Commit graph

3167 commits

Author SHA1 Message Date
Simon Butcher d5a3ed36b8 Merge remote-tracking branch 'public/pr/1863' into mbedtls-2.7 2018-07-24 12:57:15 +01:00
Simon Butcher b65d6ce83f Merge remote-tracking branch 'public/pr/1870' into mbedtls-2.7 2018-07-24 10:30:11 +01:00
Dawid Drozd 2ba7d8ed2d Remove unnecessary mark as unused #1098 (backport) 2018-07-20 14:08:02 +02:00
Simon Butcher bc5ec41c01 Merge remote-tracking branch 'public/pr/1847' into mbedtls-2.7 2018-07-19 19:48:25 +01:00
Angus Gratton 8946b0dd30 Check for invalid short Alert messages
(Short Change Cipher Spec & Handshake messages are already checked for.)
2018-07-16 20:12:56 +01:00
Angus Gratton b91cb6e1e6 TLSv1.2: Treat zero-length fragments as invalid, unless they are application data
TLS v1.2 explicitly disallows other kinds of zero length fragments (earlier standards
don't mention zero-length fragments at all).
2018-07-16 20:12:55 +01:00
Angus Gratton 1ba8e911ec CBC mode: Allow zero-length message fragments (100% padding)
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
2018-07-16 20:12:47 +01:00
Simon Butcher 28f68a3d15 Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7 2018-07-10 14:58:51 +01:00
Simon Butcher a159d64e86 Merge remote-tracking branch 'public/pr/1827' into mbedtls-2.7 2018-07-10 12:50:16 +01:00
Philippe Antoine 33e5c32a5b Fixes different off by ones 2018-07-09 10:39:02 +02:00
Brendan Shanks b32233319b x509.c: Remove unused includes
Remove unused includes guarded by MBEDTLS_FS_IO, which doesn't appear
anywhere else in the file.
2018-07-02 12:13:26 +01:00
niisato a35dbf155c about a issue Replace "new" variable #1782 2018-06-29 11:17:41 +01:00
Ron Eldor 8c02dd1709 Move definition of MBEDTLS_CIPHER_MODE_STREAM
Move definition of `MBEDTLS_CIPHER_MODE_STREAM` to header file
(`mbedtls_cipher_internal.h`), because it is used by more than
one file. Raised by TrinityTonic in #1719
2018-06-28 08:44:47 +03:00
Simon Butcher 0e342f77fc Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7 2018-06-27 11:11:34 +01:00
Simon Butcher 035d824ad5 Merge remote-tracking branch 'public/pr/1768' into mbedtls-2.7 2018-06-27 11:09:27 +01:00
Philippe Antoine 0f91c0f441 Coding style
Commit to be squashed
2018-06-22 11:45:38 +01:00
Philippe Antoine dc58e59280 Simplify code in mbedtls_x509_csr_parse 2018-06-22 11:44:48 +01:00
Philippe Antoine 78657e52d8 Fix memory leak in mbedtls_x509_csr_parse 2018-06-22 11:44:38 +01:00
Andres Amaya Garcia 0fc4e0878e Document ssl_write_real() behaviour in detail 2018-06-21 19:29:49 +01:00
Simon Butcher 662ae9eaae Change the library version to 2.7.4 2018-06-18 14:42:14 +01:00
Simon Butcher 112dfd5bc5 Merge remote-tracking branch 'public/pr/1728' into mbedtls-2.7 2018-06-15 13:02:40 +01:00
Simon Butcher 47212c8e2c Merge remote-tracking branch 'public/pr/1581' into mbedtls-2.7 2018-06-14 11:02:43 +01:00
Simon Butcher da46a40855 Merge remote-tracking branch 'public/pr/1711' into mbedtls-2.7 2018-06-14 11:01:14 +01:00
Simon Butcher 49de6b89c1 Compilation warning fixes on 32b platfrom with IAR
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683

This is based on work by Ron Eldor in PR #750, some of which was independently
fixed by Azim Khan and already merged in PR #1655.
2018-06-14 09:05:55 +01:00
Simon Butcher fb6da8815c Merge remote-tracking branch 'public/pr/1655' into mbedtls-2.7 2018-06-12 17:40:08 +01:00
Fabio Alessandrelli ec4ce37709 Only redefine _WIN32_WINNT macro when < 0x0501 2018-06-08 12:28:47 +01:00
Simon Butcher bb5e1c3973 Fix multiple quality issues in the source
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
2018-06-08 11:14:43 +01:00
Azim Khan 826cdab010 Treat warnings as errors for IAR
Fix IAR compiler warnings

Two warnings have been fixed:
1. code 'if( len <= 0xFFFFFFFF )' gave warning 'pointless integer comparison'.
   This was fixed by wraping the condition in '#if SIZE_MAX > 0xFFFFFFFF'.
2. code 'diff |= A[i] ^ B[i];' gave warning 'the order of volatile accesses is undefined in'.
   This was fixed by read the volatile data in temporary variables before the computation.

Explain IAR warning on volatile access

Consistent use of CMAKE_C_COMPILER_ID
2018-05-25 14:58:33 +01:00
Darryl Green 68207f868b Fix braces in mbedtls_memory_buffer_alloc_status() 2018-05-23 16:32:33 +01:00
Jaeden Amero 1fc4d33f5f Update version to 2.7.3 2018-04-27 13:15:45 +01:00
Jaeden Amero 07d1d5f270 Merge remote-tracking branch 'upstream-restricted/pr/473' into mbedtls-2.7-restricted-proposed
Remove trailing whitespace in ChangeLog.
2018-04-26 09:07:15 +01:00
Jaeden Amero 402256184a Merge branch 'mbedtls-2.7-proposed' into mbedtls-2.7-restricted-proposed
Resolve conflicts in ChangeLog.
2018-04-26 09:03:51 +01:00
Andrzej Kurek 6608096544 Change accepted ciphersuite versions when parsing server hello
Accept only ciphersuites for version chosen by the server
2018-04-25 05:28:08 -04:00
Andrzej Kurek 149f3a4d73 Change variable bytes_written to header_bytes in record decompression
The name is changed to better reflect the input, decompression case
2018-04-24 06:32:44 -04:00
Andrzej Kurek c3a3e2df0e ssl_tls: Fix invalid buffer sizes during compression / decompression
Adjust information passed to zlib to include already written data.
2018-04-23 08:39:13 -04:00
Mohammad Azim Khan 0acbd7df03 Same ciphersuite validation in server and client hello 2018-04-20 19:58:37 +01:00
Manuel Pégourié-Gonnard 8bce3685f5 Merge remote-tracking branch 'restricted/pr/468' into mbedtls-2.7-restricted-proposed
* restricted/pr/468:
  Improve comments style
  Remove a redundant test
  Add buffer size check before cert_type_len read
  Update change log
  Add a missing buffer size check
  Correct buffer size check
2018-04-18 12:21:36 +02:00
Krzysztof Stachowiak affb4f8e90 Improve comments style 2018-04-10 13:43:23 +02:00
Krzysztof Stachowiak 5ca4c5a15d Remove a redundant test 2018-04-10 13:43:17 +02:00
Krzysztof Stachowiak 314f16136f Add buffer size check before cert_type_len read 2018-04-10 13:43:10 +02:00
Krzysztof Stachowiak 071f9a3e47 Add a missing buffer size check 2018-04-04 13:44:04 +02:00
Krzysztof Stachowiak 3d8663b4f9 Correct buffer size check
Further in the code the next field from the binary buffer is read. The
check contained an off by one error.
2018-04-04 13:43:00 +02:00
Jaeden Amero d8e0cec63b Merge remote-tracking branch 'upstream-public/pr/1464' into mbedtls-2.7-proposed 2018-04-03 18:27:54 +01:00
Jaeden Amero b5f53b1039 Merge remote-tracking branch 'upstream-public/pr/1401' into mbedtls-2.7-proposed 2018-04-03 12:09:45 +01:00
Jaeden Amero e7dc46240d Merge remote-tracking branch 'upstream-public/pr/1543' into mbedtls-2.7-proposed 2018-04-03 12:03:30 +01:00
mohammad1603 29ed80f79f Fix compatibility problem in the printed message
Replace %zu with %lu and add cast for the printed value.
2018-04-02 07:34:26 -07:00
Gilles Peskine 595c84a7b1 Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed 2018-04-01 12:41:29 +02:00
Gilles Peskine a0e03a81a7 Merge branch 'pr_1538' into mbedtls-2.7-proposed 2018-04-01 12:35:50 +02:00
Gilles Peskine cc78ac46e7 Update error.c 2018-03-30 18:52:10 +02:00
Gilles Peskine 5114d3e4e1 Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
Clarify what MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH and
MBEDTLS_ERR_PK_SIG_LEN_MISMATCH mean. Add comments to highlight that
this indicates that a valid signature is present, unlike other error
codes. See
https://github.com/ARMmbed/mbedtls/pull/1149#discussion_r178130705
2018-03-30 18:43:16 +02:00