yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 23:25:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
888 commits 88 branches 205 tags 69 MiB
Commit graph

296 commits

Author SHA1 Message Date
Paul Bakker 312da33ef1 Introduce polarssl_zeroize() instead of memset() for zeroization 2014-07-08 18:28:52 +02:00
Paul Bakker 75ee01097f Stricter check on SSL ClientHello internal sizes compared to actual packet size 2014-07-08 18:28:47 +02:00
Markus Pfeiffer 55bdbc1834 Make compilation on DragonFly work 2014-07-08 18:28:44 +02:00
Paul Bakker 358d325017 Fix bug with mpi_fill_random() on big-endian 2014-07-08 18:28:42 +02:00
Paul Bakker 95a11f8c16 On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings 2014-07-08 18:28:40 +02:00
Paul Bakker b0af56334c rsa_check_pubkey() now allows an E up to N 2014-07-08 18:28:36 +02:00
Paul Bakker 838ed3c74d Improve interop by not writing ext_len in ClientHello when 0 
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
 2014-07-08 18:28:33 +02:00
Paul Bakker 243d61894c Reject certificates with times not in UTC 2014-07-08 14:40:58 +02:00
Paul Bakker f48de9579f Use UTC to heck certificate validity 2014-07-08 14:39:41 +02:00
Paul Bakker dedce0c35c Prevent potential NULL pointer dereference in ssl_read_record() 2014-07-08 14:36:12 +02:00
Paul Bakker 6995efe8be Potential memory leak in mpi_exp_mod() when error occurs during 
calculation of RR.
 2014-07-08 14:32:35 +02:00
Paul Bakker 3cbaf1e379 Add ssl_close_notify() to servers that missed it 2014-07-08 14:30:35 +02:00
Paul Bakker 358a841b34 x509_get_current_time() uses localtime_r() to prevent thread issues 2014-07-08 12:14:37 +02:00
Paul Bakker 24aaf44120 Make sure no random pointer occur during failed malloc()'s 2014-07-08 11:39:19 +02:00
Paul Bakker bc8984931c Improvements to tests/Makefile when using shared library 2014-07-08 11:32:12 +02:00
Paul Bakker 1e9423704a Support for seed file writing and reading in Entropy 2014-07-08 11:20:25 +02:00
Paul Bakker b000f82d76 ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr 2014-07-08 11:15:18 +02:00
Manuel Pégourié-Gonnard 57291a7019 Work around a compiler bug on OS X. 2014-07-08 11:13:42 +02:00
Manuel Pégourié-Gonnard 3baeb15c79 Update changelog for cmake changes 2014-07-08 11:10:54 +02:00
Alex Wilson e63560470e Don't try to use MIPS32 asm macros on MIPS64 
The MIPS32 bn_mul asm code causes segfaults on MIPS64 and failing
tests. Until someone has time to fix this up, MIPS64 platforms should
fall back to the C implementation (which works fine).
 2014-07-08 11:06:05 +02:00
Manuel Pégourié-Gonnard be04673c49 Forbid sequence number wrapping 2014-07-08 11:04:19 +02:00
Paul Bakker 50a5c53398 Reject certs and CRLs from the future 2014-07-08 10:59:10 +02:00
Manuel Pégourié-Gonnard 963918b88f Countermeasure against "triple handshake" attack 2014-07-07 17:46:35 +02:00
Paul Bakker 57ca5702fd Fixed CMake symlinking on out-of-source builds 2014-07-07 17:46:32 +02:00
Manuel Pégourié-Gonnard 6d841c2c5c Fix verion-major intolerance 2014-07-07 17:46:31 +02:00
Paul Bakker e96bfbc6bd Fixed testing with out-of-source builds using cmake 2014-07-07 17:46:30 +02:00
Manuel Pégourié-Gonnard c675e4bde5 Fix bug in RSA PKCS#1 v1.5 "reversed" operations 2014-07-07 17:46:29 +02:00
Paul Bakker af0ccc8fa0 SMTP lines are officially terminated with CRLF, ssl_mail_client fixed 2014-07-07 17:46:29 +02:00
Paul Bakker 0b6355d088 Updated ChangeLog 2014-07-07 16:01:53 +02:00
Paul Bakker d15718cbe0 Updated ChangeLog 2014-07-07 16:01:23 +02:00
Paul Bakker d83584e9aa Fixed potential overflow in certificate size in ssl_write_certificate() 2014-07-07 16:01:11 +02:00
Paul Bakker 78e819698b Added missing MPI_CHK() around some statements 2014-07-07 16:01:10 +02:00
Paul Bakker 40cc914567 Fixed x509_crt_parse_path() bug on Windows platforms 2014-07-07 16:01:08 +02:00
Manuel Pégourié-Gonnard b9f6d507dd crypt_and_hash: check MAC earlier 2014-07-07 14:35:02 +02:00
Paul Bakker a1caf6e1e8 SSL now gracefully handles missing RNG 2014-07-07 14:20:52 +02:00
Paul Bakker c941adba31 Fixed X.509 hostname comparison (with non-regular characters) 2014-07-07 14:17:24 +02:00
Paul Bakker e46b17766c Make get_pkcs_padding() constant-time 2014-07-07 14:04:31 +02:00
Paul Bakker 9ccb2116a7 Introduced POLARSSL_HAVE_READDIR_R for systems without it 2014-07-07 13:43:31 +02:00
Paul Bakker 6b06502c4b Changed RSA blinding to a slower but thread-safe version 2013-10-07 12:06:29 +02:00
Paul Bakker adace27ec9 Prepped for 1.2.10 release 2013-10-04 17:07:26 +02:00
Paul Bakker 178e74454f Fixed MS VC project files 2013-10-04 13:20:40 +02:00
Paul Bakker 495830dd1f Fixed ssl_pkcs11_decrypt() prototype 2013-10-04 11:01:48 +02:00
Paul Bakker 62087eed22 Fixed memory leak in rsa.c introduced in 43f9799 2013-10-04 10:57:12 +02:00
Paul Bakker 60ad84f43f Fixed release date for 1.2.9 2013-10-01 10:13:52 +02:00
Paul Bakker e45574e7de Prepped for 1.2.9 release 2013-09-25 18:42:42 +02:00
Paul Bakker 43f9799ce6 RSA blinding on CRT operations to counter timing attacks 2013-09-23 11:23:31 +02:00
Paul Bakker 88a2264def Fixed potential file descriptor leaks 2013-09-11 13:31:55 +02:00
Paul Bakker f65fbee52b x509_verify() now case insensitive for cn (RFC 6125 6.4) 
(cherry picked from commit a5943858d8)

Conflicts:
	ChangeLog
	library/x509parse.c
	tests/suites/test_suite_x509parse.data
 2013-09-11 13:31:55 +02:00
Paul Bakker a565aceea1 Fixed potential memory leak when failing to resume a session 2013-09-11 13:31:53 +02:00
Paul Bakker 78020fe72c Added fixes to ChangeLog 2013-09-11 13:31:06 +02:00