Commit graph

348 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 9405e462d0 Bump version to 1.2.15 2015-09-17 11:55:25 +02:00
Manuel Pégourié-Gonnard 2bc4505f5d Add counter-measure against RSA-CRT attack
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/

backport of a1cdcd2
2015-09-09 12:36:49 +02:00
Manuel Pégourié-Gonnard fa566e3545 Fix possible client crash on API misuse 2015-09-03 11:01:37 +02:00
Manuel Pégourié-Gonnard aa4e55bd23 Fix warning with MD/SHA ALT implementation
backport of e217cee

see #239
2015-08-31 12:23:30 +02:00
Manuel Pégourié-Gonnard faf44abf2a Accept a trailing space at end of PEM lines
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
2015-08-10 16:43:28 +02:00
Manuel Pégourié-Gonnard ebb9cf9cc6 Fix compile error with armcc5 --gnu 2015-08-10 16:41:50 +02:00
Manuel Pégourié-Gonnard af39e3e597 Fix missing -static-libgcc for dlls 2015-08-10 16:41:14 +02:00
Manuel Pégourié-Gonnard 7f61053371 Fix bug with cmake and old version of GCC 2015-08-10 16:40:02 +02:00
Paul Bakker 7fc4e3e225 Prepare for 1.2.15 release 2015-08-10 15:06:34 +01:00
Manuel Pégourié-Gonnard 3517c20df7 Up default server DH params to 2048 bits 2015-07-03 17:43:06 +02:00
Manuel Pégourié-Gonnard 26d88cf154 Fix thread-safety issue in debug.c 2015-06-29 18:54:28 +02:00
Manuel Pégourié-Gonnard 5324d411da Up min size of DHM params to 1024 bits 2015-06-29 18:54:28 +02:00
Paul Bakker 7b209579c6 Prepare for 1.2.14 release 2015-06-26 15:35:30 +01:00
Manuel Pégourié-Gonnard 70f0df9e46 Add countermeasure against cache-based lucky 13 2015-04-29 09:45:58 +02:00
Manuel Pégourié-Gonnard 0c2fa144bc Fix invalid memory read in x509_get_sig() 2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard cd7d24d464 Fix bug in Via Padlock support
Backport of cf201201 from the 1.3 branch
2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard 7e82884811 Fix hardclock with some versions of mingw64
Backport of 383433535 from the 1.3 branch
2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard a9553a8c49 Fix warnings from mingw64 in timing.c
Backport from dda52139 from the 1.3 branch
2015-04-23 10:55:05 +02:00
Manuel Pégourié-Gonnard 64f65e84bc Fix potential unintended sign extension
Backport of 6fdc4cae from the 1.3 branch
2015-04-23 10:55:04 +02:00
Manuel Pégourié-Gonnard 82f1a88a92 Update Changelog for the last two commits 2015-04-23 10:55:04 +02:00
Paul Bakker 9fdc58fd9e Ready for release 1.2.13 2015-02-16 15:17:32 +01:00
Manuel Pégourié-Gonnard f097400abc Fix small bug in base64_encode() 2015-02-05 11:48:58 +00:00
James Cowgill b82f59162c Fix mips64 bignum implementation
- Use correct mips64 define (__mips64, not __mips64__).
- Added mips64 to the list of arches supporting 64-bit ints.
2015-02-05 11:41:03 +00:00
Manuel Pégourié-Gonnard 2dc15c8e7d Fix unchecked error on windows 2015-02-05 11:34:49 +00:00
Manuel Pégourié-Gonnard d64359279d Fix bug on s390 2015-01-23 15:50:23 +00:00
Manuel Pégourié-Gonnard 258bab0b1b Fix missing bound check 2014-11-27 09:27:21 +01:00
Manuel Pégourié-Gonnard 4cdb3babad Add POLARSSL_X509_MAX_INTERMEDIATE_CA 2014-11-20 17:12:15 +01:00
Manuel Pégourié-Gonnard 1c022a6983 Fix memory leaks in PKCS#5 and PKCS#12 2014-11-17 12:27:49 +01:00
Manuel Pégourié-Gonnard d8a1ea72b1 Fix potential buffer overread of size 1 2014-11-17 12:27:49 +01:00
Manuel Pégourié-Gonnard ffbeedb838 Fix potential undefined behaviour in Camellia 2014-11-17 11:52:34 +01:00
Manuel Pégourié-Gonnard 017bf57daa Forbid repeated X.509 extensions 2014-11-17 11:01:09 +01:00
Manuel Pégourié-Gonnard 360eb91d02 Fix potential stack overflow 2014-11-17 11:01:09 +01:00
Manuel Pégourié-Gonnard fdec957e55 Fix memory leak with crafted X.509 certs 2014-11-17 11:01:08 +01:00
Manuel Pégourié-Gonnard d3ae430241 Fix uninitialised pointer dereference 2014-11-17 11:01:08 +01:00
Manuel Pégourié-Gonnard d730aa517a Use blinding for RSA even without CRT 2014-11-12 16:29:12 +01:00
Paul Bakker fc3697ce2b Prepared for PolarSSL-1.2.12 2014-10-24 10:42:52 +02:00
Manuel Pégourié-Gonnard 0b12d5e332 Accept spaces at EOL/buffer in base64_decode() 2014-10-23 17:00:26 +02:00
Manuel Pégourié-Gonnard a6118741a7 Update changelog for the last few commits 2014-10-23 15:37:34 +02:00
Manuel Pégourié-Gonnard 9711920304 Fix ssl_read wrt non-Application Data 2014-10-23 15:29:55 +02:00
Manuel Pégourié-Gonnard 3fdfcedebb Fix net_accept() regarding non-blocking sockets 2014-10-23 15:23:48 +02:00
Manuel Pégourié-Gonnard 982eda385f Don't print uninitialised buffer in ssl_mail_client 2014-10-23 15:20:26 +02:00
Manuel Pégourié-Gonnard 0b0b522932 Fix compiler warnings on iOS 2014-10-23 15:17:27 +02:00
Manuel Pégourié-Gonnard 7d75ea4787 x509_crt_parse() did not increase total_failed on PEM error 2014-10-23 15:13:39 +02:00
Manuel Pégourié-Gonnard 86792a6cf3 Fix ssl_close_notify() with non-blocking I/O 2014-10-23 15:02:45 +02:00
Manuel Pégourié-Gonnard 066c1f60bb Fix potential bad read in parsing ServerHello 2014-10-23 14:58:09 +02:00
Manuel Pégourié-Gonnard 6b44038913 Fix memory leak parsing some X.509 certs 2014-10-23 14:53:46 +02:00
Paul Bakker 695266cb51 Updated to version 1.2.11 2014-07-11 11:26:03 +02:00
Paul Bakker bbc843f0b8 Fix base64_decode() to return and check length correctly 2014-07-08 18:29:06 +02:00
Manuel Pégourié-Gonnard 03917bf7d5 Disable broken Sparc64 bn_mul assembly 2014-07-08 18:29:01 +02:00
Manuel Pégourié-Gonnard 4564af9e3d Fix asm format of bn_mul.h for more portability
Found by Barry K. Nathan.

Quoting from http://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html:

"You can put multiple assembler instructions together in a single asm
template, separated by the characters normally used in assembly code for the
system. A combination that works in most places is a newline to break the
line, plus a tab character to move to the instruction field (written as
‘\n\t’). Sometimes semicolons can be used, if the assembler allows semicolons
as a line-breaking character. Note that some assembler dialects use semicolons
to start a comment."
2014-07-08 18:28:59 +02:00