Commit graph

7127 commits

Author SHA1 Message Date
Darryl Green d3cde6f2d3 Add option to skip identifiers in ABI checks
By default abi-compliance-checker will check the entire ABI/API.
There are internal identifiers that we do not promise compatibility
for, so we want the ability to skip them when checking the ABI/API.
2019-04-18 11:51:49 +01:00
Darryl Green 834ebc415c Extend abi-checking to different repos 2019-04-18 11:51:49 +01:00
Gilles Peskine fceb4ce767 abi_check.py: Document more methods 2019-04-18 11:51:38 +01:00
Jaeden Amero 346f9595c9 abi_check: Update submodules
When grabbing a fresh copy of a branch, it's required to also fetch the
submodule. Add fetching the submodule to abi_check.py.
2019-04-18 11:40:21 +01:00
Jaeden Amero 5857c2f43f abi_check: Allow checking current checkout
Without a "--detach" option, git worktree will refuse to checkout a branch
that's already checked out. This makes the abi_check.py script not very
useful for checking the currently checked out branch, as git will error
that the branch is already checked out. Add the "--detach" option to check
out the new temporary worktree in detached head mode. This is acceptable
because we aren't planning on working on the branch and just want a
checkout to do ABI checking from.
2019-04-18 11:40:21 +01:00
Darryl Green 31321ca893 Fix minor issues with command line options 2019-04-18 11:40:21 +01:00
Darryl Green 4cd7a9b8ed Updated abi_check.py docstrings 2019-04-18 11:40:21 +01:00
Darryl Green c47ac2651a Fix current directory check 2019-04-18 11:40:21 +01:00
Darryl Green e3e6b18351 Add copyright to abi_check script 2019-04-18 11:40:21 +01:00
Darryl Green 3da1504229 Add script for ABI compatibility checking 2019-04-18 11:40:21 +01:00
Jaeden Amero 2e9f9adcba Merge remote-tracking branch 'origin/pr/2572' into mbedtls-2.7
* origin/pr/2572:
  Clarify comment mangled by an earlier refactoring
  Add an "out-of-box" component
  Run ssl-opt.sh on 32-bit runtime
2019-04-16 15:10:04 +01:00
Jaeden Amero 7f09d88c5e Merge remote-tracking branch 'origin/pr/2556' into mbedtls-2.7
* origin/pr/2556:
  Give credit to OSS-Fuzz for #2404
2019-04-16 15:07:56 +01:00
Jaeden Amero ae29e53f2a Merge remote-tracking branch 'origin/pr/2554' into mbedtls-2.7
* origin/pr/2554:
  Remove ssl_cert_test sample app
2019-04-16 15:07:06 +01:00
Jaeden Amero 440baeb130 Merge remote-tracking branch 'origin/pr/2551' into mbedtls-2.7
* origin/pr/2551:
  Fix the proxy seed in Travis runs
2019-04-16 14:37:56 +01:00
Gilles Peskine 26cae71cbf Clarify comment mangled by an earlier refactoring 2019-04-10 18:49:42 +02:00
Gilles Peskine 1270d32b29 Add an "out-of-box" component
Just run `make` and `make test`. And `selftest` for good measure.
2019-04-10 18:49:42 +02:00
Gilles Peskine 110642993b Run ssl-opt.sh on 32-bit runtime
Run ssl-opt.sh on x86_32 with ASan. This may detect bugs that only
show up on 32-bit platforms, for example due to size_t overflow.

For this component, turn off some memory management features that are
not useful, potentially slow, and may reduce ASan's effectiveness at
catching buffer overflows.
2019-04-10 18:48:36 +02:00
Qixiang Xu 36d2791972 Fix CMake build error on Cygwin and minGW platforms
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
2019-04-10 15:05:20 +01:00
Jaeden Amero 4430b2548c Give credit to OSS-Fuzz for #2404
Add "Credit to OSS-Fuzz", in addition to Guido Vranken, for identifying
bug #2404.
2019-04-08 11:27:32 +01:00
Ron Eldor c0f55f3d61 Remove ssl_cert_test sample app
Remove the ssl_cert_test sample application, as it uses
hardcoded certificates that moved, and is redundant with the x509
tests and applications. Fixes #1905.
2019-04-07 16:59:13 +03:00
Jaeden Amero 4ff2eb379c Merge remote-tracking branch 'origin/pr/2499' into mbedtls-2.7
* origin/pr/2499:
  Fix default port number information
2019-04-05 14:25:06 +01:00
Manuel Pégourié-Gonnard 27762f372e Fix the proxy seed in Travis runs
This is what we do in Jenkins, so it only makes sense to do it here as well.
This will avoid random failures for no other reason than the proxy was
dropping all the messages due to an unlucky PRNG seed.

See https://docs.travis-ci.com/user/environment-variables/ for syntax
2019-04-05 15:23:50 +02:00
Jaeden Amero 698f287e58 Merge remote-tracking branch 'origin/pr/2471' into mbedtls-2.7
* origin/pr/2471:
  check-files.py: readability improvement in permission check
  check-files.py: use class fields for class-wide constants
  check-files.py: clean up class structure
  check-files.py: document some classes and methods
2019-04-05 14:19:37 +01:00
Jaeden Amero f3df5b8552 Merge remote-tracking branch 'origin/pr/2519' into mbedtls-2.7
* origin/pr/2519:
  Fix errors in AEAD test function
2019-04-05 14:17:08 +01:00
Jaeden Amero 99b679f364 Merge remote-tracking branch 'origin/pr/2504' into mbedtls-2.7
* origin/pr/2504:
  Fix ChangeLog entry ordering
  Fix typo
  Add non-regression test for buffer overflow
  Improve documentation of mbedtls_mpi_write_string()
  Adapt ChangeLog
  Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
2019-04-05 14:09:25 +01:00
Jaeden Amero e4b835d1dc Merge remote-tracking branch 'origin/pr/2511' into mbedtls-2.7
* origin/pr/2511:
  Remove Circle CI script
2019-04-05 13:51:38 +01:00
Jaeden Amero 415255f4a0 Merge remote-tracking branch 'origin/pr/2513' into mbedtls-2.7
* origin/pr/2513:
  x509.c: Fix potential memory leak in X.509 self test
2019-04-05 13:48:19 +01:00
Ron Eldor 9840c215f3 Add guards for MBEDTLS_X509_CRL_PARSE_C in sample
Add checks in `ssl_server2` that `MBEDTLS_X509_CRL_PARSE_C` is defined
to fix compilation issue. Fixes #560.
2019-04-04 15:11:42 +03:00
Jaeden Amero a5f5ad3cf4 Merge remote-tracking branch 'restricted/pr/554' into mbedtls-2.7
* restricted/pr/554:
  Fix too small buffer in a test
  Add changelog entry for mbedtls_ecdh_get_params robustness
  Fix ecdh_get_params with mismatching group
  Add test case for ecdh_get_params with mismatching group
  Add test case for ecdh_calc_secret
2019-03-27 14:53:29 +00:00
Jaeden Amero 1beeeff394 Merge remote-tracking branch 'origin/pr/2527' into mbedtls-2.7
* origin/pr/2527:
  Update library version to 2.7.10
2019-03-26 14:53:56 +00:00
Jaeden Amero b4686b4f32 Update library version to 2.7.10 2019-03-19 16:18:43 +00:00
Jack Lloyd b17537558a Fix errors in AEAD test function
It was failing to set the key in the ENCRYPT direction before encrypting.
This just happened to work for GCM and CCM.

After re-encrypting, compare the length to the expected ciphertext
length not the plaintext length. Again this just happens to work for
GCM and CCM since they do not perform any kind of padding.
2019-03-14 11:00:58 +02:00
Junhwan Park e5d016356a x509.c: Fix potential memory leak in X.509 self test
Found and fixed by Junhwan Park in #2106.

Signed-off-by: Junhwan Park <semoking@naver.com>
2019-03-11 15:17:27 +02:00
Janos Follath 05bf39f246 Remove Circle CI script
We are running an equivalent set of test by other means and therefore
this script is no longer needed.
2019-03-11 11:20:46 +00:00
Janos Follath dc223cfdfa Fix ChangeLog entry ordering 2019-03-06 15:24:23 +00:00
Janos Follath 216e7385ef Fix typo 2019-03-06 14:00:44 +00:00
Janos Follath f56da14408 Add non-regression test for buffer overflow 2019-03-06 14:00:39 +00:00
Hanno Becker a277d4cc82 Improve documentation of mbedtls_mpi_write_string() 2019-03-06 14:00:33 +00:00
Hanno Becker 249958bdb8 Adapt ChangeLog 2019-03-06 13:59:55 +00:00
Hanno Becker eff335d575 Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
This can only occur for negative numbers. Fixes #2404.
2019-03-06 13:56:31 +00:00
irwir c6f4539575 Fix default port number information 2019-03-06 15:10:40 +02:00
Jaeden Amero 3a70ab9319 Merge remote-tracking branch 'origin/pr/2390' into mbedtls-2.7
* origin/pr/2390:
  Correct length check for DTLS records from old epochs.
2019-03-05 16:38:00 +00:00
Jaeden Amero f337513bce Merge remote-tracking branch 'origin/pr/2400' into mbedtls-2.7
* origin/pr/2400:
  Add ChangeLog entry
  Fix private DER output shifted by one byte.
2019-03-05 16:36:21 +00:00
Jaeden Amero f921e8fa9f Merge remote-tracking branch 'origin/pr/2387' into mbedtls-2.7
* origin/pr/2387:
  Update change log
  all.sh: Test MBEDTLS_MPI_WINDOW_SIZE=1
  Fix DEADCODE in mbedtls_mpi_exp_mod()
2019-03-05 16:34:12 +00:00
Jaeden Amero b9f12dcfb1 Merge remote-tracking branch 'origin/pr/2255' into mbedtls-2.7
* origin/pr/2255:
  Add a facility to skip running some test suites
  run-test-suites: update the documentation
2019-03-05 16:31:22 +00:00
Jaeden Amero a47f32b9b9 Merge remote-tracking branch 'origin/pr/1976' into mbedtls-2.7
* origin/pr/1976:
  Move ChangeLog entry from Bugfix to Changes section
  Adapt ChangeLog
  Return from debugging functions if SSL context is unset
2019-03-05 16:28:59 +00:00
Jaeden Amero 6ee6f181ff Merge remote-tracking branch 'origin/pr/2435' into mbedtls-2.7
* origin/pr/2435:
  Use certificates from data_files and refer them
  Specify server certificate to use in SHA-1 test
  refactor CA and SRV certificates into separate blocks
  refactor SHA-1 certificate defintions and assignment
  refactor server SHA-1 certificate definition into a new block
  define TEST_SRV_CRT_RSA_SOME in similar logic to TEST_CA_CRT_RSA_SOME
  server SHA-256 certificate now follows the same logic as CA SHA-256 certificate
  add entry to ChangeLog
2019-03-05 16:25:53 +00:00
Hanno Becker 0f1e53f6fe Adapt ChangeLog 2019-03-05 16:23:19 +00:00
Hanno Becker beaf3d0eaa ssl_server2: Fail gracefully if no PEM-encoded CRTs are available 2019-03-05 16:22:55 +00:00
Hanno Becker d6bbf05f7c ssl_server2: Skip CA setup if ca_path or ca_file argument "none"
This allows to test PSK-based ciphersuites via ssl_server2 in builds
which have MBEDTLS_X509_CRT_PARSE_C enabled but both MBEDTLS_FS_IO and
MBEDTLS_CERTS_C disabled.
2019-03-05 16:22:39 +00:00