba72
see #240
2015-08-31 11:07:51 +02:00
Manuel Pégourié-Gonnard
5efed09c5f
Fix possible unlock before lock in RSA
...
Backport of 1385a28
and 4d04cdc
see #257
2015-08-31 10:21:10 +02:00
Manuel Pégourié-Gonnard
89789be80f
Fix handling of new config option
...
fixes #256
2015-08-27 09:54:16 +02:00
Paul Bakker
3edec6c4ed
Prepare for 1.3.12 release
2015-08-11 13:22:10 +01:00
Manuel Pégourié-Gonnard
cc86ac5d56
Fix compile error with armcc5 --gnu
2015-08-10 12:10:39 +02:00
Manuel Pégourié-Gonnard
b5d77d3fd9
Accept a trailing space at end of PEM lines
...
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
2015-08-10 12:01:50 +02:00
Manuel Pégourié-Gonnard
1b1254fa05
Fix missing -static-libgcc when building dlls
2015-08-10 11:56:54 +02:00
Manuel Pégourié-Gonnard
a64b15ee73
Fix bug with cmake and old version of GCC
2015-08-10 11:35:02 +02:00
Manuel Pégourié-Gonnard
f0f399d66c
Up default server DHM size to 2048 bits
2015-07-03 17:45:57 +02:00
Manuel Pégourié-Gonnard
006f655218
Add forgotten programs in Makefile
...
Closes #209
2015-06-29 18:52:57 +02:00
Manuel Pégourié-Gonnard
9ea1b23cc4
Up min size of DHM params to 1024 bits on client
2015-06-29 18:52:57 +02:00
Manuel Pégourié-Gonnard
6c3ccf5fd0
Fix thread-safety issue in debug.c
...
Closes #203
2015-06-29 18:52:57 +02:00
Paul Bakker
19eef51487
Prepare for 1.3.11 release
2015-06-04 14:49:19 +02:00
Manuel Pégourié-Gonnard
dccb80b7e5
Fix compile errors with NO_STD_FUNCTIONS
2015-06-03 10:20:33 +01:00
Manuel Pégourié-Gonnard
f2ec505c34
Ack external bugfix in Changelog
2015-06-03 09:50:07 +01:00
Manuel Pégourié-Gonnard
3e87a9f57f
FIx misplaced Changelog entry (oops)
2015-06-03 09:48:26 +01:00
Manuel Pégourié-Gonnard
d22514e8f6
Fix contributor's name in Changelog
2015-06-02 12:59:59 +01:00
Manuel Pégourié-Gonnard
5866848092
Update ChangeLog for recent external bugfix
2015-06-02 09:08:35 +01:00
Manuel Pégourié-Gonnard
61977614d8
Fix memleak with repeated [gc]cm_setkey()
2015-05-27 17:40:16 +02:00
Manuel Pégourié-Gonnard
154b00b07b
Update Changelog for recent contribution
2015-05-11 21:05:36 +02:00
Manuel Pégourié-Gonnard
fa950c9480
fix bug in ssl_mail_client
2015-04-30 12:50:22 +02:00
Manuel Pégourié-Gonnard
159c524df8
Fix undefined behaviour in x509
2015-04-30 11:21:18 +02:00
Manuel Pégourié-Gonnard
7b12492c77
Include changes from the 1.2 branch
2015-04-30 10:16:19 +02:00
Manuel Pégourié-Gonnard
7d1e95c991
Add countermeasure against cache-based lucky 13
2015-04-29 17:07:31 +02:00
Manuel Pégourié-Gonnard
e16b62c3a9
Make results of (ext)KeyUsage accessible
2015-04-29 17:07:31 +02:00
Manuel Pégourié-Gonnard
770b5e1e9e
Fix missing NULL check in MPI
2015-04-29 17:02:01 +02:00
Manuel Pégourié-Gonnard
d97828e7af
Fix detection of getrandom()
2015-04-29 14:28:48 +02:00
Manuel Pégourié-Gonnard
f5203e0bb5
Fix "make install" handling of symlinks
2015-04-29 14:28:48 +02:00
Manuel Pégourié-Gonnard
39a183a629
Add x509_crt_verify_info()
2015-04-17 17:24:25 +02:00
Manuel Pégourié-Gonnard
ba334201a9
Fix typo in contributor name (oops!)
2015-04-17 17:24:20 +02:00
Manuel Pégourié-Gonnard
a2fce21ae5
Fix potential NULL dereference on bad usage
2015-04-15 21:04:19 +02:00
Manuel Pégourié-Gonnard
12a8b66961
Update Changelog for recent merge
2015-04-15 14:20:14 +02:00
Manuel Pégourié-Gonnard
95f00892d2
Update Changelog for DH params
2015-04-15 14:12:05 +02:00
Manuel Pégourié-Gonnard
0645bfa74e
Fix typos in Changelog
2015-04-15 11:21:24 +02:00
Manuel Pégourié-Gonnard
e6c8366b46
Fix bug in pk_parse_key()
2015-04-15 11:21:24 +02:00
Paul Bakker
6152b0267c
Fixed typos
2015-04-14 15:00:09 +02:00
Manuel Pégourié-Gonnard
23ce09b18f
Deprecate HAVE_INT8 and HAVE_INT16
2015-04-09 14:51:51 +02:00
Manuel Pégourié-Gonnard
a98af5e2b2
Deprecate using NET_C without HAVE_IPV6
2015-04-09 14:40:46 +02:00
Manuel Pégourié-Gonnard
8c3f0f4c16
Official deprecate compat-1.2.h and openssl.h
2015-04-09 14:10:26 +02:00
Manuel Pégourié-Gonnard
29f777ef54
Fix bug with ssl_set_curves() check on client
2015-04-03 17:57:59 +02:00
Manuel Pégourié-Gonnard
cf201201e6
Fix bug in Via Padlock support
2015-04-02 10:53:59 +01:00
Manuel Pégourié-Gonnard
0878a0d884
Add missing depends in x509 programs
2015-03-31 15:14:37 +02:00
Manuel Pégourié-Gonnard
88fca3ef0e
Fix thread safety issue in RSA operations
...
The race was due to mpi_exp_mod storing a Montgomery coefficient in the
context (RM, RP, RQ).
The fix was verified with -fsanitize-thread using ssl_pthread_server and two
concurrent clients.
A more fine-grained fix should be possible, locking just enough time to check
if those values are OK and set them if not, rather than locking for the whole
mpi_exp_mod() operation, but it will be for later.
2015-03-27 15:12:05 +01:00
Manuel Pégourié-Gonnard
39ead3ef2f
Add test certificate for bitstring in DN
2015-03-27 13:11:33 +01:00
Manuel Pégourié-Gonnard
f7dbedb7db
Update Changelog for deprecation config flags
2015-03-23 14:20:04 +01:00
Manuel Pégourié-Gonnard
40f315ac16
Document recent make changes
2015-03-13 13:50:30 +00:00
Manuel Pégourié-Gonnard
1a90147dc5
Add missing extern "C" guard in aesni.h
2015-03-10 16:12:29 +00:00
Manuel Pégourié-Gonnard
51bccd3889
Fix compile error with renego disabled
2015-03-10 16:09:08 +00:00
Manuel Pégourié-Gonnard
f427f8854a
Stop checking key-cert match systematically
2015-03-10 15:35:29 +00:00
Manuel Pégourié-Gonnard
df4e44025d
Update Changelog
2015-02-18 10:11:06 +00:00
Manuel Pégourié-Gonnard
ad350ed759
Update Changelog for the mem-measure branch
2015-02-16 17:45:35 +00:00
Manuel Pégourié-Gonnard
ea0184bbeb
Document changes to make for windows
2015-02-16 15:42:16 +00:00
Manuel Pégourié-Gonnard
09eb14c01e
Revert "Require unix-utils in path for windows make"
...
This reverts commit 5d46cca09a
.
In preparation of merging an external contribution that superseedes this
Conflicts:
ChangeLog
2015-02-16 15:25:31 +00:00
Manuel Pégourié-Gonnard
6fdc4cae53
Fix potential signedness issue
2015-02-16 09:13:40 +00:00
Manuel Pégourié-Gonnard
00c220123d
Update Changelog for portability improvements
2015-02-13 15:15:51 +00:00
Manuel Pégourié-Gonnard
5d46cca09a
Require unix-utils in path for windows make
2015-02-13 12:02:45 +00:00
Manuel Pégourié-Gonnard
dda5213982
Fix harmless warnings with mingw in timing.c
2015-02-11 12:33:40 +00:00
Manuel Pégourié-Gonnard
38433535e3
Fix hardclock() with mingw64
2015-02-11 12:33:40 +00:00
Manuel Pégourié-Gonnard
677af93baa
Update Changelog for the cleanup branch
2015-02-10 11:41:57 +00:00
Manuel Pégourié-Gonnard
6f60cd848b
Move from SHA-1 to SHA-256 as default in programs
2015-02-10 11:31:58 +00:00
Manuel Pégourié-Gonnard
7bf1976034
Prepare Changelog for 1.3 branch development
...
This is meant to minimize/simplify merge conflict between topic branches.
2015-02-10 10:09:37 +00:00
Paul Bakker
daae3b749b
Prepare for mbed TLS 1.3.10 release
2015-02-08 15:49:54 +01:00
Manuel Pégourié-Gonnard
6674cce892
Fix potential timing issue in RSA pms handling
2015-02-06 11:36:56 +00:00
Manuel Pégourié-Gonnard
aa422b2f1a
Add attribution
2015-02-02 09:30:45 +00:00
Manuel Pégourié-Gonnard
65fc6a886a
Fix small bug in base64_encode()
2015-01-28 16:49:26 +00:00
Manuel Pégourié-Gonnard
f3046efb24
Re-categorize changelog entry
2015-01-28 15:21:42 +00:00
Manuel Pégourié-Gonnard
ee7d599904
Fix misattribution
2015-01-28 15:21:42 +00:00
Manuel Pégourié-Gonnard
607d663b41
Add debug info for cert/suite selection
2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard
e89163c0a8
Fix bug in ssl_get_verify_result()
2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard
9d7fc16dbf
Update Changelog
2015-01-28 15:28:29 +01:00
Manuel Pégourié-Gonnard
c9e0483b42
Update Changelog
2015-01-28 15:28:29 +01:00
Manuel Pégourié-Gonnard
acdb9b9525
Fix unchecked error code on Windows
2015-01-23 17:50:34 +00:00
Manuel Pégourié-Gonnard
d1a878c68f
Fix typos/cosmetics in Changelog
2015-01-14 16:59:23 +01:00
Paul Bakker
5b8f7eaa3e
Merge new security defaults for programs (RC4 disabled, SSL3 disabled)
2015-01-14 16:26:54 +01:00
Paul Bakker
36adc3631c
Merge support for getrandom() call
2015-01-14 16:19:59 +01:00
Paul Bakker
c82b7e2003
Merge option to disable truncated hmac on the server-side
2015-01-14 16:16:55 +01:00
Paul Bakker
e522d0fa57
Merge smarter certificate selection for pre-TLS-1.2 clients
2015-01-14 16:12:48 +01:00
Paul Bakker
f3561154ff
Merge support for 1/n-1 record splitting
2015-01-13 16:31:34 +01:00
Paul Bakker
f6080b8557
Merge support for enabling / disabling renegotiation support at compile-time
2015-01-13 16:18:23 +01:00
Paul Bakker
d7e2483bfc
Merge miscellaneous fixes into development
2015-01-13 16:04:38 +01:00
Manuel Pégourié-Gonnard
5dd28ea432
Fix len miscalculation in buffer-based allocator
2015-01-13 14:58:01 +01:00
Manuel Pégourié-Gonnard
547ff6618f
Fix NULL dereference in buffer-based allocator
2015-01-13 14:58:01 +01:00
Manuel Pégourié-Gonnard
5cb4b31057
Fix missing bound check
2015-01-13 14:58:00 +01:00
Manuel Pégourié-Gonnard
fa06581c73
Disable RC4 by default in example programs.
2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard
bd47a58221
Add ssl_set_arc4_support()
...
Rationale: if people want to disable RC4 but otherwise keep the default suite
list, it was cumbersome. Also, since it uses a global array,
ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like
the best place, even if it means temporarily adding one SSL setting.
2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard
448ea506bf
Set min version to TLS 1.0 in programs
2015-01-12 12:32:04 +01:00
Manuel Pégourié-Gonnard
18292456c5
Add support for getrandom()
2015-01-09 14:34:13 +01:00
Manuel Pégourié-Gonnard
e117a8fc0d
Make truncated hmac a runtime option server-side
...
Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
2015-01-09 12:52:20 +01:00
Manuel Pégourié-Gonnard
f01768c55e
Specific error for suites in common but none good
2015-01-08 17:06:16 +01:00
Manuel Pégourié-Gonnard
df331a55d2
Prefer SHA-1 certificates for pre-1.2 clients
2015-01-08 16:43:07 +01:00
Manuel Pégourié-Gonnard
3ff78239fe
Add tests for CBC record splitting
2015-01-08 11:15:09 +01:00
Manuel Pégourié-Gonnard
d94232389e
Skip signature_algorithms ext if PSK only
2014-12-02 11:57:29 +01:00
Manuel Pégourié-Gonnard
fa4238838a
Update Changelog for compile-option renegotiation
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
fd6c85c3eb
Set a compile-time limit to X.509 chain length
2014-11-20 16:37:41 +01:00
Manuel Pégourié-Gonnard
426d4ae7ff
Split x509_crl_parse_der() out of x509_crl_parse()
2014-11-20 16:36:07 +01:00
Manuel Pégourié-Gonnard
8c9223df84
Add text view to debug_print_buf()
2014-11-19 13:21:38 +01:00
Manuel Pégourié-Gonnard
8a5e3d4a40
Forbid repeated X.509 extensions
2014-11-12 18:13:58 +01:00
Manuel Pégourié-Gonnard
d681443f69
Fix potential stack overflow
2014-11-12 01:25:31 +01:00
Manuel Pégourié-Gonnard
b134060f90
Fix memory leak with crafted X.509 certs
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
0369a5291b
Fix uninitialised pointer dereference
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
e959979621
Fix ECDSA sign buffer size
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
b31b61b9e8
Fix potential undefined behaviour in Camellia
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
54f6e562e6
Fix CFLAGS with cmake and gcc
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
de17125875
Update ChangeLog for pk_check_pair() & Co
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
e10e06d863
Blind RSA operations even without CRT
2014-11-06 18:25:44 +01:00
Manuel Pégourié-Gonnard
d056ce0e3e
Use seq_num as AEAD nonce by default
2014-11-06 18:23:49 +01:00
Manuel Pégourié-Gonnard
c122ae7612
Update Changelog for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
b3c6a97b31
Update Changelog for session-hash
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
178f9d6e19
Update Changelog for FALLBACK_SCSV
2014-11-05 16:00:49 +01:00
Paul Bakker
a6c5ea2c43
Include 1.2.12 release information in ChangeLog
2014-10-24 16:26:29 +02:00
Paul Bakker
9eac4f7c4e
Prepare for release 1.3.9
2014-10-20 13:56:15 +02:00
Paul Bakker
b082bb50de
Fix typos in ChangeLog
2014-10-20 13:37:51 +02:00
Manuel Pégourié-Gonnard
f7cdbc0e87
Fix potential bad read of length
2014-10-17 17:02:10 +02:00
Manuel Pégourié-Gonnard
43c3b28ca6
Fix memory leak with crafted ClientHello
2014-10-17 12:42:11 +02:00
Manuel Pégourié-Gonnard
5d8618539f
Fix memory leak while parsing some X.509 certs
2014-10-17 12:41:41 +02:00
Manuel Pégourié-Gonnard
64938c63f0
Accept spaces at end of line/buffer in base64
2014-10-15 23:53:33 +02:00
Manuel Pégourié-Gonnard
7f4ed67a97
Fix compile error with armcc in mpi_is_prime()
2014-10-15 22:06:46 +02:00
Manuel Pégourié-Gonnard
da1b4de0e4
Increase MPI_MAX_BYTES to allow RSA 8192
2014-10-15 22:06:46 +02:00
Paul Bakker
5a5fa92bfe
x509_crt_parse() did not increase total_failed on PEM error
...
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard
480905d563
Fix selection of hash from sig_alg ClientHello ext.
2014-08-30 14:19:59 +02:00
Sander Niemeijer
ef5087d150
Added explicit casts to prevent compiler warnings when trying to build for iOS
2014-08-21 23:48:14 +02:00
Manuel Pégourié-Gonnard
a13500fdf7
Fix bug with ssl_close_notify and non-blocking I/O
2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard
f07f421759
Fix server-initiated renego with non-blocking I/O
2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard
f26a1e8602
ssl_read() stops returning non-application data
2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard
dca108e5a2
Rm reference to non-existent file in VS projects
2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
462906f955
Do no test net_usleep() when not defined
2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
192253aaa9
Fix buffer size in pk_write_*_pem()
2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
868c0eea08
Update Changelog for the last few commits
2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
42cc641159
Don't print uninitialized buffer in ssl_mail_client
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
9a6b442cee
Fix non-blocking sockets in net_accept()
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
a04fa4fa04
RSA-PSK key exchange requires TLS 1.x
...
It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d4ad07706
SHA-2 ciphersuites now require TLS 1.x
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
955028f858
Fix compile error in ssl_pthread_server
2014-08-14 11:34:33 +02:00
Paul Bakker
8dcb2d7d7e
Support escaping of commas in x509_string_to_names()
2014-08-11 11:59:52 +02:00
Paul Bakker
1910aa78a3
Fix release date for 1.3.8
2014-07-11 11:28:56 +02:00
Paul Bakker
0ae5a3d336
Include 1.2.11 ChangeLog
2014-07-11 11:28:30 +02:00
Paul Bakker
6c343d7d9a
Fix mpi_write_string() to write "00" as hex output for empty MPI
2014-07-10 15:27:10 +02:00
Paul Bakker
ec3a617d40
Make ready for release of 1.3.8 and soversion 7
2014-07-09 10:21:28 +02:00
Paul Bakker
28476e2789
Updated ChangeLog
2014-07-09 10:19:52 +02:00
Manuel Pégourié-Gonnard
08e81e0c8f
Change selection of hash algorithm for TLS 1.2
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
bd77254b18
md_list() starting with strongest hash
2014-07-08 13:03:02 +02:00
Paul Bakker
8fb99abaac
Merge changes for leaner memory footprint
2014-07-04 15:02:19 +02:00
Paul Bakker
b9e08b086b
Merge server-side enforced renegotiation requests
2014-07-04 15:01:37 +02:00
Paul Bakker
d598318661
Fix base64_decode() to return and check length correctly
2014-07-04 15:01:00 +02:00
Paul Bakker
23647b4df5
Update ChangeLog
2014-07-04 15:00:12 +02:00
Manuel Pégourié-Gonnard
dfc7df0bec
Add SSL_CIPHERSUITES config option
2014-07-04 14:59:02 +02:00
Manuel Pégourié-Gonnard
01edb1044c
Add POLARSSL_REMOVE_RC4_CIPHERSUITES
2014-06-25 11:27:59 +02:00
Paul Bakker
2a45d1c8bb
Merge changes to config examples and configuration issues
2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard
3135725670
Disable broken Sparc64 bn_mul assembly
2014-06-25 11:26:15 +02:00
Manuel Pégourié-Gonnard
8df68632e8
Fix bug in DHE-PSK PMS computation
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
fd35af1579
Fix off-by-one error in point format parsing
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
acbcbba860
Fix asm format of bn_mul.h for more portability
...
Found by Barry K. Nathan.
Quoting from http://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html :
"You can put multiple assembler instructions together in a single asm
template, separated by the characters normally used in assembly code for the
system. A combination that works in most places is a newline to break the
line, plus a tab character to move to the instruction field (written as
‘\n\t’). Sometimes semicolons can be used, if the assembler allows semicolons
as a line-breaking character. Note that some assembler dialects use semicolons
to start a comment."
2014-06-25 11:26:13 +02:00
Barry K. Nathan
35e7cb9aa6
Fix preprocessor checks for bn_mul PPC asm
...
On OS X, neither __powerpc__ nor __ppc__ is defined on PPC64, so the
asm code was only being used on PPC32.
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
d249b7ab9a
Restore ability to trust non-CA selfsigned EE cert
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
c4eff16516
Restore ability to use v1 CA if trusted locally
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
08485cca81
Fix SSL_BUFFER_LEN
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
eaa76f7e20
Fix computation of minlen for encrypted packets
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
0bcc4e1df7
Fix length checking for AEAD ciphersuites
2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard
3579522d31
Update Changelog for example configs changes
2014-06-24 17:33:54 +02:00
Manuel Pégourié-Gonnard
398c57b0b3
Blowfish accepts variable key len in cipher layer
2014-06-24 11:01:33 +02:00
Paul Bakker
3c38f29a61
Fix DER output of gen_key app (found by Gergely Budai)
2014-06-14 16:46:43 +02:00
Paul Bakker
3461772559
Introduce polarssl_zeroize() instead of memset() for zeroization
2014-06-14 16:46:03 +02:00
Paul Bakker
c2ff2083ee
Merge parsing and verification of RSASSA-PSS in X.509 modules
2014-06-12 22:02:47 +02:00
Paul Bakker
f51183a262
Revert deleted PolarSSL 1.3.4 release line in ChangeLog
2014-06-12 21:53:40 +02:00
Paul Bakker
863989bc81
Add LINK_WITH_PTHREAD to ChangeLog
2014-06-12 21:49:01 +02:00
Paul Bakker
49033ba0ac
Update ChangeLog for external fixes
2014-06-12 21:46:13 +02:00
Manuel Pégourié-Gonnard
b479871956
Update Changelog for RSASSA-PSS in X.509
2014-06-07 11:21:52 +02:00
Manuel Pégourié-Gonnard
bf696d030b
Make sig_opts non-optional in X509 structures
...
This simplifies the code.
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
cf975a3857
Factor out some common code
2014-06-02 16:12:46 +02:00
Paul Bakker
1ebc0c592c
Fix typos
2014-05-22 15:47:58 +02:00
Paul Bakker
c6ece49890
Updated ChangeLog for CCM
2014-05-22 15:45:03 +02:00
Paul Bakker
0f651c7422
Stricter check on SSL ClientHello internal sizes compared to actual packet size
2014-05-22 15:12:19 +02:00
Paul Bakker
dff3139cc8
Updated ChangeLog
2014-05-22 15:06:41 +02:00
Paul Bakker
5593f7caae
Fix typo in debug_print_msg()
2014-05-06 10:29:28 +02:00
Paul Bakker
47431b6d31
Updated ChangeLog for 1.3.7 to 2014-05-02
2014-05-02 13:27:13 +02:00
Paul Bakker
da13016d84
Prepped for 1.3.7 release
2014-05-01 14:27:19 +02:00
Barry K. Nathan
cf975f5988
Fix build with cc from Apple LLVM
...
On Xcode 4.x and above (I tested Xcode 4.6.3 on 10.7.5 and Xcode 5.5.1 on 10.9.2), cmake (2.8.12.2, whether from MacPorts or from clang.org, FWIW) is detecting /usr/bin/cc as Clang, but CMAKE_COMPILER_IS_CLANG is not getting set, so the tests aren't being built. (There may have been other build problems as well, but the fact that the tests weren't being built was by far the most obvious problem.)
Checking the compiler ID detected by cmake, rather than the name of the command used to invoke the compiler, fixes this.
2014-04-30 16:53:34 +02:00
Markus Pfeiffer
a26a005acf
Make compilation on DragonFly work
2014-04-30 16:52:28 +02:00
Paul Bakker
2a024ac86a
Merge dependency fixes
2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard
c16f4e1f78
Move RC4 ciphersuites down the list
2014-04-30 16:27:06 +02:00
Paul Bakker
8eab8d368b
Merge more portable AES-NI
2014-04-30 16:21:08 +02:00
Paul Bakker
33dc46b080
Fix bug with mpi_fill_random() on big-endian
2014-04-30 16:20:39 +02:00
Paul Bakker
f96f7b607a
On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
2014-04-30 16:02:38 +02:00
Paul Bakker
6384440b13
Better support for the different Attribute Types from IETF PKIX (RFC 5280)
2014-04-30 15:34:12 +02:00
Paul Bakker
24f37ccaed
rsa_check_pubkey() now allows an E up to N
2014-04-30 13:43:51 +02:00
Paul Bakker
0f90d7d2b5
version_check_feature() added to check for compile-time options at run-time
2014-04-30 11:49:44 +02:00
Paul Bakker
a70366317d
Improve interop by not writing ext_len in ClientHello / ServerHello when 0
...
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard
3a306b9067
Fix misplaced #endif in ssl_tls.c
2014-04-29 15:11:17 +02:00
Manuel Pégourié-Gonnard
edc81ff8c2
Fix some more curve depends in X.509 tests
2014-04-29 15:10:40 +02:00