Merge branch 'mbedtls-1.3' into development

* mbedtls-1.3:
  Mark unused constant as such
  Update ChangeLog for recent external bugfix
  Serious bug fix in entropy.c
  Fix memleak with repeated [gc]cm_setkey()
  fix minor bug in path_cnt checks

Conflicts:
	include/mbedtls/cipher.h
	library/ccm.c
	library/entropy.c
	library/gcm.c
	library/x509_crt.c

ChangeLog

@@ -279,6 +279,8 @@ Features
      ciphersuite/certificate.
 
 Bugfix
+   * Fix bug in entropy.c when THREADING_C is also enabled that caused
+     entropy_free() to crash (found and fixed by ptahpeteh).
    * Stack buffer overflow if ctr_drbg_update() is called with too large
      add_len (found by Jean-Philippe Aumasson) (not triggerable remotely).
    * Possible buffer overflow of length at most POLARSSL_MEMORY_ALIGN_MULTIPLE

library/entropy.c

@@ -94,10 +94,10 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
 #if defined(MBEDTLS_HAVEGE_C)
     mbedtls_havege_free( &ctx->havege_data );
 #endif
-    mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
 #if defined(MBEDTLS_THREADING_C)
     mbedtls_mutex_free( &ctx->mutex );
 #endif
+    mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
 }
 
 int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,

library/x509_crt.c

@@ -1770,7 +1770,7 @@ static int x509_crt_verify_top(
 {
     int ret;
     uint32_t ca_flags = 0;
-    int check_path_cnt = path_cnt + 1;
+    int check_path_cnt;
     unsigned char hash[MBEDTLS_MD_MAX_SIZE];
     const mbedtls_md_info_t *md_info;
 
@@ -1801,8 +1801,10 @@ static int x509_crt_verify_top(
         if( x509_crt_check_parent( child, trust_ca, 1, path_cnt == 0 ) != 0 )
             continue;
 
+        check_path_cnt = path_cnt + 1;
+
         /*
-         * Reduce path_len to check against if top of the chain is
+         * Reduce check_path_cnt to check against if top of the chain is
          * the same as the trusted CA
          */
         if( child->subject_raw.len == trust_ca->subject_raw.len &&