Angus Gratton
8946b0dd30
Check for invalid short Alert messages
...
(Short Change Cipher Spec & Handshake messages are already checked for.)
2018-07-16 20:12:56 +01:00
Angus Gratton
b91cb6e1e6
TLSv1.2: Treat zero-length fragments as invalid, unless they are application data
...
TLS v1.2 explicitly disallows other kinds of zero length fragments (earlier standards
don't mention zero-length fragments at all).
2018-07-16 20:12:55 +01:00
Angus Gratton
1ba8e911ec
CBC mode: Allow zero-length message fragments (100% padding)
...
Fixes https://github.com/ARMmbed/mbedtls/issues/1632
2018-07-16 20:12:47 +01:00
Simon Butcher
28f68a3d15
Merge remote-tracking branch 'public/pr/1809' into mbedtls-2.7
2018-07-10 14:58:51 +01:00
Simon Butcher
a159d64e86
Merge remote-tracking branch 'public/pr/1827' into mbedtls-2.7
2018-07-10 12:50:16 +01:00
Brendan Shanks
b32233319b
x509.c: Remove unused includes
...
Remove unused includes guarded by MBEDTLS_FS_IO, which doesn't appear
anywhere else in the file.
2018-07-02 12:13:26 +01:00
niisato
a35dbf155c
about a issue Replace "new" variable #1782
2018-06-29 11:17:41 +01:00
Ron Eldor
8c02dd1709
Move definition of MBEDTLS_CIPHER_MODE_STREAM
...
Move definition of `MBEDTLS_CIPHER_MODE_STREAM` to header file
(`mbedtls_cipher_internal.h`), because it is used by more than
one file. Raised by TrinityTonic in #1719
2018-06-28 08:44:47 +03:00
Simon Butcher
0e342f77fc
Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7
2018-06-27 11:11:34 +01:00
Simon Butcher
035d824ad5
Merge remote-tracking branch 'public/pr/1768' into mbedtls-2.7
2018-06-27 11:09:27 +01:00
Philippe Antoine
0f91c0f441
Coding style
...
Commit to be squashed
2018-06-22 11:45:38 +01:00
Philippe Antoine
dc58e59280
Simplify code in mbedtls_x509_csr_parse
2018-06-22 11:44:48 +01:00
Philippe Antoine
78657e52d8
Fix memory leak in mbedtls_x509_csr_parse
2018-06-22 11:44:38 +01:00
Andres Amaya Garcia
0fc4e0878e
Document ssl_write_real() behaviour in detail
2018-06-21 19:29:49 +01:00
Simon Butcher
662ae9eaae
Change the library version to 2.7.4
2018-06-18 14:42:14 +01:00
Simon Butcher
112dfd5bc5
Merge remote-tracking branch 'public/pr/1728' into mbedtls-2.7
2018-06-15 13:02:40 +01:00
Simon Butcher
47212c8e2c
Merge remote-tracking branch 'public/pr/1581' into mbedtls-2.7
2018-06-14 11:02:43 +01:00
Simon Butcher
da46a40855
Merge remote-tracking branch 'public/pr/1711' into mbedtls-2.7
2018-06-14 11:01:14 +01:00
Simon Butcher
49de6b89c1
Compilation warning fixes on 32b platfrom with IAR
...
Fix compilation warnings with IAR toolchain, on 32 bit platform.
Reported by rahmanih in #683
This is based on work by Ron Eldor in PR #750 , some of which was independently
fixed by Azim Khan and already merged in PR #1655 .
2018-06-14 09:05:55 +01:00
Simon Butcher
fb6da8815c
Merge remote-tracking branch 'public/pr/1655' into mbedtls-2.7
2018-06-12 17:40:08 +01:00
Fabio Alessandrelli
ec4ce37709
Only redefine _WIN32_WINNT macro when < 0x0501
2018-06-08 12:28:47 +01:00
Simon Butcher
bb5e1c3973
Fix multiple quality issues in the source
...
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
* incorrect file permissions
* missing newline at the end of files
* trailing whitespace
* Tabs present
* TODOs in the souce code
2018-06-08 11:14:43 +01:00
Azim Khan
826cdab010
Treat warnings as errors for IAR
...
Fix IAR compiler warnings
Two warnings have been fixed:
1. code 'if( len <= 0xFFFFFFFF )' gave warning 'pointless integer comparison'.
This was fixed by wraping the condition in '#if SIZE_MAX > 0xFFFFFFFF'.
2. code 'diff |= A[i] ^ B[i];' gave warning 'the order of volatile accesses is undefined in'.
This was fixed by read the volatile data in temporary variables before the computation.
Explain IAR warning on volatile access
Consistent use of CMAKE_C_COMPILER_ID
2018-05-25 14:58:33 +01:00
Darryl Green
68207f868b
Fix braces in mbedtls_memory_buffer_alloc_status()
2018-05-23 16:32:33 +01:00
Jaeden Amero
1fc4d33f5f
Update version to 2.7.3
2018-04-27 13:15:45 +01:00
Jaeden Amero
07d1d5f270
Merge remote-tracking branch 'upstream-restricted/pr/473' into mbedtls-2.7-restricted-proposed
...
Remove trailing whitespace in ChangeLog.
2018-04-26 09:07:15 +01:00
Jaeden Amero
402256184a
Merge branch 'mbedtls-2.7-proposed' into mbedtls-2.7-restricted-proposed
...
Resolve conflicts in ChangeLog.
2018-04-26 09:03:51 +01:00
Andrzej Kurek
6608096544
Change accepted ciphersuite versions when parsing server hello
...
Accept only ciphersuites for version chosen by the server
2018-04-25 05:28:08 -04:00
Andrzej Kurek
149f3a4d73
Change variable bytes_written to header_bytes in record decompression
...
The name is changed to better reflect the input, decompression case
2018-04-24 06:32:44 -04:00
Andrzej Kurek
c3a3e2df0e
ssl_tls: Fix invalid buffer sizes during compression / decompression
...
Adjust information passed to zlib to include already written data.
2018-04-23 08:39:13 -04:00
Mohammad Azim Khan
0acbd7df03
Same ciphersuite validation in server and client hello
2018-04-20 19:58:37 +01:00
Manuel Pégourié-Gonnard
8bce3685f5
Merge remote-tracking branch 'restricted/pr/468' into mbedtls-2.7-restricted-proposed
...
* restricted/pr/468:
Improve comments style
Remove a redundant test
Add buffer size check before cert_type_len read
Update change log
Add a missing buffer size check
Correct buffer size check
2018-04-18 12:21:36 +02:00
Krzysztof Stachowiak
affb4f8e90
Improve comments style
2018-04-10 13:43:23 +02:00
Krzysztof Stachowiak
5ca4c5a15d
Remove a redundant test
2018-04-10 13:43:17 +02:00
Krzysztof Stachowiak
314f16136f
Add buffer size check before cert_type_len read
2018-04-10 13:43:10 +02:00
Krzysztof Stachowiak
071f9a3e47
Add a missing buffer size check
2018-04-04 13:44:04 +02:00
Krzysztof Stachowiak
3d8663b4f9
Correct buffer size check
...
Further in the code the next field from the binary buffer is read. The
check contained an off by one error.
2018-04-04 13:43:00 +02:00
Jaeden Amero
d8e0cec63b
Merge remote-tracking branch 'upstream-public/pr/1464' into mbedtls-2.7-proposed
2018-04-03 18:27:54 +01:00
Jaeden Amero
b5f53b1039
Merge remote-tracking branch 'upstream-public/pr/1401' into mbedtls-2.7-proposed
2018-04-03 12:09:45 +01:00
Jaeden Amero
e7dc46240d
Merge remote-tracking branch 'upstream-public/pr/1543' into mbedtls-2.7-proposed
2018-04-03 12:03:30 +01:00
mohammad1603
29ed80f79f
Fix compatibility problem in the printed message
...
Replace %zu with %lu and add cast for the printed value.
2018-04-02 07:34:26 -07:00
Gilles Peskine
595c84a7b1
Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed
2018-04-01 12:41:29 +02:00
Gilles Peskine
a0e03a81a7
Merge branch 'pr_1538' into mbedtls-2.7-proposed
2018-04-01 12:35:50 +02:00
Gilles Peskine
cc78ac46e7
Update error.c
2018-03-30 18:52:10 +02:00
Gilles Peskine
5114d3e4e1
Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
...
Clarify what MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH and
MBEDTLS_ERR_PK_SIG_LEN_MISMATCH mean. Add comments to highlight that
this indicates that a valid signature is present, unlike other error
codes. See
https://github.com/ARMmbed/mbedtls/pull/1149#discussion_r178130705
2018-03-30 18:43:16 +02:00
Andy Leiserson
38a29ee5d0
return plaintext data faster on unpadded decryption
2018-03-29 08:39:55 -04:00
Jaeden Amero
38e37bdd56
Merge remote-tracking branch 'upstream-public/pr/1529' into mbedtls-2.7-proposed
2018-03-29 11:00:09 +01:00
mohammad1603
44a6a688c8
Check whether INT_MAX larger than SIZE_MAX scenario
...
Check whether INT_MAX larger than SIZE_MAX scenario
2018-03-28 23:45:33 -07:00
Jaeden Amero
5166a188eb
Merge remote-tracking branch 'upstream-public/pr/1468' into mbedtls-2.7-proposed
2018-03-28 15:36:36 +01:00
Jaeden Amero
0d891042d1
Merge remote-tracking branch 'upstream-public/pr/1524' into mbedtls-2.7-proposed
2018-03-28 15:33:45 +01:00