From bc07c3a1f0403ea65a5c4f52583569c82385dc07 Mon Sep 17 00:00:00 2001
From: Nicholas Wilson <nicholas.wilson@realvnc.com>
Date: Wed, 13 May 2015 10:40:30 +0100
Subject: [PATCH 1/5] fix minor bug in path_cnt checks

If the top certificate occurs twice in trust_ca (for example) it would
not be good for the second instance to be checked with check_path_cnt
reduced twice!
---
 library/x509_crt.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index fe9e552d2..b94f21322 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1771,7 +1771,7 @@ static int x509_crt_verify_top(
                 void *p_vrfy )
 {
     int ret;
-    int ca_flags = 0, check_path_cnt = path_cnt + 1;
+    int ca_flags = 0, check_path_cnt;
     unsigned char hash[POLARSSL_MD_MAX_SIZE];
     const md_info_t *md_info;
 
@@ -1802,8 +1802,10 @@ static int x509_crt_verify_top(
         if( x509_crt_check_parent( child, trust_ca, 1, path_cnt == 0 ) != 0 )
             continue;
 
+        check_path_cnt = path_cnt + 1;
+
         /*
-         * Reduce path_len to check against if top of the chain is
+         * Reduce check_path_cnt to check against if top of the chain is
          * the same as the trusted CA
          */
         if( child->subject_raw.len == trust_ca->subject_raw.len &&

From 61977614d84c7b4d6aeaecaa003977472d4114db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Wed, 27 May 2015 17:38:50 +0200
Subject: [PATCH 2/5] Fix memleak with repeated [gc]cm_setkey()

---
 ChangeLog     | 2 ++
 library/ccm.c | 2 ++
 library/gcm.c | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index d44463f47..160c0fb41 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -35,6 +35,8 @@ Features
      errors on use of deprecated functions.
 
 Bugfix
+   * Fix memory leak when gcm_setkey() and ccm_setkey() are used more than
+     once on the same context.
    * Fix bug in ssl_mail_client when password is longer that username (found
      by Bruno Pape).
    * Fix undefined behaviour (memcmp( NULL, NULL, 0 );) in X.509 modules
diff --git a/library/ccm.c b/library/ccm.c
index 87f1886bd..e397e0a42 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -78,6 +78,8 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
     if( cipher_info->block_size != 16 )
         return( POLARSSL_ERR_CCM_BAD_INPUT );
 
+    cipher_free( &ctx->cipher_ctx );
+
     if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
         return( ret );
 
diff --git a/library/gcm.c b/library/gcm.c
index f4f735b6f..b537b0205 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -168,6 +168,8 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
     if( cipher_info->block_size != 16 )
         return( POLARSSL_ERR_GCM_BAD_INPUT );
 
+    cipher_free( &ctx->cipher_ctx );
+
     if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
         return( ret );
 

From 638fa0bb0f0b061f259f8ec49dd75993c9c17a97 Mon Sep 17 00:00:00 2001
From: ptahpeteh <ptah.peteh@gmail.com>
Date: Mon, 1 Jun 2015 12:28:29 +0200
Subject: [PATCH 3/5] Serious bug fix in entropy.c

Bug: mutex access within entropy_contex after it has been zeroed leads to app crash.
---
 library/entropy.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/entropy.c b/library/entropy.c
index c90c7e462..540a27c57 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -94,10 +94,10 @@ void entropy_free( entropy_context *ctx )
 #if defined(POLARSSL_HAVEGE_C)
     havege_free( &ctx->havege_data );
 #endif
-    polarssl_zeroize( ctx, sizeof( entropy_context ) );
 #if defined(POLARSSL_THREADING_C)
     polarssl_mutex_free( &ctx->mutex );
 #endif
+    polarssl_zeroize( ctx, sizeof( entropy_context ) );
 }
 
 int entropy_add_source( entropy_context *ctx,

From 5866848092ae813f569633ae6a569a19b29c93a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 2 Jun 2015 09:08:35 +0100
Subject: [PATCH 4/5] Update ChangeLog for recent external bugfix

---
 ChangeLog | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 160c0fb41..18876e5a2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -127,6 +127,8 @@ Features
      ciphersuite/certificate.
 
 Bugfix
+   * Fix bug in entropy.c when THREADING_C is also enabled that caused
+     entropy_free() to crash (found and fixed by ptahpeteh).
    * Stack buffer overflow if ctr_drbg_update() is called with too large
      add_len (found by Jean-Philippe Aumasson) (not triggerable remotely).
    * Possible buffer overflow of length at most POLARSSL_MEMORY_ALIGN_MULTIPLE

From 6ca762495254e88f59713421d18c55b691bf6a60 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 2 Jun 2015 09:55:32 +0100
Subject: [PATCH 5/5] Mark unused constant as such

---
 include/polarssl/cipher.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index ef8d2811f..00c42c1d4 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -74,7 +74,7 @@ typedef enum {
     POLARSSL_CIPHER_ID_NULL,
     POLARSSL_CIPHER_ID_AES,
     POLARSSL_CIPHER_ID_DES,
-    POLARSSL_CIPHER_ID_3DES,
+    POLARSSL_CIPHER_ID_3DES, /* Unused! */
     POLARSSL_CIPHER_ID_CAMELLIA,
     POLARSSL_CIPHER_ID_BLOWFISH,
     POLARSSL_CIPHER_ID_ARC4,