Commit graph

903 commits

Author SHA1 Message Date
Paul Bakker 308a586477 Better placement of memset() to prevent compiler warning under MSVC 2014-07-11 11:40:35 +02:00
Paul Bakker 695266cb51 Updated to version 1.2.11 2014-07-11 11:26:03 +02:00
Manuel Pégourié-Gonnard 0cdde2d107 Fix minlen for GCM suites 2014-07-09 18:03:10 +02:00
Paul Bakker a16e7f24f0 Proper initialization and checks for rare cases 2014-07-09 14:58:11 +02:00
Paul Bakker 1d073c59ad Add static and casts to prevent compiler warnings 2014-07-08 20:17:07 +02:00
Paul Bakker f73b718f17 Latest CBC padding check 2014-07-08 18:30:44 +02:00
Paul Bakker bbc843f0b8 Fix base64_decode() to return and check length correctly 2014-07-08 18:29:06 +02:00
Manuel Pégourié-Gonnard ff9e1a4aa4 Document in-out param of dhm_calc_secret() 2014-07-08 18:29:04 +02:00
Manuel Pégourié-Gonnard 002bc86718 Clarify mpi_write_binary()'s doc. 2014-07-08 18:29:03 +02:00
Manuel Pégourié-Gonnard 03917bf7d5 Disable broken Sparc64 bn_mul assembly 2014-07-08 18:29:01 +02:00
Manuel Pégourié-Gonnard 877a0944ad Padlock asm using \n\t too 2014-07-08 18:29:00 +02:00
Manuel Pégourié-Gonnard 4564af9e3d Fix asm format of bn_mul.h for more portability
Found by Barry K. Nathan.

Quoting from http://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html:

"You can put multiple assembler instructions together in a single asm
template, separated by the characters normally used in assembly code for the
system. A combination that works in most places is a newline to break the
line, plus a tab character to move to the instruction field (written as
‘\n\t’). Sometimes semicolons can be used, if the assembler allows semicolons
as a line-breaking character. Note that some assembler dialects use semicolons
to start a comment."
2014-07-08 18:28:59 +02:00
Barry K. Nathan 22ca9c0197 Fix preprocessor checks for bn_mul PPC asm
On OS X, neither __powerpc__ nor __ppc__ is defined on PPC64, so the
asm code was only being used on PPC32.
2014-07-08 18:28:57 +02:00
Manuel Pégourié-Gonnard 4467fb7507 Check input lengths in GCM 2014-07-08 18:28:56 +02:00
Paul Bakker 5bad6afd8c Fix length checking for AEAD ciphersuites 2014-07-08 18:28:54 +02:00
Paul Bakker 312da33ef1 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-07-08 18:28:52 +02:00
Peter Vaskovic 1b08bd9525 Fix WSAStartup return value check.
SOCKET_ERROR was not a valid return value.
WSAStartup returns 0 on success, so check that instead.
2014-07-08 18:28:51 +02:00
Andre Heinecke dcbd74f699 Fix symlink command for cross compiling
Check for the host system to determine which command should be used
to create a symlink. Otherwise symlinking will fail when cross
compiling polarssl on a unix host for windows.
2014-07-08 18:28:49 +02:00
Peter Vaskovic 02388c918d Fix minor format string inconsistency. 2014-07-08 18:28:48 +02:00
Paul Bakker 75ee01097f Stricter check on SSL ClientHello internal sizes compared to actual packet size 2014-07-08 18:28:47 +02:00
Barry K. Nathan 609d1a96aa Fix build with cc from Apple LLVM
On Xcode 4.x and above (I tested Xcode 4.6.3 on 10.7.5 and Xcode 5.5.1 on 10.9.2), cmake (2.8.12.2, whether from MacPorts or from clang.org, FWIW) is detecting /usr/bin/cc as Clang, but CMAKE_COMPILER_IS_CLANG is not getting set, so the tests aren't being built. (There may have been other build problems as well, but the fact that the tests weren't being built was by far the most obvious problem.)

Checking the compiler ID detected by cmake, rather than the name of the command used to invoke the compiler, fixes this.
2014-07-08 18:28:45 +02:00
Markus Pfeiffer 55bdbc1834 Make compilation on DragonFly work 2014-07-08 18:28:44 +02:00
Paul Bakker 358d325017 Fix bug with mpi_fill_random() on big-endian 2014-07-08 18:28:42 +02:00
Paul Bakker 95a11f8c16 On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-07-08 18:28:40 +02:00
Paul Bakker ccebf6ef8a Sanity length checks in ssl_read_record() and ssl_fetch_input()
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
2014-07-08 18:28:38 +02:00
Paul Bakker b0af56334c rsa_check_pubkey() now allows an E up to N 2014-07-08 18:28:36 +02:00
Paul Bakker 3dfa07b401 Clearer description for version_get_string_full() regarding 18 bytes 2014-07-08 18:28:35 +02:00
Paul Bakker 838ed3c74d Improve interop by not writing ext_len in ClientHello when 0
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
2014-07-08 18:28:33 +02:00
Paul Bakker 6993284ece Travis configuration file for 1.2 branch 2014-07-08 18:28:32 +02:00
Paul Bakker d6d1f410e6 Cleaner initialization (values did not matter, but were uninitialized) 2014-07-08 18:28:31 +02:00
Paul Bakker a2eabadb07 Actually increment the loop counter to quit in ssl_fork_server 2014-07-08 18:28:31 +02:00
Paul Bakker 3914840d78 Cleaned up location of init and free for some programs to prevent memory
leaks on incorrect arguments
2014-07-08 18:28:30 +02:00
Paul Bakker 993f02cda0 Added return value checking for correctness in programs 2014-07-08 18:28:29 +02:00
Paul Bakker 676093e253 Check setsockopt() return value in net_bind() 2014-07-08 18:28:29 +02:00
Paul Bakker 7890e62a1f Added missing MPI_CHK around mpi functions 2014-07-08 18:28:29 +02:00
Paul Bakker 243d61894c Reject certificates with times not in UTC 2014-07-08 14:40:58 +02:00
Paul Bakker f48de9579f Use UTC to heck certificate validity 2014-07-08 14:39:41 +02:00
Paul Bakker dedce0c35c Prevent potential NULL pointer dereference in ssl_read_record() 2014-07-08 14:36:12 +02:00
Paul Bakker 6995efe8be Potential memory leak in mpi_exp_mod() when error occurs during
calculation of RR.
2014-07-08 14:32:35 +02:00
Paul Bakker 3cbaf1e379 Add ssl_close_notify() to servers that missed it 2014-07-08 14:30:35 +02:00
Paul Bakker 875548ce67 Disable renegotiation by default in example cli/srv 2014-07-08 12:21:41 +02:00
Paul Bakker 358a841b34 x509_get_current_time() uses localtime_r() to prevent thread issues 2014-07-08 12:14:37 +02:00
Paul Bakker 24aaf44120 Make sure no random pointer occur during failed malloc()'s 2014-07-08 11:39:19 +02:00
Paul Bakker 345316db65 Made building of programs optional in CMake 2014-07-08 11:32:40 +02:00
Paul Bakker bc8984931c Improvements to tests/Makefile when using shared library 2014-07-08 11:32:12 +02:00
Manuel Pégourié-Gonnard c2262b58f6 Tune debug_print_ret format 2014-07-08 11:26:20 +02:00
Paul Bakker ef3cf7088f Provide no info from entropy_func() on future entropy 2014-07-08 11:25:51 +02:00
Paul Bakker 1e9423704a Support for seed file writing and reading in Entropy 2014-07-08 11:20:25 +02:00
Paul Bakker ec8e5db1cf Updated documentation for seed functions w.r.t. return values 2014-07-08 11:18:41 +02:00
Paul Bakker 22a0ce0cef Fix warning on MinGW and MSVC12 2014-07-08 11:17:50 +02:00