Commit graph

4046 commits

Author SHA1 Message Date
Janos Follath 822b2c33b9 Added test case for pathlen constrains in intermediate certificates 2015-10-11 10:39:15 +02:00
Manuel Pégourié-Gonnard c4e7d8a381 Bump version to 2.1.2
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
Manuel Pégourié-Gonnard ca056c7748 Fix CVE number in ChangeLog 2015-10-05 18:21:34 +01:00
Manuel Pégourié-Gonnard c80a74f734 Merge branch 'development' into development-restricted
* development:
  Add 'inline' workaround where needed
2015-10-05 16:30:53 +01:00
Manuel Pégourié-Gonnard 2ac9c60838 Add 'inline' workaround where needed
Was previously using the workaround from md.h
2015-10-05 16:18:23 +01:00
Manuel Pégourié-Gonnard a97ab2c8a6 Merge branch 'development' into development-restricted
* development:
  Remove inline workaround when not useful
  Fix macroization of inline in C++
2015-10-05 15:48:09 +01:00
Simon Butcher 9c6762621d Merge branch 'development' of ssh://github.com/ARMmbed/mbedtls into development 2015-10-05 15:45:53 +01:00
Simon Butcher 7776fc36d3 Fix for #279 macroisation of 'inline' keyword 2015-10-05 15:44:18 +01:00
Manuel Pégourié-Gonnard 2d7083435d Fix references to non-standard SIZE_T_MAX
Turns out C99 doesn't define SIZE_T_MAX, so let's not use it.
2015-10-05 15:23:11 +01:00
Manuel Pégourié-Gonnard 86ff4874a4 Merge remote-tracking branch 'origin/development' into development-restricted
* origin/development:
  Fix yotta version dependencies again
2015-10-05 14:59:40 +01:00
Manuel Pégourié-Gonnard 0ccd4537bd Fix yotta version dependencies again 2015-10-05 14:50:41 +01:00
Manuel Pégourié-Gonnard 899ac849d0 Merge branch 'development' into development-restricted
* development:
  Upgrade yotta dependency versions
  Fix compile error in net.c with musl libc
  Add missing warning in doc
2015-10-05 14:47:43 +01:00
Manuel Pégourié-Gonnard 2347bdd7b5 Upgrade yotta dependency versions 2015-10-05 14:39:01 +01:00
Simon Butcher 5ae7984dc2 Merge pull request #306 from ARMmbed/gh-288-missing-warning
Add missing warning in doc
2015-10-05 13:51:10 +01:00
Simon Butcher 281bd6d98e Merge pull request #307 from ARMmbed/gh-278-musl-socklen
Fix compile error in net.c with musl libc
2015-10-05 13:49:26 +01:00
Manuel Pégourié-Gonnard 0431735299 Fix compile error in net.c with musl libc
fixes #278
2015-10-05 12:17:49 +01:00
Manuel Pégourié-Gonnard cb6af00e2a Add missing warning in doc
Found by Nicholas Wilson

fixes #288
2015-10-05 12:12:39 +01:00
Simon Butcher 475cf0a98a Merge fix of IOTSSL-496 - Potential heap overflow
Fix for potential overflow in ssl_write_certificate_request()
2015-10-05 11:57:54 +01:00
Manuel Pégourié-Gonnard 5a2e389811 Remove inline workaround when not useful
This header doesn't have nay inline function any more
2015-10-05 11:55:39 +01:00
Manuel Pégourié-Gonnard 0223ab9d38 Fix macroization of inline in C++
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 11:41:36 +01:00
Simon Butcher fec73a8eec Merge of fix for IOTSSL-481 - Double free
Potential double free in mbedtls_ssl_conf_psk()
2015-10-05 10:40:31 +01:00
Simon Butcher c48b66bfb6 Changed attribution for Guido Vranken 2015-10-05 10:18:17 +01:00
Simon Butcher 6418ffaadb Merge fix for IOTSSL-480 - base64 overflow issue 2015-10-05 09:54:11 +01:00
Simon Butcher a45aa1399b Merge of IOTSSL-476 - Random malloc in pem_read() 2015-10-05 00:26:36 +01:00
Simon Butcher e7f96f22ee Merge fix IOTSSL-475 Potential buffer overflow
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.

Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).

Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-10-04 23:43:05 +01:00
Simon Butcher d5ba4672b2 Merge fix for IOTSSL-474 PKCS12 Overflow
Fix stack buffer overflow in PKCS12
2015-10-04 22:47:59 +01:00
Simon Butcher 5b8d1d65f7 Fix for IOTSSL-473 Double free error
Fix potential double-free in mbedtls_ssl_set_hs_psk(.)
2015-10-04 22:06:51 +01:00
Manuel Pégourié-Gonnard ef388f168d Merge branch 'development' into development-restricted
* development:
  Updated ChangeLog with credit
  Fix a fairly common typo in comments
  Make config check include for configs examples more consistent
2015-10-02 12:44:39 +02:00
Manuel Pégourié-Gonnard bc1babb387 Fix potential overflow in CertificateRequest 2015-10-02 11:20:28 +02:00
Simon Butcher 54eec9d1dd Merge pull request #301 from Tilka/typo
Fix a fairly common typo in comments
2015-10-01 02:07:24 +01:00
Simon Butcher e56384c00c Merge branch 'bachp-configs' into development 2015-10-01 02:02:09 +01:00
Simon Butcher a12e3c00bf Updated ChangeLog with credit 2015-10-01 01:59:33 +01:00
Simon Butcher 13d8762cfe Merge branch 'configs' of bachp configs 2015-10-01 01:52:43 +01:00
Manuel Pégourié-Gonnard 0aa45c209a Fix potential overflow in base64_encode 2015-09-30 16:37:49 +02:00
Manuel Pégourié-Gonnard 50a739f8c3 Add test for base64 output length 2015-09-30 16:31:10 +02:00
Simon Butcher 5624ec824e Reordered TLS extension fields in client
Session ticket placed at end
2015-09-29 01:06:06 +01:00
Simon Butcher 04799a4274 Fixed copy and paste error
Accidental additional assignment in ssl_write_alpn_ext()
2015-09-29 00:31:09 +01:00
Simon Butcher 0fc94e9f83 Revised bounds checking on TLS extensions
Revisions following review feedback
2015-09-28 20:52:04 +01:00
Simon Butcher 9f81231fb8 Revised hostname length check from review 2015-09-28 19:22:33 +01:00
Manuel Pégourié-Gonnard d02a1daca7 Fix stack buffer overflow in pkcs12 2015-09-28 19:47:50 +02:00
Manuel Pégourié-Gonnard 24417f06fe Fix potential double-free in mbedtls_ssl_conf_psk() 2015-09-28 18:09:45 +02:00
Manuel Pégourié-Gonnard 58fb49531d Fix potential buffer overflow in mpi_read_string()
Found by Guido Vranken.

Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.

Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).

Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-09-28 15:59:54 +02:00
Simon Butcher ed9976634f Added bounds checking for TLS extensions
IOTSSL-478 - Added checks to prevent buffer overflows.
2015-09-28 02:14:30 +01:00
Simon Butcher 89f77623b8 Added max length checking of hostname 2015-09-27 22:50:49 +01:00
Tillmann Karras 588ad50c5a Fix a fairly common typo in comments 2015-09-25 04:27:22 +02:00
Manuel Pégourié-Gonnard f592e8eaf6 Update yotta dependency version
We've had a bit of a race between us adapting to changes in 0.3.x and the
sockets author reverting those changes in the 0.3.x line and pushing them to
0.4.0. Let's use the newest and greatest sockets :)
2015-09-22 15:04:07 +02:00
Simon Butcher 8f98842e38 Refined credits in ChangeLog for fuzzing issue
Changed GDS to Gotham Digital Science
2015-09-22 10:10:36 +01:00
Manuel Pégourié-Gonnard 2f056a0aee Try to run yotta update for yotta build test
But accept failures in case we're offline
2015-09-18 14:37:54 +02:00
Manuel Pégourié-Gonnard ca4fb7154a Fix mbed examples after minar upgrade 2015-09-18 14:36:57 +02:00
Manuel Pégourié-Gonnard 8cea8ad8b8 Bump version to 2.1.1 2015-09-17 11:58:45 +02:00