Janos Follath
3218b21b68
Add Changelog entry for current branch
2016-03-09 21:06:19 +00:00
Janos Follath
b6eb1ca01c
Length check added
2016-03-09 21:06:19 +00:00
Manuel Pégourié-Gonnard
370717b571
Add precision about exploitability in ChangeLog
...
Also fix some whitespace while at it.
2016-03-09 21:06:19 +00:00
Janos Follath
cc4eba73fb
Add Changelog entry for current branch
2016-03-09 21:06:19 +00:00
Janos Follath
eddfe8f6f3
Included tests for the overflow
2016-03-09 21:06:19 +00:00
Simon Butcher
5be92eae55
Merge 'iotssl-591-glue-layers' into development
2016-03-09 20:34:14 +00:00
Simon Butcher
d567a23c59
Fix typos, grammar in the comments and clarify them
2016-03-09 20:19:21 +00:00
Simon Butcher
00157ce510
Update the ChangeLog
2016-03-09 19:32:11 +00:00
Simon Butcher
3ea7f52fdf
Update interop tests to default configuration
...
Removed SSLv3 from the default tests in compat.sh, and adapted the test
cases in all.sh to include an additional SSLv3 regression test suite.
2016-03-09 19:32:11 +00:00
Simon Butcher
c7940f0bd8
Fix yotta builds for change in default configs
...
The change to defaults configurations in a720ced
broke the yotta build.
This fix addresses that.
2016-03-09 19:32:11 +00:00
Simon Butcher
bc6a486b2f
Fix the 'all tests' script for baremetal builds
...
Fixes the test script test/scripts/all.sh which was failing at the
baremetal ARM builds due to the entropy platform check introduced in
7ff4b77
.
2016-03-09 19:32:11 +00:00
Janos Follath
e2681a448b
Update default configuration
...
Change the default settings for SSL and modify the tests accordingly.
2016-03-09 19:32:11 +00:00
Simon Butcher
3000f78b0b
Add copright, and better documentation to curves.pl
...
The purpose and use of the test script, curves.pl was not obvious without
reading the source code, plus the file was missing a copyright statement.
2016-03-09 19:32:11 +00:00
Simon Butcher
fbe85fe4fa
Add missing dependencies to X509 Parse test suite for P-384 curve
...
The test script curves.pl was failing on testing dependencies for the P-384
curve on the new test cases introduced by ede75f0
and 884b4fc
.
2016-03-09 19:32:10 +00:00
Simon Butcher
6ee1af5aab
Update mbed-drivers dependency to v1.0.0
2016-03-09 19:32:10 +00:00
Simon Butcher
f59e66ba24
Remove redundant test certificates and clarify ChangeLog
2016-03-09 19:32:10 +00:00
Janos Follath
b437b4b125
X509: Fix bug triggered by future CA among trusted
...
Fix an issue that caused valid certificates being rejected whenever an
expired or not yet valid version of the trusted certificate was before the
valid version in the trusted certificate list.
2016-03-09 19:32:10 +00:00
Janos Follath
df4bca2029
X509: Future CA among trusted: add more tests
2016-03-09 19:32:10 +00:00
Janos Follath
12c868c5d6
X509: Future CA among trusted: add unit tests
2016-03-09 19:32:10 +00:00
Simon Butcher
64d60da4f6
Fix typos and add copyright statement to generate_code.pl
2016-03-09 19:32:10 +00:00
SimonB
0269dad5e5
Refactored test suite template code
...
Restructed test suite helper and main code to support tests suite helper
functions, changed C++ comments to C-style, and made the generated
source code more navigable.
2016-03-09 19:32:10 +00:00
SimonB
152ea18037
Added support for per test suite helper functions
...
Added to generate_code.pl:
- support for per test suite helper functions
- description of the structure of the files the script uses to construct
the test suite file
- delimiters through the source code to make the machine generated code
easier to understand
2016-03-09 19:32:10 +00:00
SimonB
3ddf35526a
Clarified purpose and usage of generate_code.pl
...
Added comments to explain purpose and usage of generate_code.pl
2016-03-09 19:32:09 +00:00
Simon Butcher
ef50c0da6e
Added script to split the test case data files
...
Script generate-afl-tests.sh will split the test suite data files into
individual test case files, suitable for fuzzing.
2016-03-09 19:32:09 +00:00
Simon Butcher
aad787f1c7
Parameterised the test suite applications
...
All test suites can now take an arbitrary test file.
2016-03-09 19:32:09 +00:00
Simon Butcher
e846b5128f
Use the SSL IO and time callback typedefs consistently
...
The callback typedefs defined for mbedtls_ssl_set_bio() and
mbedtls_ssl_set_timer_cb() were not used consistently where the callbacks were
referenced in structures or in code.
2016-03-09 19:32:09 +00:00
Simon Butcher
c0957bdc13
Fix some minor typos in comments
...
Fix spelling mistakes and typos.
2016-03-09 19:32:09 +00:00
Manuel Pégourié-Gonnard
0c6aad90f2
x509: remove obsolete TODO comment
...
- basicContraints checks are done during verification
- there is no need to set extensions that are not present to default values,
as the code using the extension will check if it was present using
ext_types. (And default values would not make sense anyway.)
2016-03-09 19:32:09 +00:00
Manuel Pégourié-Gonnard
986bbf24ce
x509:
...
-
2016-03-09 19:32:09 +00:00
Manuel Pégourié-Gonnard
d1b7f2b8cf
ssl: ignore CertificateRequest's content for real
...
- document why we made that choice
- remove the two TODOs about checking hash and CA
- remove the code that parsed certificate_type: it did nothing except store
the selected type in handshake->cert_type, but that field was never accessed
afterwards. Since handshake_params is now an internal type, we can remove that
field without breaking the ABI.
2016-03-09 19:32:09 +00:00
Manuel Pégourié-Gonnard
56e9ae2bf2
Remove unnecessary TODO comment
...
We don't implement anonymous key exchanges, and we don't intend to, so it can
never happen that an unauthenticated server requests a certificate from us.
2016-03-09 19:32:09 +00:00
Manuel Pégourié-Gonnard
eeef947040
Clarify documentation about missing CRLs
...
Also tune up some working while at it.
2016-03-09 19:32:08 +00:00
Manuel Pégourié-Gonnard
214a84889c
Update note about hardcoded verify_data_length
2016-03-09 19:32:08 +00:00
Manuel Pégourié-Gonnard
967994a05e
Remove unused code.
...
After the record contents are decompressed, in_len is no longer
accessed directly, only in_msglen is accessed. in_len is only read by
ssl_parse_record_header() which happens before ssl_prepare_record_contents().
This is also made clear by the fact that in_len is not touched after
decrypting anyway, so if it was accessed after that it would be wrong unless
decryption is used - as this is not the case, it show in_len is not accessed.
2016-03-09 19:32:08 +00:00
Manuel Pégourié-Gonnard
9d6241269a
Add note about not implementing PSK id_hint
2016-03-09 19:32:08 +00:00
Manuel Pégourié-Gonnard
90ab4a45b5
Fix Unix detection in mini_client
...
fixes #398
2016-03-09 19:32:08 +00:00
Simon Butcher
157cb656a9
Clarified mbedtls_ssl_conf_alpn_protocols() doc
...
Clarified the lifetime of the protos parameter passed in the
function mbedtls_ssl_conf_alpn_protocols().
2016-03-09 19:32:08 +00:00
Simon Butcher
8b4a1bdbb0
Update the ChangeLog
2016-03-07 23:30:50 +00:00
Simon Butcher
342671f982
Update interop tests to default configuration
...
Removed SSLv3 from the default tests in compat.sh, and adapted the test
cases in all.sh to include an additional SSLv3 regression test suite.
2016-03-07 23:22:10 +00:00
Simon Butcher
14ecd0439f
Fix yotta builds for change in default configs
...
The change to defaults configurations in a720ced
broke the yotta build.
This fix addresses that.
2016-03-07 23:07:04 +00:00
Simon Butcher
29b2150016
Fix the 'all tests' script for baremetal builds
...
Fixes the test script test/scripts/all.sh which was failing at the
baremetal ARM builds due to the entropy platform check introduced in
7ff4b77
.
2016-03-07 23:06:27 +00:00
Janos Follath
a720ced403
Update default configuration
...
Change the default settings for SSL and modify the tests accordingly.
2016-03-07 15:57:05 +00:00
Simon Butcher
b3c6978c7e
Add copright, and better documentation to curves.pl
...
The purpose and use of the test script, curves.pl was not obvious without
reading the source code, plus the file was missing a copyright statement.
2016-03-04 23:26:57 +00:00
Simon Butcher
5d23716e20
Add missing dependencies to X509 Parse test suite for P-384 curve
...
The test script curves.pl was failing on testing dependencies for the P-384
curve on the new test cases introduced by ede75f0
and 884b4fc
.
2016-03-04 22:21:52 +00:00
Simon Butcher
25f2c4c028
Update mbed-drivers dependency to v1.0.0
2016-03-02 17:00:16 +00:00
Simon Butcher
a418ff8eb5
Remove redundant test certificates and clarify ChangeLog
2016-03-01 20:26:16 +00:00
Janos Follath
c72d642595
X509: Fix bug triggered by future CA among trusted
...
Fix an issue that caused valid certificates being rejected whenever an
expired or not yet valid version of the trusted certificate was before the
valid version in the trusted certificate list.
2016-03-01 19:13:48 +00:00
Janos Follath
884b4fc2e9
X509: Future CA among trusted: add more tests
2016-03-01 19:13:48 +00:00
Janos Follath
ede75f06c5
X509: Future CA among trusted: add unit tests
2016-03-01 19:13:48 +00:00
Simon Butcher
f18e02c22e
Fix typos and add copyright statement to generate_code.pl
2016-03-01 18:37:49 +00:00