yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 05:25:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
4557 commits 88 branches 205 tags 69 MiB
Commit graph

974 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 227692a6b1 Merge remote-tracking branch 'public/pr/1160' into mbedtls-2.1 
* public/pr/1160:
  Address PR review comments
  Backport 2.1:Fix crash when calling `mbedtls_ssl_cache_free` twice
 2017-12-19 11:42:29 +01:00
Gilles Peskine a15486a35f Merge branch 'pr_1044' into mbedtls-2.1 2017-12-04 17:29:28 +01:00
Gilles Peskine 45c8f6a38a Added ChangeLog entry 2017-12-04 17:28:09 +01:00
Gilles Peskine 4b36dfb820 Merge remote-tracking branch 'upstream-public/pr/1174' into mbedtls-2.1 2017-12-04 17:20:45 +01:00
Gilles Peskine 49349bacb9 Merge remote-tracking branch 'upstream-public/pr/1153' into mbedtls-2.1 2017-11-29 20:53:58 +01:00
Gilles Peskine f663c22ab7 Merge remote-tracking branch 'upstream-public/pr/916' into mbedtls-2.1 2017-11-29 20:53:44 +01:00
Gilles Peskine 25aa833ac3 Merge branch 'pr_1082' into mbedtls-2.1 2017-11-28 18:33:50 +01:00
Gilles Peskine 026d18aefa Add ChangeLog entry 2017-11-28 18:33:31 +01:00
Gilles Peskine 283a80d51f Merge remote-tracking branch 'upstream-public/pr/1108' into mbedtls-2.1 2017-11-28 18:31:28 +01:00
Gilles Peskine 31dce36364 Merge remote-tracking branch 'upstream-public/pr/1080' into mbedtls-2.1 2017-11-28 18:30:18 +01:00
Gilles Peskine a6f6947490 Merge remote-tracking branch 'upstream-public/pr/943' into mbedtls-2.1 2017-11-28 18:28:39 +01:00
Gilles Peskine d08ae68237 Merge remote-tracking branch 'upstream-public/pr/1112' into mbedtls-2.1 2017-11-24 15:37:29 +01:00
Gilles Peskine 7aa24190b4 Merge remote-tracking branch 'upstream-public/pr/1107' into mbedtls-2.1 2017-11-23 20:09:48 +01:00
Darryl Green 1b052e80aa Add checks for private parameter in mbedtls_ecdsa_sign() 2017-11-20 17:11:17 +00:00
Manuel Pégourié-Gonnard ea0aa655f6 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted 
* mbedtls-2.1:
  Fix typo in asn1.h
  Improve leap year test names in x509parse.data
  Correctly handle leap year in x509_date_is_valid()
  Renegotiation: Add tests for SigAlg ext parsing
  Parse Signature Algorithm ext when renegotiating
  Fix changelog for ssl_server2.c usage fix
  Fix ssl_server2 sample application prompt
  Update ChangeLog for fix to #836
  Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
  Enhance documentation of mbedtls_ssl_set_hostname
  Add test case calling ssl_set_hostname twice
  Make mbedtls_ssl_set_hostname safe to be called multiple times
  Fix typo in configs/README.txt file
 2017-11-14 08:38:52 +01:00
Ron Eldor 5bd272627b Backport 2.1:Fix crash when calling mbedtls_ssl_cache_free twice 
Set `cache` to zero at the end of `mbedtls_ssl_cache_free` #1104
 2017-10-30 18:09:40 +02:00
Hanno Becker 489f80cbf5 Adapt ChangeLog 2017-10-24 11:56:58 +01:00
Hanno Becker b658ee63c2 Adapt ChangeLog 2017-10-19 15:45:17 +01:00
Andres Amaya Garcia bc041130b0 Correctly handle leap year in x509_date_is_valid() 
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
 2017-10-12 21:03:01 +01:00
Ron Eldor bac9d4d90f Parse Signature Algorithm ext when renegotiating 
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
 2017-10-11 13:58:08 +01:00
Hanno Becker ffa7a33ee4 Adapt ChangeLog 2017-10-05 09:08:06 +01:00
Simon Butcher 5d39aceb04 Fix changelog for ssl_server2.c usage fix 2017-10-02 19:17:57 +01:00
Simon Butcher 72e9ba2ce3 Update ChangeLog for fix to #836 2017-09-30 23:51:44 +01:00
Hanno Becker c7845e51f3 Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog. 
Add a reference to the relevant RFC, adapt ChangeLog.
 2017-09-30 23:49:01 +01:00
Hanno Becker 380aa64d65 Adapt ChangeLog 2017-09-28 16:26:17 +01:00
Hanno Becker a89dbd168e Adapt ChangeLog 2017-09-28 14:38:26 +01:00
Andres Amaya Garcia 41a38dfed6 Add ChangeLog entry 2017-09-15 11:01:40 +01:00
Ron Eldor 00cb3af4ab Backport 2.1:Add configuration file in md.h 
include `*config.h*` in md.h as MACROS in the header file get ignored.
Fix for #1001.
 2017-09-07 14:42:51 +03:00
Simon Butcher 1fe5e8ab44 Update version number to 2.1.9 2017-08-10 11:51:47 +01:00
Simon Butcher a30508309e Fix language in Changelog for clarity 2017-08-10 10:48:33 +01:00
Simon Butcher ea27c997c0 Improve documentation of PKCS1 decryption functions 
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
 - mbedtls_rsa_pkcs1_decrypt,
 - mbedtls_rsa_rsaes_pkcs1_v15_decrypt
 - mbedtls_rsa_rsaes_oaep_decrypt
 2017-08-01 23:00:34 +01:00
Hanno Becker 223f88dd2e Adapt ChangeLog 2017-07-28 22:15:31 +01:00
Hanno Becker 3948a101b6 Adapt ChangeLog 2017-07-28 21:42:50 +01:00
Simon Butcher 246bf6932d Fix duplication in Changelog introduced by merge 2017-07-28 13:08:07 +01:00
Ron Eldor b5851193eb Backport 2.1: check if iv is zero in gcm. 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
 2017-07-28 12:21:38 +01:00
Hanno Becker 58897fbd7d Correct indentation and labelling in ChangeLog 2017-07-28 12:20:48 +01:00
Janos Follath 4721831ffb Fix typos 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard 83765655dd Add ChangeLog entry for the security issue 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard c386317298 Only return VERIFY_FAILED from a single point 
Everything else is a fatal error. Also improve documentation about that for
the vrfy callback.
 2017-07-28 12:20:48 +01:00
Manuel Pégourié-Gonnard 489939f829 Improve behaviour on fatal errors 
If we didn't walk the whole chain, then there may be any kind of errors in the
part of the chain we didn't check, so setting all flags looks like the safe
thing to do.
 2017-07-28 12:20:47 +01:00
Andres AG b322be507b Prevent signed integer overflow in CSR parsing 
Modify the function mbedtls_x509_csr_parse_der() so that it checks the
parsed CSR version integer before it increments the value. This prevents
a potential signed integer overflow, as these have undefined behaviour
in the C standard.
 2017-07-26 17:59:20 +01:00
Andres AG 1f06d9bac7 Fix potential integer overflow parsing DER CRT 
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
 2017-07-26 17:57:43 +01:00
Andres AG 0ff660e0a6 Fix potential integer overflow parsing DER CRL 
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
 2017-07-26 17:56:42 +01:00
Ron Eldor a886ce3c88 Backport 2.1: Check rc of mbedtls_mpi_fill_random 
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
 2017-07-20 01:25:53 +02:00
Ron Eldor 0fb3e0afb9 Backport: Resource leak fix on windows platform 
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
 2017-07-20 01:05:47 +02:00
Ron Eldor ee709f4d13 Backport 2.1: Wrong preproccessor condition fix 
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
 2017-07-20 00:47:20 +02:00
Ron Eldor 5ff277ee1e Backport 2.1: check if iv is zero in gcm. 
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
 2017-07-20 00:30:44 +02:00
Simon Butcher fbb9837ad5 Update the version number to 2.1.8 2017-06-20 23:31:06 +01:00
Janos Follath 3fb1cc37a6 Improve Changelog 2017-06-16 14:15:08 +01:00
Manuel Pégourié-Gonnard 89930b354c Merge remote-tracking branch 'restricted/iotssl-1398_backport-2.1' into mbedtls-2.1-restricted 
* restricted/iotssl-1398_backport-2.1:
  Add ChangeLog entry
  Ensure application data records are not kept when fully processed
  Add hard assertion to mbedtls_ssl_read_record_layer
  Fix mbedtls_ssl_read
  Simplify retaining of messages for future processing
 2017-06-09 15:06:31 +02:00