Simon Butcher
584fad2ce6
Add a ChangeLog entry for memory leak in mbedtls_x509_csr_parse()
2018-06-22 12:19:56 +01:00
Philippe Antoine
2c3c18039b
Fix memory leak in mbedtls_x509_csr_parse
2018-06-22 12:19:33 +01:00
Simon Butcher
ad761c45b9
Fix multiple quality issues in the source
...
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
* incorrect file permissions
* missing newline at the end of files
* trailing whitespace
* Tabs present
* TODOs in the souce code
2018-06-22 11:22:44 +01:00
Darryl Green
1370548f79
Add check-files.py to travis.yml
2018-06-22 10:18:28 +01:00
Darryl Green
f8277f9cdb
Add check-files.py to all.sh
2018-06-22 09:55:26 +01:00
Darryl Green
dd3c93fbf1
Add script for source integrity checking
2018-06-22 09:55:18 +01:00
Andres Amaya Garcia
b999a73eb4
Document ssl_write_real() behaviour in detail
2018-06-21 19:37:27 +01:00
Andres Amaya Garcia
b4d008430c
Allow 0 as a valid ret value for mbedtls_ssl_write
...
This patch modifies the documentation for mbedtls_ssl_write() to allow
0 as a valid return value as this is the correct number of bytes that
should be returned when an empty TLS Application record is sent.
2018-06-21 19:37:13 +01:00
Andres Amaya Garcia
45bc7db600
Add ChangeLog entry for mbedtls_ssl_write() docs
2018-06-21 19:35:46 +01:00
Ron Eldor
ecb9b9fc16
Add newline at end
...
Add Newline at end of file
2018-06-21 14:54:25 +03:00
Ron Eldor
8a1a43b1df
Resolve PR review comments
...
Address review comments:
1. add `mbedtls_cipher_init()` after freeing context, in test code
2. style comments
3. set `ctx->iv_size = 0` in case `IV == NULL && iv_len == 0`
2018-06-21 14:00:29 +03:00
Ron Eldor
e059b56ba2
Fix CI failure
...
Test IV special cases only if `MBEDTLS_CIPHER_MODE_CBC` is defined
2018-06-21 14:00:20 +03:00
Ron Eldor
80d7b7c270
Fix after PR comments
...
1. Don't set IV onECB
2. Fix style issues
3. reduce number of tests
2018-06-21 14:00:10 +03:00
Ron Eldor
0bd06a3de0
Add tests for mbedtls_cipher_crypt API
...
1. Add tests for 'mbedtls_cipher_crypt()' API
2. Resolves #1091 , by ignoring IV when the cipher mode is MBEDTLS_MODE_ECB
2018-06-21 13:59:01 +03:00
Jaeden Amero
b9197bffd0
Merge remote-tracking branch 'upstream-restricted/pr/489' into mbedtls-2.1
2018-06-18 15:41:44 +01:00
Simon Butcher
6fc9ceece3
Change the library version to 2.1.13
2018-06-18 14:49:02 +01:00
Simon Butcher
494fb8f968
Add ChangeLog entry for clang version fix. Issue #1072
2018-06-18 11:56:46 +01:00
Simon Butcher
1f60d13eea
Merge remote-tracking branch 'public/pr/1648' into mbedtls-2.1
2018-06-17 18:03:13 +01:00
Simon Butcher
0a715b1587
Merge remote-tracking branch 'public/pr/1656' into mbedtls-2.1
2018-06-17 18:02:57 +01:00
Simon Butcher
b795b4fffa
Merge remote-tracking branch 'public/pr/1665' into mbedtls-2.1
2018-06-17 18:02:40 +01:00
Simon Butcher
fd436b34eb
Merge remote-tracking branch 'public/pr/1673' into mbedtls-2.1
2018-06-17 18:02:21 +01:00
Simon Butcher
7505ef255b
Merge remote-tracking branch 'public/pr/1712' into mbedtls-2.1
2018-06-17 18:01:54 +01:00
Simon Butcher
39f5fcce93
Merge remote-tracking branch 'public/pr/1733' into mbedtls-2.1
2018-06-17 18:00:59 +01:00
Simon Butcher
12826dfb83
Extend the timeout for SNI DTLS tests
...
The following tests were timing out under valgrind so now have a much
longer timeout:
SNI: DTLS, CA no override
SNI: DTLS, CA override with CRL
2018-06-16 19:46:52 +01:00
Simon Butcher
db3fe7cbe4
Add ChangeLog entry for Microblaze fix
2018-06-15 09:39:19 +01:00
Zach van Rijn
7cea62b8ad
Fix MicroBlaze register typo.
2018-06-15 07:40:03 +01:00
Simon Butcher
577d39b930
Compilation warning fixes on 32b platfrom with IAR
...
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683
This is based on work by Ron Eldor in PR #750 .
2018-06-14 09:10:23 +01:00
Andres Amaya Garcia
b5c87012ec
Initialise pointers to avoid IAR compiler warnings
2018-06-14 08:48:49 +01:00
Azim Khan
c57d0e5ed5
Treat warnings as errors for IAR
...
Fix IAR compiler warnings
Two warnings have been fixed:
1. code 'if( len <= 0xFFFFFFFF )' gave warning 'pointless integer comparison'.
This was fixed by wraping the condition in '#if SIZE_MAX > 0xFFFFFFFF'.
2. code 'diff |= A[i] ^ B[i];' gave warning 'the order of volatile accesses is undefined in'.
This was fixed by read the volatile data in temporary variables before the computation.
Explain IAR warning on volatile access
Consistent use of CMAKE_C_COMPILER_ID
2018-06-14 08:48:49 +01:00
Simon Butcher
29298cbf8c
Merge remote-tracking branch 'public/pr/1671' into mbedtls-2.1
2018-06-12 18:36:39 +01:00
Simon Butcher
66f8579902
Merge remote-tracking branch 'public/pr/1465' into mbedtls-2.1
...
The previous merge of PR #1465 was based on an out of date version of the PR
and missed two commits, so this merges the PR again.
2018-06-12 09:25:24 +01:00
Simon Butcher
a5fb40d9f9
Merge remote-tracking branch 'public/pr/1465' into mbedtls-2.1
2018-06-11 11:49:28 +01:00
Darryl Green
4841767783
Change symlink to hardlink to avoid permission issues
2018-06-11 11:40:31 +01:00
Darryl Green
d866abe377
Fix out-of-tree testing symlinks on Windows
2018-06-11 11:40:20 +01:00
Simon Butcher
0c362f68b3
Add ChangeLog entry for _WIN32_WINNT override fix
2018-06-08 16:27:04 +01:00
Fabio Alessandrelli
789096a71d
Only redefine _WIN32_WINNT macro when < 0x0501
2018-06-08 16:26:53 +01:00
Gilles Peskine
5b256af2f2
mbedtls_gcm_crypt_and_tag: clarify what each mode does and doesn't do
2018-06-07 15:05:03 +02:00
Gilles Peskine
e8dd77ba58
Fix Lucky13 attack protection when using HMAC-SHA-384
...
As a protection against the Lucky Thirteen attack, the TLS code for
CBC decryption in encrypt-then-MAC mode performs extra MAC
calculations to compensate for variations in message size due to
padding. The amount of extra MAC calculation to perform was based on
the assumption that the bulk of the time is spent in processing
64-byte blocks, which was correct for most supported hashes but not for
SHA-384. Adapt the formula to 128-byte blocks for SHA-384.
2018-06-06 17:24:50 +02:00
Gilles Peskine
bfc3b74674
Correct and clarify the documentation of GCM whole-message functions
...
Clarify the roles of the buffer parameter and their sizes.
Document the possible error codes.
Warn that mbedtls_gcm_crypt_and_tag in decrypt mode does not
authenticate the data and recommend using mbedtls_gcm_auth_decrypt
instead.
2018-06-06 16:58:02 +02:00
Simon Butcher
fcc7a62bb1
Merge remote-tracking branch 'public/pr/1403' into mbedtls-2.1
2018-06-01 19:43:55 +01:00
Simon Butcher
4ffe49e962
Merge remote-tracking branch 'public/pr/1607' into mbedtls-2.1
2018-06-01 19:42:02 +01:00
Gilles Peskine
8ba12295f8
Fix MSan build without MBEDTLS_TIMING_C
...
When MBEDTLS_TIMING_C was not defined in config.h, but the MemSan
memory sanitizer was activated, entropy_poll.c used memset without
declaring it. Fix this by including string.h unconditionally.
2018-06-01 18:38:53 +02:00
Andres Amaya Garcia
0b8eaa899d
Add more SNI/DTLS tests
...
Run the normal SNI/TLS tests over DTLS in ssl-opt.sh for greater
coverage.
2018-05-30 08:30:07 +01:00
Andres Amaya Garcia
021ad3dc38
Rename SNI/DTLS tests in ssl-opt.sh script
2018-05-30 08:30:06 +01:00
Andres AG
52142f186f
Add SNI with DTLS tests to ssl-opt.sh script
2018-05-30 08:30:03 +01:00
Ron Eldor
a8a7093f7e
Check dynamically for cmake version
...
Chek dynamically for cmake option, for `fno-sanitize-recover`
2018-05-24 11:21:04 +03:00
Ron Eldor
b13a7833f2
Change the value of fno-sanitize-recover
...
Change the value of `-fno-sanitize-recover` from `undefined,integer` to `all`
2018-05-24 10:30:34 +03:00
Ron Eldor
e73c9cde94
Support only new CLang version
...
Support only new CLang version by enabling only
`-fno-sanitize-recover=undefined,integer`
2018-05-24 10:30:25 +03:00
Ron Eldor
de96fdd342
Address Azim's coments
...
Fix typo and use new check for clang>3.5m according to azim's comments
2018-05-24 10:30:17 +03:00
Ron Eldor
9f56d4fd24
Suport clang version 3.8
...
Check CLANG version, and according to the version,
set the correct paramters. fix for #1072
2018-05-24 10:30:09 +03:00