mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-02 15:34:15 +01:00
Backport 1.3: check if iv is zero in gcm.
1) found by roberto in mbedtls forum 2) if iv_len is zero, return an error 3) add tests for invalid parameters
This commit is contained in:
parent
88252333e2
commit
b34be244e6
34
ChangeLog
34
ChangeLog
@ -2,6 +2,22 @@ mbed TLS ChangeLog (Sorted per branch, date)
|
|||||||
|
|
||||||
= mbed TLS 1.3.21 branch released xxxx-xx-xx
|
= mbed TLS 1.3.21 branch released xxxx-xx-xx
|
||||||
|
|
||||||
|
Security
|
||||||
|
* Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
|
||||||
|
ssl_get_verify_result() would incorrectly return 0 when the peer's
|
||||||
|
X.509 certificate chain had more than POLARSSL_X509_MAX_INTERMEDIATE_CA
|
||||||
|
(default: 8) intermediates, even when it was not trusted. Could be
|
||||||
|
triggered remotely on both sides. (With auth_mode set to required
|
||||||
|
(default), the handshake was correctly aborted.)
|
||||||
|
|
||||||
|
API Changes
|
||||||
|
* Certificate verification functions now set flags to -1 in case the full
|
||||||
|
chain was not verified due to an internal error (including in the verify
|
||||||
|
callback) or chain length limitations.
|
||||||
|
* With authmode set to optional, handshake is now aborted if the
|
||||||
|
verification of the peer's certificate failed due to an overlong chain or
|
||||||
|
a fatal error in the vrfy callback.
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Add a check if iv_len is zero, and return an error if it is zero. reported
|
* Add a check if iv_len is zero, and return an error if it is zero. reported
|
||||||
by roberto. #716
|
by roberto. #716
|
||||||
@ -25,23 +41,7 @@ Bugfix
|
|||||||
to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
|
to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
|
||||||
KNOX Security, Samsung Research America
|
KNOX Security, Samsung Research America
|
||||||
|
|
||||||
Security
|
= mbed TLS 1.3.20 branch released 2017-06-21
|
||||||
* Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
|
|
||||||
ssl_get_verify_result() would incorrectly return 0 when the peer's
|
|
||||||
X.509 certificate chain had more than POLARSSL_X509_MAX_INTERMEDIATE_CA
|
|
||||||
(default: 8) intermediates, even when it was not trusted. Could be
|
|
||||||
triggered remotely on both sides. (With auth_mode set to required
|
|
||||||
(default), the handshake was correctly aborted.)
|
|
||||||
|
|
||||||
API Changes
|
|
||||||
* Certificate verification functions now set flags to -1 in case the full
|
|
||||||
chain was not verified due to an internal error (including in the verify
|
|
||||||
callback) or chain length limitations.
|
|
||||||
* With authmode set to optional, handshake is now aborted if the
|
|
||||||
verification of the peer's certificate failed due to an overlong chain or
|
|
||||||
a fatal error in the vrfy callback.
|
|
||||||
|
|
||||||
= mbed TLS 1.3.20 released 2017-06-21
|
|
||||||
|
|
||||||
Security
|
Security
|
||||||
* Fixed unlimited overread of heap-based buffer in ssl_read().
|
* Fixed unlimited overread of heap-based buffer in ssl_read().
|
||||||
|
Loading…
Reference in New Issue
Block a user