Gilles Peskine
3ac30e3f7d
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-12-19 19:01:56 +01:00
Gilles Peskine
605c2284bc
Merge branch 'pr_998' into mbedtls-1.3
2017-12-19 18:10:51 +01:00
Gilles Peskine
5a0bc7f142
Added ChangeLog entry
2017-12-19 18:09:34 +01:00
Manuel Pégourié-Gonnard
90c5e396e0
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Allow comments in test data files
2017-12-19 12:21:26 +01:00
Manuel Pégourié-Gonnard
b9c40b3157
Merge remote-tracking branch 'public/pr/1119' into mbedtls-1.3
...
* public/pr/1119:
Allow comments in test data files
2017-12-19 12:21:07 +01:00
Manuel Pégourié-Gonnard
ba110ba4d2
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Address PR review comments
Backport 1.3:Fix crash when calling `mbedtls_ssl_cache_free` twice
2017-12-19 11:44:17 +01:00
Manuel Pégourié-Gonnard
cc3e3b0ace
Merge remote-tracking branch 'public/pr/1161' into mbedtls-1.3
...
* public/pr/1161:
Address PR review comments
Backport 1.3:Fix crash when calling `mbedtls_ssl_cache_free` twice
2017-12-19 11:43:57 +01:00
Manuel Pégourié-Gonnard
917969e533
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Fix build without MBEDTLS_FS_IO
2017-12-18 11:45:06 +01:00
Manuel Pégourié-Gonnard
ccbbfdf0d8
Merge remote-tracking branch 'public/pr/1186' into mbedtls-1.3
...
* public/pr/1186:
Fix build without MBEDTLS_FS_IO
2017-12-18 11:44:48 +01:00
Gilles Peskine
3790b4714d
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-12-04 18:01:40 +00:00
Gilles Peskine
4905e6c4e7
Merge branch 'pr_1045' into mbedtls-1.3
2017-12-04 17:29:13 +01:00
Gilles Peskine
046fff12fa
Added ChangeLog entry
2017-12-04 17:26:40 +01:00
Gilles Peskine
6e206364d9
Merge remote-tracking branch 'upstream-public/pr/1175' into mbedtls-1.3
2017-12-04 17:21:09 +01:00
Gilles Peskine
258bf599d6
Merge remote-tracking branch 'upstream-restricted/pr/426' into mbedtls-1.3-restricted
2017-12-01 18:03:15 +01:00
Gilles Peskine
bb709d7483
Fix build without MBEDTLS_FS_IO
...
Fix missing definition of mbedtls_zeroize when MBEDTLS_FS_IO is
disabled in the configuration.
Introduced by e298532394
Merge remote-tracking branch 'upstream-public/pr/1113' into mbedtls-1.3
2017-11-30 12:14:59 +01:00
Gilles Peskine
af86fb9ded
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-11-29 21:06:11 +01:00
Gilles Peskine
3a3228cf90
Merge remote-tracking branch 'upstream-public/pr/1155' into mbedtls-1.3
2017-11-29 20:55:11 +01:00
Gilles Peskine
9f423b18cb
Merge remote-tracking branch 'upstream-public/pr/917' into mbedtls-1.3
2017-11-29 20:55:03 +01:00
Hanno Becker
ad951d131d
Correct dangerous typo in include/polarssl/ssl.h
...
The definition of SSL_MAC_ADD depends on the presence of the
configuration option POLARSSL_ARC4_C, which was misspelled as
POLARSSL_RC4_C in ssl.h, leading to a too small buffer and
subsequently to a buffer overflow during record processing.
This commit fixes the typo.
2017-11-29 18:02:49 +00:00
Gilles Peskine
2cd7c18f59
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-11-28 18:43:57 +01:00
Gilles Peskine
8c946113ba
Merge branch 'pr_1083' into mbedtls-1.3
...
Merge PR #1083 plus ChangeLog entry.
2017-11-28 18:42:21 +01:00
Gilles Peskine
f15cbdab67
Merge remote-tracking branch 'upstream-public/pr/1109' into mbedtls-1.3
2017-11-28 18:41:31 +01:00
Gilles Peskine
43a6b83419
Merge remote-tracking branch 'upstream-public/pr/1081' into mbedtls-1.3
2017-11-28 18:41:02 +01:00
Gilles Peskine
f945a2245e
Merge remote-tracking branch 'upstream-public/pr/944' into mbedtls-1.3
2017-11-28 18:38:17 +01:00
Gilles Peskine
d2e8affa66
Add ChangeLog entry
2017-11-28 18:37:53 +01:00
Gilles Peskine
6f941d6c89
Merge remote-tracking branch 'upstream-restricted/pr/423' into mbedtls-1.3-restricted
...
Resolved simple conflicts caused by the independent addition of
calls to polarssl_zeroize with sometimes whitespace or comment
differences.
2017-11-28 16:23:28 +01:00
Gilles Peskine
b087a88300
Merge remote-tracking branch 'upstream-restricted/pr/405' into mbedtls-1.3-restricted
2017-11-28 16:22:41 +01:00
Gilles Peskine
c5cf89e1cc
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-11-28 15:32:00 +01:00
Gilles Peskine
c22c8a2797
Merge branch 'win-tests-1.3' into mbedtls-1.3
...
Backport of PR #353
2017-11-28 15:28:47 +01:00
Gilles Peskine
8083849575
Add ChangeLog entry
2017-11-28 15:27:48 +01:00
Nicholas Wilson
25f762d248
Allow test suites to be run on Windows
...
For a start, they don't even compile with Visual Studio due to strcasecmp
being missing. Secondly, on Windows Perl scripts aren't executable and have
to be run using the Perl interpreter directly; thankfully CMake is able to
find cygwin Perl straight away without problems.
2017-11-28 13:43:06 +00:00
Gilles Peskine
2bd6ca415b
Merge remote-tracking branch 'upstream-restricted/pr/402' into mbedtls-1.3-restricted
2017-11-28 14:34:24 +01:00
Gilles Peskine
d3dd8d2197
Merge remote-tracking branch 'upstream-restricted/pr/387' into mbedtls-1.3-restricted
2017-11-28 14:34:16 +01:00
Gilles Peskine
c5926a7049
Merge branch 'iotssl-1419-safermemcmp-volatile_backport-1.3' into mbedtls-1.3-restricted
2017-11-28 13:50:05 +01:00
Gilles Peskine
1caad08610
add changelog entry
2017-11-28 13:35:09 +01:00
Gilles Peskine
b662cc1f52
Avoid uninitialized variable warning in entropy_gather_internal
...
The variable ret was always initialized in entropy_gather_internal,
but `gcc -Werror=maybe-uninitialized` rightfully complained that it
was unable to determine this statically. Therefore, tweak the
problematic case (ctx->source_count == 0) to not use ret in that case.
2017-11-24 18:55:19 +01:00
Gilles Peskine
3036cbeb8e
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
2017-11-24 16:07:43 +01:00
Gilles Peskine
e298532394
Merge remote-tracking branch 'upstream-public/pr/1113' into mbedtls-1.3
2017-11-24 15:38:42 +01:00
Gilles Peskine
1dc344373a
Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge-1.3' into mbedtls-1.3-restricted
2017-11-23 19:11:58 +01:00
Gilles Peskine
feae81de91
ChangeLog entry for ssl_parse_client_psk_identity fix
2017-11-23 19:10:48 +01:00
Manuel Pégourié-Gonnard
408dfd1f6a
Merge remote-tracking branch 'restricted/pr/418' into mbedtls-1.3-restricted
...
* restricted/pr/418:
RSA PSS: remove redundant check; changelog
RSA PSS: fix first byte check for keys of size 8N+1
RSA PSS: fix minimum length check for keys of size 8N+1
RSA: Fix another buffer overflow in PSS signature verification
RSA: Fix buffer overflow in PSS signature verification
2017-11-23 12:16:05 +01:00
Hanno Becker
0a139f9a03
Modify debug output
...
Tests from ssl-opt.sh now expect 'expected mac XXX' and no longer 'computed mac
XXX'.
2017-11-21 17:41:59 +00:00
Darryl Green
851111dc16
Add tests for invalid private parameters in ecdsa_sign()
2017-11-20 15:54:05 +00:00
Darryl Green
fdac76f330
Add checks for private parameter in ecdsa_sign()
2017-11-20 15:53:43 +00:00
Hanno Becker
4d48bb6ca3
Adapt ChangeLog
2017-11-20 10:47:03 +00:00
Hanno Becker
251bab5ceb
Fix heap corruption in ssl_decrypt_buf
...
Previously, MAC validation for an incoming record proceeded as follows:
1) Make a copy of the MAC contained in the record;
2) Compute the expected MAC in place, overwriting the presented one;
3) Compare both.
This resulted in a record buffer overflow if truncated MAC was used, as in this
case the record buffer only reserved 10 bytes for the MAC, but the MAC
computation routine in 2) always wrote a full digest.
For specially crafted records, this could be used to perform a controlled write of
up to 6 bytes past the boundary of the heap buffer holding the record, thereby
corrupting the heap structures and potentially leading to a crash or remote code
execution.
This commit fixes this by making the following change:
1) Compute the expected MAC in a temporary buffer that has the size of the
underlying message digest.
2) Compare to this to the MAC contained in the record, potentially
restricting to the first 10 bytes if truncated HMAC is used.
A similar fix is applied to the encryption routine `ssl_encrypt_buf`.
2017-11-20 10:31:23 +00:00
Ron Eldor
9f60bc57ce
Address PR review comments
...
set `cache->chain` to NULL,
instead of setting the whole structure to zero.
2017-10-30 18:18:09 +02:00
Ron Eldor
1f311ed587
Backport 1.3:Fix crash when calling mbedtls_ssl_cache_free
twice
...
Set `cache` to zero at the end of `mbedtls_ssl_cache_free` #1104
2017-10-30 18:16:51 +02:00
Hanno Becker
825c3db149
Adapt ChangeLog
2017-10-25 16:11:06 +01:00
Hanno Becker
c2102893af
Zeroize stack before returning from mpi_fill_random
2017-10-25 16:11:06 +01:00