yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:25:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix multiple quality issues in the source

Browse Source 
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
 * incorrect file permissions
 * missing newline at the end of files
 * trailing whitespace
 * Tabs present
 * TODOs in the souce code
This commit is contained in:
Simon Butcher 2018-06-08 11:14:43 +01:00
parent ad11e65448
commit bb5e1c3973
25 changed files with 65 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ChangeLog
View File

@ -1676,7 +1676,7 @@ Features
issuer_key_identifier, etc) issuer_key_identifier, etc)
* Optional blinding for RSA, DHM and EC * Optional blinding for RSA, DHM and EC
* Support for multiple active certificate / key pairs in SSL servers for * Support for multiple active certificate / key pairs in SSL servers for
the same host (Not to be confused with SNI!) the same host (Not to be confused with SNI!)
Changes Changes
* Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 * Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2
@ -1907,7 +1907,7 @@ Changes
PKCS#8 private key formats PKCS#8 private key formats
* Added mechanism to provide alternative implementations for all * Added mechanism to provide alternative implementations for all
symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in
config.h) config.h)
* PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated * PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module old PBKDF2 module
@ -1919,7 +1919,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly * ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM instead of the x509parse_crt() wrapper that can also parse PEM
certificates certificates
* x509parse_crtpath() is now reentrant and uses more portable stat() * x509parse_crtpath() is now reentrant and uses more portable stat()
* Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler * Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
@ -2077,7 +2077,7 @@ Bugfix
* mpi_exp_mod() now correctly handles negative base numbers (Closes ticket * mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
#52) #52)
* Handle encryption with private key and decryption with public key as per * Handle encryption with private key and decryption with public key as per
RFC 2313 RFC 2313
* Handle empty certificate subject names * Handle empty certificate subject names
* Prevent reading over buffer boundaries on X509 certificate parsing * Prevent reading over buffer boundaries on X509 certificate parsing
* mpi_add_abs() now correctly handles adding short numbers to long numbers * mpi_add_abs() now correctly handles adding short numbers to long numbers
@ -2108,7 +2108,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations * x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly * ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM instead of the x509parse_crt() wrapper that can also parse PEM
certificates certificates
* Fixed values for 2-key Triple DES in cipher layer * Fixed values for 2-key Triple DES in cipher layer
* ssl_write_certificate_request() can handle empty ca_chain * ssl_write_certificate_request() can handle empty ca_chain
@ -2189,16 +2189,16 @@ Bugfix
Features Features
* Added ssl_session_reset() to allow better multi-connection pools of * Added ssl_session_reset() to allow better multi-connection pools of
SSL contexts without needing to set all non-connection-specific SSL contexts without needing to set all non-connection-specific
data and pointers again. Adapted ssl_server to use this functionality. data and pointers again. Adapted ssl_server to use this functionality.
* Added ssl_set_max_version() to allow clients to offer a lower maximum * Added ssl_set_max_version() to allow clients to offer a lower maximum
supported version to a server to help buggy server implementations. supported version to a server to help buggy server implementations.
(Closes ticket #36) (Closes ticket #36)
* Added cipher_get_cipher_mode() and cipher_get_cipher_operation() * Added cipher_get_cipher_mode() and cipher_get_cipher_operation()
introspection functions (Closes ticket #40) introspection functions (Closes ticket #40)
* Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator * Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
* Added a generic entropy accumulator that provides support for adding * Added a generic entropy accumulator that provides support for adding
custom entropy sources and added some generic and platform dependent custom entropy sources and added some generic and platform dependent
entropy sources entropy sources
Changes Changes
* Documentation for AES and Camellia in modes CTR and CFB128 clarified. * Documentation for AES and Camellia in modes CTR and CFB128 clarified.
@ -2331,7 +2331,7 @@ Bugfixes
* Corrected parsing of UTCTime dates before 1990 and * Corrected parsing of UTCTime dates before 1990 and
after 1950 after 1950
* Support more exotic OID's when parsing certificates * Support more exotic OID's when parsing certificates
(found by Mads Kiilerich) (found by Mads Kiilerich)
* Support more exotic name representations when parsing * Support more exotic name representations when parsing
certificates (found by Mads Kiilerich) certificates (found by Mads Kiilerich)
* Replaced the expired test certificates * Replaced the expired test certificates
@ -2361,7 +2361,7 @@ Note: Most of these features have been donated by Fox-IT
status, objects and configuration status, objects and configuration
+ Added verification callback on certificate chain + Added verification callback on certificate chain
verification to allow external blacklisting verification to allow external blacklisting
+ Additional example programs to show usage + Additional example programs to show usage
* Added support for PKCS#11 through the use of the * Added support for PKCS#11 through the use of the
libpkcs11-helper library libpkcs11-helper library

2
include/mbedtls/ssl.h Executable file → Normal file
View File

@ -1834,7 +1834,7 @@ void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
* *
* \param ssl SSL context * \param ssl SSL context
* \param hostname the server hostname, may be NULL to clear hostname * \param hostname the server hostname, may be NULL to clear hostname
*
* \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN. * \note Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
* *
* \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on * \return 0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on

1
library/asn1write.c
View File

@ -232,7 +232,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
int ret; int ret;
size_t len = 0; size_t len = 0;
// TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit // DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers. // should be 0 for positive numbers and 1 for negative numbers.
// //

35
library/ssl_tls.c
View File

@ -6916,41 +6916,6 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
} }
} }
/*
* TODO
*
* The logic should be streamlined here:
*
* Instead of
*
* - Manually checking whether ssl->in_offt is NULL
* - Fetching a new record if yes
* - Setting ssl->in_offt if one finds an application record
* - Resetting keep_current_message after handling the application data
*
* one should
*
* - Adapt read_record to set ssl->in_offt automatically
* when a new application data record is processed.
* - Always call mbedtls_ssl_read_record here.
*
* This way, the logic of ssl_read would be much clearer:
*
* (1) Always call record layer and see what kind of record is on
* and have it ready for consumption (in particular, in_offt
* properly set for application data records).
* (2) If it's application data (either freshly fetched
* or something already being partially processed),
* serve the read request from it.
* (3) If it's something different from application data,
* handle it accordingly, e.g. potentially start a
* renegotiation.
*
* This will also remove the need to manually reset
* ssl->keep_current_message = 0 below.
*
*/
if( ssl->in_offt == NULL ) if( ssl->in_offt == NULL )
{ {
/* Start timer if not already running */ /* Start timer if not already running */

1
tests/suites/test_suite_ssl.function
View File

@ -53,3 +53,4 @@ void ssl_set_hostname_twice( char *hostname0, char *hostname1 )
mbedtls_ssl_free( &ssl ); mbedtls_ssl_free( &ssl );
} }
/* END_CASE */ /* END_CASE */

8
yotta/data/example-authcrypt/README.md
View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

8
yotta/data/example-benchmark/README.md
View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

8
yotta/data/example-hashing/README.md
View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.

8
yotta/data/example-selftest/README.md
View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F. 6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings: Use the following settings:
* 115200 baud (not 9600). * 115200 baud (not 9600).
* 8N1. * 8N1.
* No flow control. * No flow control.
7. Press the Reset button on the board. 7. Press the Reset button on the board.