Simon Butcher
34997fd291
Update library version number to 2.7.6
2018-08-31 16:07:23 +01:00
Simon Butcher
a36fe37429
Revised and clarified ChangeLog
...
Minor changes to fix language, merge mistakes and incorrect classifications of
changes.
2018-08-31 12:00:58 +01:00
Simon Butcher
242169bdc3
Merge remote-tracking branch 'restricted/pr/498' into mbedtls-2.7-restricted
2018-08-28 15:29:55 +01:00
Simon Butcher
6910201cd1
Merge remote-tracking branch 'restricted/pr/493' into mbedtls-2.7-restricted
2018-08-28 15:23:39 +01:00
Simon Butcher
fbd0ccc0f0
Merge remote-tracking branch 'public/pr/1978' into mbedtls-2.7
2018-08-28 12:32:21 +01:00
Simon Butcher
4102b3d377
Merge remote-tracking branch 'public/pr/1888' into mbedtls-2.7
2018-08-28 12:25:12 +01:00
Simon Butcher
cc4f58d08c
Merge remote-tracking branch 'public/pr/1956' into mbedtls-2.7
2018-08-28 12:16:11 +01:00
Simon Butcher
f7be6b029e
Merge remote-tracking branch 'public/pr/1960' into mbedtls-2.7
2018-08-28 11:51:56 +01:00
Hanno Becker
20b5d14b28
Adapt ChangeLog
2018-08-23 15:14:51 +01:00
Hanno Becker
4d646a60bd
Adapt ChangeLog
2018-08-22 15:11:28 +01:00
Hanno Becker
f38db01c42
Adapt ChangeLog
2018-08-17 10:12:23 +01:00
Hanno Becker
517e84a0e3
Improve ChangeLog wording for the commmit that Fixes #1954 .
2018-08-17 10:04:08 +01:00
Hanno Becker
4a4c04dc9c
Adapt ChangeLog
2018-08-16 15:53:02 +01:00
Hanno Becker
8058800d54
Adapt ChangeLog
2018-08-14 15:48:41 +01:00
Jaeden Amero
9eb78b4dab
Merge remote-tracking branch 'upstream-public/pr/1900' into mbedtls-2.7
...
Add a Changelog entry
2018-08-10 11:26:15 +01:00
Jaeden Amero
f37a99e3fc
Merge remote-tracking branch 'upstream-public/pr/1814' into mbedtls-2.7
2018-08-10 11:01:29 +01:00
Jaeden Amero
3b69174852
Merge remote-tracking branch 'upstream-public/pr/1886' into mbedtls-2.7
2018-08-10 10:50:34 +01:00
Simon Butcher
51a46b9b38
Add ChangeLog entry for bug #1890
2018-07-30 22:15:14 +01:00
Ron Eldor
f19a7ab45d
Fix hmac_drbg failure in benchmark, with threading
...
Remove redunadnat calls to `hmac_drbg_free()` between seeding operations,
which make the mutex invalid. Fixes #1095
2018-07-30 11:13:18 +03:00
Philippe Antoine
84cc74e82b
Fix undefined shifts
...
- in x509_profile_check_pk_alg
- in x509_profile_check_md_alg
- in x509_profile_check_key
and in ssl_cli.c : unsigned char gets promoted to signed integer
2018-07-26 22:49:42 +01:00
Simon Butcher
5ef42fd415
Merge remote-tracking branch 'restricted/pr/500' into mbedtls-2.7-restricted
2018-07-26 14:33:14 +01:00
Angus Gratton
cb7a5b0b0c
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
...
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can
happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but
hasn't been asigned to grp->T yet).
Symptom was a memory leak in ECDHE key exchange under low memory conditions.
2018-07-26 11:08:06 +03:00
Simon Butcher
a64621929f
Clarify Changelog entries
...
Corrected some style issues, and moved some entries from bugfixes to changes.
2018-07-25 17:30:20 +01:00
Jaeden Amero
8385110ae8
Update version to 2.7.5
2018-07-25 15:43:21 +01:00
Simon Butcher
7daacda940
Merge remote-tracking branch 'restricted/pr/494' into mbedtls-2.7
2018-07-24 23:40:53 +01:00
Simon Butcher
b47e0a68ab
Merge remote-tracking branch 'public/pr/1805' into mbedtls-2.7
2018-07-24 13:16:25 +01:00
Simon Butcher
a8ee41ce80
Revise ChangeLog entry for empty data records fixes
2018-07-24 12:59:21 +01:00
Simon Butcher
d5a3ed36b8
Merge remote-tracking branch 'public/pr/1863' into mbedtls-2.7
2018-07-24 12:57:15 +01:00
Simon Butcher
b65d6ce83f
Merge remote-tracking branch 'public/pr/1870' into mbedtls-2.7
2018-07-24 10:30:11 +01:00
Simon Butcher
c6a0fd8e83
Add ChangeLog entry for #1098 fix.
2018-07-24 10:17:36 +01:00
Simon Butcher
48883cd800
Merge remote-tracking branch 'public/pr/1780' into mbedtls-2.7
2018-07-20 14:40:51 +01:00
Simon Butcher
7924d93209
Fix ChangeLog entry for issue #1663
...
The ChangeLog entry was under the wrong version, and under Changes, not
Bug Fixes.
2018-07-19 19:54:18 +01:00
Simon Butcher
bc5ec41c01
Merge remote-tracking branch 'public/pr/1847' into mbedtls-2.7
2018-07-19 19:48:25 +01:00
Simon Butcher
be347c6e21
Merge remote-tracking branch 'public/pr/1849' into mbedtls-2.7
2018-07-19 16:13:07 +01:00
Ron Eldor
8839e31fbc
Update ChangeLog
...
Remove extra entries added by a bad cherry-pick.
2018-07-17 14:13:53 +03:00
Andres Amaya Garcia
8e346dc793
Add ChangeLog entry for empty app data fix
2018-07-16 20:14:53 +01:00
Angus Gratton
8946b0dd30
Check for invalid short Alert messages
...
(Short Change Cipher Spec & Handshake messages are already checked for.)
2018-07-16 20:12:56 +01:00
Angus Gratton
1ba8e911ec
CBC mode: Allow zero-length message fragments (100% padding)
...
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
2018-07-16 20:12:47 +01:00
k-stachowiak
55bea65ca9
Update change log
2018-07-16 12:30:48 +02:00
Manuel Pégourié-Gonnard
aba8c5bb3d
Clarify attack conditions in the ChangeLog.
...
Referring to the previous entry could imply that the current one was limited
to SHA-384 too, which it isn't.
2018-07-12 10:18:37 +02:00
Manuel Pégourié-Gonnard
aeeaaf271c
Add counter-measure to cache-based Lucky 13
...
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function, and the location where we read the MAC, give information
about that.
A local attacker could gain information about that by observing via a
cache attack whether the bytes at the end of the record (at the location of
would-be padding) have been read during MAC verification (computation +
comparison).
Let's make sure they're always read.
2018-07-12 10:18:37 +02:00
Manuel Pégourié-Gonnard
5fcfd0345d
Fix Lucky 13 cache attack on MD/SHA padding
...
The basis for the Lucky 13 family of attacks is for an attacker to be able to
distinguish between (long) valid TLS-CBC padding and invalid TLS-CBC padding.
Since our code sets padlen = 0 for invalid padding, the length of the input to
the HMAC function gives information about that.
Information about this length (modulo the MD/SHA block size) can be deduced
from how much MD/SHA padding (this is distinct from TLS-CBC padding) is used.
If MD/SHA padding is read from a (static) buffer, a local attacker could get
information about how much is used via a cache attack targeting that buffer.
Let's get rid of this buffer. Now the only buffer used is the internal MD/SHA
one, which is always read fully by the process() function.
2018-07-12 10:18:37 +02:00
Simon Butcher
a063fff51a
Fix Changelog entry for #1533 fix as a Change not a bugfix
2018-07-10 15:20:26 +01:00
Simon Butcher
28f68a3d15
Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7
2018-07-10 14:58:51 +01:00
Simon Butcher
a159d64e86
Merge remote-tracking branch 'public/pr/1827' into mbedtls-2.7
2018-07-10 12:50:16 +01:00
Gilles Peskine
b2d88404a3
Add ChangeLog entry
2018-07-10 13:05:11 +02:00
k-stachowiak
6cba569e3f
Update change log
2018-07-09 14:45:00 +02:00
Philippe Antoine
33e5c32a5b
Fixes different off by ones
2018-07-09 10:39:02 +02:00
Ron Eldor
98848f020c
Minor fixes
...
1. Rephrase ChangeLog entry.
2. Add a full stop at the end of the fuinction documentation.
2018-07-05 15:01:51 +03:00
Simon Butcher
318cd2cc93
Add ChangeLog entry for #992 fix
2018-07-02 12:14:30 +01:00
Simon Butcher
c6bf5b4953
Add fix for #1550 and credit to the ChangeLog
2018-07-01 17:10:30 +01:00
niisato
2120ef85c7
Add ChangeLog
2018-06-29 11:25:02 +01:00
Ron Eldor
6a5d6e2295
Update ChangeLog
...
Update ChangeLog with a less ambigous description.
2018-06-28 15:50:47 +03:00
Ron Eldor
335cf423f9
Add entry in ChangeLog
...
Add an entry in the ChangeLog, describing the fix.
2018-06-28 15:50:37 +03:00
Simon Butcher
41c23b5a49
Adds referene in ChangeLog for issue #1623
2018-06-28 12:13:57 +01:00
Simon Butcher
a67b20c582
Add ChangeLog entry for #1257 - key_app_writer writes invalid ASN.1
2018-06-28 11:59:51 +01:00
Ron Eldor
22bc7c17bb
Add entry in ChangeLog
...
Add entry in ChangeLog for compilation error fix of #1719
2018-06-28 08:46:12 +03:00
Ron Eldor
4624030dc4
Documentation error in mbedtls_ssl_get_session
...
Fix Documentation error in `mbedtls_ssl_get_session`.
This function supports deep copying of the session,
and the peer certificate is not lost anymore, Resolves #926
2018-06-27 17:49:23 +03:00
Simon Butcher
035d824ad5
Merge remote-tracking branch 'public/pr/1768' into mbedtls-2.7
2018-06-27 11:09:27 +01:00
Simon Butcher
c5edf81065
Merge remote-tracking branch 'public/pr/1772' into mbedtls-2.7
2018-06-27 11:08:33 +01:00
Simon Butcher
f15cfd5d04
Merge remote-tracking branch 'public/pr/1557' into mbedtls-2.7
2018-06-27 11:07:50 +01:00
Ron Eldor
612a600186
Fix typo in ChangeLog
...
Fix typo in ChangeLog discovered in PR review
2018-06-24 17:23:29 +03:00
Ron Eldor
df9b93e768
Remove unneeded namesapcing in header files
...
Remove the `mbedtls` namesapcing in the `#include` in header files
Resolves issue #857
2018-06-24 17:23:16 +03:00
Simon Butcher
9a08e44972
Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse()
2018-06-22 12:02:59 +01:00
Andres Amaya Garcia
294331a315
Add ChangeLog entry for mbedtls_ssl_write() docs
2018-06-21 19:27:44 +01:00
Ron Eldor
cf2305e513
Add tests for mbedtls_cipher_crypt API
...
1. Add tests for 'mbedtls_cipher_crypt()' API
2. Resolves #1091 , by ignoring IV when the cipher mode is MBEDTLS_MODE_ECB
2018-06-21 14:02:23 +03:00
Simon Butcher
662ae9eaae
Change the library version to 2.7.4
2018-06-18 14:42:14 +01:00
Simon Butcher
02582b2804
Add ChangeLog entry for clang version fix. Issue #1072
2018-06-18 11:56:13 +01:00
Simon Butcher
112dfd5bc5
Merge remote-tracking branch 'public/pr/1728' into mbedtls-2.7
2018-06-15 13:02:40 +01:00
Simon Butcher
83c7ecbf5b
Merge remote-tracking branch 'public/pr/1732' into mbedtls-2.7
2018-06-15 13:00:30 +01:00
Simon Butcher
d8ea8d41a3
Add ChangeLog entry for Microblaze fix
2018-06-15 09:30:34 +01:00
Simon Butcher
47212c8e2c
Merge remote-tracking branch 'public/pr/1581' into mbedtls-2.7
2018-06-14 11:02:43 +01:00
Simon Butcher
da46a40855
Merge remote-tracking branch 'public/pr/1711' into mbedtls-2.7
2018-06-14 11:01:14 +01:00
Simon Butcher
49de6b89c1
Compilation warning fixes on 32b platfrom with IAR
...
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683
This is based on work by Ron Eldor in PR #750 , some of which was independently
fixed by Azim Khan and already merged in PR #1655 .
2018-06-14 09:05:55 +01:00
Simon Butcher
a96b9d46f7
Add entry for PR #1646 , for IAR Compiler Warnings fix
...
PR #1655 is a change to the behaviour of the CMake files therefore should be
recorded in the Changelog.
2018-06-12 17:42:02 +01:00
Simon Butcher
856870952a
Merge remote-tracking branch 'public/pr/1709' into mbedtls-2.7
2018-06-12 17:25:19 +01:00
Simon Butcher
ee3a3d4a72
Merge remote-tracking branch 'public/pr/1470' into mbedtls-2.7
2018-06-11 11:30:33 +01:00
Simon Butcher
4e5edf3184
Add ChangeLog entry for _WIN32_WINNT override fix
2018-06-08 16:23:17 +01:00
Simon Butcher
bb5e1c3973
Fix multiple quality issues in the source
...
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
* incorrect file permissions
* missing newline at the end of files
* trailing whitespace
* Tabs present
* TODOs in the souce code
2018-06-08 11:14:43 +01:00
Moran Peker
9259b3be03
Remove double declaration of mbedtls_ssl_list_ciphersuites
...
Raised by TrinityTonic. #1359
2018-05-23 18:22:29 +01:00
Darryl Green
68207f868b
Fix braces in mbedtls_memory_buffer_alloc_status()
2018-05-23 16:32:33 +01:00
Jaeden Amero
f8887521ef
Merge remote-tracking branch 'upstream-restricted/pr/479' into mbedtls-2.7-restricted
2018-04-30 17:38:39 +01:00
Simon Butcher
88cc94168c
Fix the ChangeLog for clarity, english and credit
2018-04-30 17:23:00 +01:00
Jaeden Amero
1fc4d33f5f
Update version to 2.7.3
2018-04-27 13:15:45 +01:00
Jaeden Amero
07d1d5f270
Merge remote-tracking branch 'upstream-restricted/pr/473' into mbedtls-2.7-restricted-proposed
...
Remove trailing whitespace in ChangeLog.
2018-04-26 09:07:15 +01:00
Jaeden Amero
402256184a
Merge branch 'mbedtls-2.7-proposed' into mbedtls-2.7-restricted-proposed
...
Resolve conflicts in ChangeLog.
2018-04-26 09:03:51 +01:00
Andrzej Kurek
ef30d96739
Changelog entry
2018-04-25 05:29:00 -04:00
Andrzej Kurek
c3a3e2df0e
ssl_tls: Fix invalid buffer sizes during compression / decompression
...
Adjust information passed to zlib to include already written data.
2018-04-23 08:39:13 -04:00
Mohammad Azim Khan
0acbd7df03
Same ciphersuite validation in server and client hello
2018-04-20 19:58:37 +01:00
Manuel Pégourié-Gonnard
8bce3685f5
Merge remote-tracking branch 'restricted/pr/468' into mbedtls-2.7-restricted-proposed
...
* restricted/pr/468:
Improve comments style
Remove a redundant test
Add buffer size check before cert_type_len read
Update change log
Add a missing buffer size check
Correct buffer size check
2018-04-18 12:21:36 +02:00
fbrosson
3a7457136e
Backport 2.7: Use "#!/usr/bin/env perl" as shebang line.
2018-04-04 22:26:56 +00:00
Krzysztof Stachowiak
7da5088289
Update change log
2018-04-04 13:47:40 +02:00
Gilles Peskine
1852d66a24
Align ChangeLog entry for PR #1401 with development
2018-04-04 10:19:24 +02:00
Jaeden Amero
33be84f679
Merge remote-tracking branch 'upstream-public/pr/1502' into mbedtls-2.7-proposed
2018-04-03 19:16:12 +01:00
Jaeden Amero
d8e0cec63b
Merge remote-tracking branch 'upstream-public/pr/1464' into mbedtls-2.7-proposed
2018-04-03 18:27:54 +01:00
Jaeden Amero
b5f53b1039
Merge remote-tracking branch 'upstream-public/pr/1401' into mbedtls-2.7-proposed
2018-04-03 12:09:45 +01:00
Gilles Peskine
595c84a7b1
Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed
2018-04-01 12:41:29 +02:00
Gilles Peskine
27d88212c9
Merge remote-tracking branch 'upstream-public/pr/1541' into mbedtls-2.7-proposed
2018-04-01 12:40:51 +02:00
Gilles Peskine
a0e03a81a7
Merge branch 'pr_1538' into mbedtls-2.7-proposed
2018-04-01 12:35:50 +02:00
Gilles Peskine
ab50464f42
Minor changelog improvement
2018-04-01 12:32:37 +02:00