Commit graph

4508 commits

Author SHA1 Message Date
Nicholas Wilson e735303026 Shut up a few clang-analyze warnings about use of uninitialized variables
The functions are all safe, Clang just isn't clever enough to realise
it.
2016-05-23 14:29:28 +01:00
Nicholas Wilson 91c68a5e15 Shut up a clang-analyzer warning
The function appears to be safe, since grow() is called with sensible
arguments in previous functions.  Ideally Clang would be clever enough to
realise this.  Even if N has size MBEDTLS_MPI_MAX_LIMBS, which will
cause the grow to fail, the affected lines in montmul won't be reached.
Having this sanity check can hardly hurt though.
2016-05-23 14:29:28 +01:00
Attila Molnar 2791ba1429 Fix handle leak in mbedtls_platform_entropy_poll() on Windows on error 2016-05-23 14:29:28 +01:00
Alexey Skalozub c8404607ea Move K inside MBEDTLS_SHA512_PROCESS_ALT block
It is used only by `mbedtls_sha512_process()`, and in case `MBEDTLS_SHA512_PROCESS_ALT` is defined, it still cannot be reused because of `static` declaration.
2016-05-23 14:29:28 +01:00
James Cowgill c788b4cb5a Fix segfault on x32 by using better register constraints in bn_mul.h
On x32, pointers are only 4-bytes wide and need to be loaded using the "movl"
instruction instead of "movq" to avoid loading garbage into the register.

The MULADDC routines for x86-64 are adjusted to work on x32 as well by getting
gcc to load all the registers for us in advance (and storing them later) by
using better register constraints. The b, c, D and S constraints correspond to
the rbx, rcx, rdi and rsi registers respectively.
2016-05-23 14:29:28 +01:00
James Cowgill 5c1e24ca05 Fix build errors on x32 by using the generic 'add' instruction
On x32 systems, pointers are 4-bytes wide and are therefore stored in %e?x
registers (instead of %r?x registers). These registers must be accessed using
"addl" instead of "addq", however the GNU assembler will acccept the generic
"add" instruction and determine the correct opcode based on the registers
passed to it.
2016-05-23 14:29:28 +01:00
Nicholas Wilson b19bac4d82 Allow test suites to be run on Windows
For a start, they don't even compile with Visual Studio due to strcasecmp
being missing.  Secondly, on Windows Perl scripts aren't executable and have
to be run using the Perl interpreter directly; thankfully CMake is able to
find cygwin Perl straight away without problems.
2016-05-23 14:29:28 +01:00
Janos Follath c6dab2b029 Fix non compliance SSLv3 in server extension handling.
The server code parses the client hello extensions even when the
protocol is SSLv3 and this behaviour is non compliant with rfc6101.
Also the server sends extensions in the server hello and omitting
them may prevent interoperability problems.
2016-05-23 14:27:02 +01:00
Janos Follath bed09bd7c5 Merge branch 'iotssl-760-c++-fix' into development 2016-05-23 14:12:20 +01:00
Simon Butcher 27f9ccc959 Adds check for valgrind to ssl-opt.sh (#488)
Provides graceful exit rather than fail silently if valgrind isn't installed.
2016-05-23 11:13:17 +01:00
Simon Butcher 12833ed3c8 Adds additional casts to calloc calls
Casts added to allow compilation of the library as C++
2016-05-20 00:19:09 +01:00
Simon Butcher 3b36bd12f6 Adds casts to zeroize functions to allow building as C++ 2016-05-20 00:00:37 +01:00
Simon Butcher 80d70cb468 Updates copyright and attribution in comment header in ssl-opt.sh 2016-05-19 23:43:11 +01:00
Simon Butcher 7c0ad8b8cf Adds parallel builds to basic-build-test.sh
To speed up test time, added parallel builds
2016-05-19 22:15:34 +01:00
Simon Butcher 99239d6ff1 Fixes RC4 config dependencies in tests in ssl-opt.h
Adds dependencies on MBEDTLS_REMOVE_ARC4_CIPHERSUITES for tests that
require RC4 to be disabled (the default config).
2016-05-19 22:12:18 +01:00
Simon Butcher 7ee51c626a Fixes whitespace errors in x509_crl.c 2016-05-19 00:22:37 +01:00
Simon Butcher d5bc3ebe29 Merge pull request #486 from bmurray7/fix-indentation
fix indentation in output of selftest.c
2016-05-19 00:16:58 +01:00
Simon Butcher 3a3159a674 Merge pull request #476 from pjbakker/numbered-tests-ssl-opt
Update ssl-opt.sh capabilities to help with debugging
2016-05-19 00:16:18 +01:00
Simon Butcher a81d08a93c Merge pull request #473 from pjbakker/iotssl-694-config-warnings
Add check to prevent enabling of RSA without selecting PKCS version(s)
2016-05-19 00:10:53 +01:00
Brian Murray a8a318db45 fix indentation in output of selftest.c 2016-05-18 14:38:02 -07:00
Paul Bakker d7392c44e9 Merge branch 'ssl-opt-regression' into development 2016-05-18 10:29:42 +01:00
Paul Bakker f8e3794792 Update ChangeLog to reflect 2016-05-13 10:50:41 +01:00
Paul Bakker b8c8018343 Split test into valgrind and no-valgrind version
Running valgrind on: "DTLS client reconnect from same port: reconnect,
nbio" results in timeouts.

New version added that runs only under valgrind. Original only runs when
valgrind is not used
2016-05-13 10:33:25 +01:00
Paul Bakker 629c1ad398 Add fix to ignore valgrind messages related to compressed debug symbols
The glibc package recently enabled compressed debug symbols but valgrind doesn't
support them yet.

Results in messages like:
 --14923-- WARNING: Serious error when reading debug info
 --14923-- When reading debug info from /lib/x86_64-linux-gnu/ld-2.21.so:
 --14923-- Ignoring non-Dwarf2/3/4 block in .debug_info

First line has 'error' in it which triggers some of the ssl-opt tests
2016-05-13 10:30:46 +01:00
Paul Bakker cf1c6da664 Merge branch 'memcheck-fix' into development 2016-05-12 16:45:35 +01:00
Paul Bakker 8f0e4c263a Amended ChangeLog 2016-05-12 16:38:27 +01:00
Paul Bakker 53f01199e2 Fix memory-leak in verbose test framework in case of unexpected input 2016-05-12 15:59:48 +01:00
Paul Bakker 2a259c63e3 Fox verbose test framework not to duplicate strings if not verbose 2016-05-12 15:55:37 +01:00
Paul Bakker 6e51915187 Fix verbose test framework mote to use unmet_dep_count for index 2016-05-12 15:52:48 +01:00
Paul Bakker 21cc5741cf Cleanup ifdef statements 2016-05-12 12:46:28 +01:00
Paul Bakker d1fe7aabc9 Put clang analyzer fix inside __clang_analyzer__ guard 2016-05-12 12:46:02 +01:00
Simon Butcher 2dd49d1e47 Reverts change in commit daf534d
Commit daf534d from PR #457 breaks the build. This may reintroduce a
clang-analyse warning, but this is the wrong fix for that.

The fix removed a call to mbedtls_ecp_curve_info_from_grp_id() to find
the curve info. This fix adds that back in.
2016-05-11 23:15:58 +01:00
Paul Bakker 9edf1eb062 Merge pull request #376 from jcowgill/x32
Support for x32
2016-05-11 20:40:08 +02:00
Paul Bakker f4743a6f5e Merge pull request #457 from NWilson/clang-analyze-fixes
Clang analyze fixes
2016-05-11 20:20:42 +02:00
Paul Bakker e1fbac4ac4 Merge pull request #409 from attilamolnar/fix-handle-leak
Fix handle leak in mbedtls_platform_entropy_poll() on Windows on error
2016-05-11 20:14:16 +02:00
Paul Bakker aaee547547 Merge pull request #402 from pieceofsummer/sha512-process-alt-k
Move K inside MBEDTLS_SHA512_PROCESS_ALT block
2016-05-11 20:12:45 +02:00
Paul Bakker 324258fdc8 Merge pull request #353 from NWilson/win-tests
Allow test suites to be run on Windows
2016-05-11 20:09:13 +02:00
Paul Bakker e049ccd405 Add end guard comment 2016-05-11 14:13:02 +01:00
Embedthis Software 17ddff5eaf Fix single threaded builds 2016-05-11 14:13:02 +01:00
Simon Butcher 71c7ac5597 Corrects incorrectly named function in ctr_drbg.c comment 2016-05-10 23:47:30 +01:00
Simon Butcher 699d7193a1 Disables backtrace config from basic-build-test.sh
The configuration MBEDTLS_MEMORY_BACKTRACE is intended for debug and
is not necessary for test coverage. Because it causes timing problems
in some tests the configuration has been removed as it's not present in
equivalent tests in the all.sh test script.
2016-05-10 21:16:54 +01:00
Simon Butcher e9f25c8a60 Widens test bounds on memory alloc tests 2016-05-10 20:57:03 +01:00
Simon Butcher 295639bfa1 Fixes minor typos in comments in pk.h and ctr_drbg.c
Fixes typos in PRs #475 and #437
2016-05-10 19:39:36 +01:00
Paul Bakker 73b851d23b Add option to preserve all logs in ssl-opt.sh
Useful to also allow saving of correct logs in order to compare
differences with failed logs
2016-05-10 11:47:13 +01:00
Paul Bakker 9911faa1b4 Add option to print test numbers in ssl-opt.sh output
Allows for easy selection of tests based on numbers for use with the
'-n' option
2016-05-10 11:18:17 +01:00
Paul Bakker 6507891e65 Add ability to only run select numbered tests in ssl-opt.sh
In order to reduce debugging time, allows you to only run interesting
tests (by number) from the commandline.

e.g. the command 'tests/ssl-opt.sh -n 246,258' will only run test 246
and 258 (as per the number in the log file names)
2016-05-10 10:50:43 +01:00
Paul Bakker d9dcd4321b Fix logic to allow at least one PKCS version enabled 2016-05-09 15:13:04 +01:00
Paul Bakker 1aa590a1e4 Add check to prevent enabling of RSA without selecting PKCS version(s) 2016-05-09 14:36:33 +01:00
Janos Follath 00efff7469 Add a test for SSLv3 with extensions, server side
This test verifies if the server parses or sends extensions when
the protocol is SSLv3.
2016-05-06 13:57:19 +01:00
Simon Butcher d96924de9c Widens test parameters in memory alloc tests 2016-05-06 00:22:18 +01:00