- Merged changes from trunk to PolarSSL 1.1 branch

ChangeLog

@@ -1,5 +1,13 @@
 PolarSSL ChangeLog
 
+= Version 1.1.1 released on 2012-01-23
+Bugfix
+   * Check for failed malloc() in ssl_set_hostname() and x509_get_entries()
+     (Closes ticket #47, found by Hugo Leisink)
+   * Fixed issues with Intel compiler on 64-bit systems (Closes ticket #50)
+   * Fixed multiple compiler warnings for VS6 and armcc
+   * Fixed bug in CTR_CRBG selftest
+
 = Version 1.1.0 released on 2011-12-22
 Features
    * Added ssl_session_reset() to allow better multi-connection pools of

doxygen/input/doc_mainpage.h

@@ -1,10 +1,10 @@
-l/**
+/**
  * @file
  * Main page documentation file.
  */
 
 /**
- * @mainpage PolarSSL v1.1.0 source code documentation
+ * @mainpage PolarSSL v1.1.1 source code documentation
  * 
  * This documentation describes the internal structure of PolarSSL.  It was
  * automatically generated from specially formatted comment blocks in

doxygen/polarssl.doxyfile

@@ -25,7 +25,7 @@ DOXYFILE_ENCODING      = UTF-8
 # The PROJECT_NAME tag is a single word (or a sequence of words surrounded
 # by quotes) that should identify the project.
 
-PROJECT_NAME           = "PolarSSL v1.1.0"
+PROJECT_NAME           = "PolarSSL v1.1.1"
 
 # The PROJECT_NUMBER tag can be used to enter a project or revision number.
 # This could be handy for archiving the generated documentation or

include/polarssl/asn1.h

@@ -212,6 +212,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
  * \param p     The position in the ASN.1 data
  * \param end   End of data
  * \param cur   First variable in the chain to fill
+ * \param tag   Type of sequence
  *
  * \return      0 if successful or a specific ASN.1 error code.
  */

include/polarssl/bignum.h

@@ -30,6 +30,8 @@
 #include <stdio.h>
 #include <string.h>
 
+#include "config.h"
+
 #define POLARSSL_ERR_MPI_FILE_IO_ERROR                     -0x0002  /**< An error occurred while reading from or writing to a file. */
 #define POLARSSL_ERR_MPI_BAD_INPUT_DATA                    -0x0004  /**< Bad input parameters to function. */
 #define POLARSSL_ERR_MPI_INVALID_CHARACTER                 -0x0006  /**< There is an invalid character in the digit string. */
@@ -95,12 +97,14 @@ typedef unsigned long  t_udbl;
   #if defined(_MSC_VER) && defined(_M_IX86)
   typedef unsigned __int64 t_udbl;
   #else
-    #if defined(__amd64__) || defined(__x86_64__)    || \
+    #if defined(__GNUC__) && (                          \
+        defined(__amd64__) || defined(__x86_64__)    || \
         defined(__ppc64__) || defined(__powerpc64__) || \
         defined(__ia64__)  || defined(__alpha__)     || \
         (defined(__sparc__) && defined(__arch64__))  || \
-        defined(__s390x__)
+        defined(__s390x__) )
     typedef unsigned int t_udbl __attribute__((mode(TI)));
+    #define POLARSSL_HAVE_LONGLONG
     #else
       #if defined(POLARSSL_HAVE_LONGLONG)
       typedef unsigned long long t_udbl;

include/polarssl/bn_mul.h

@@ -41,7 +41,7 @@
 #ifndef POLARSSL_BN_MUL_H
 #define POLARSSL_BN_MUL_H
 
-#include "config.h"
+#include "bignum.h"
 
 #if defined(POLARSSL_HAVE_ASM)
 

include/polarssl/error.h

@@ -72,8 +72,8 @@
  * X509     2   21
  * DHM      3   6
  * RSA      4   9
- * MD       5   1
- * CIPER    6   1
+ * MD       5   4
+ * CIPHER   6   5
  * SSL      7   30
  *
  * Module dependent error code (5 bits 0x.08.-0x.F8.)

include/polarssl/md.h

@@ -42,8 +42,7 @@
 #define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE                -0x5080  /**< The selected feature is not available. */
 #define POLARSSL_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
 #define POLARSSL_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
-#define POLARSSL_ERR_MD_FILE_OPEN_FAILED                   -0x5200  /**< Opening of file failed. */
-#define POLARSSL_ERR_MD_FILE_READ_FAILED                   -0x5280  /**< Failure when reading from file. */
+#define POLARSSL_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
 
 typedef enum {
     POLARSSL_MD_NONE=0,

include/polarssl/ssl.h

@@ -562,7 +562,7 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx );
  * \param ssl      SSL context
  * \param hostname the server hostname
  *
- * \return         0 if successful
+ * \return         0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED
  */
 int ssl_set_hostname( ssl_context *ssl, const char *hostname );
 

include/polarssl/version.h

@@ -39,16 +39,16 @@
  */
 #define POLARSSL_VERSION_MAJOR  1
 #define POLARSSL_VERSION_MINOR  1
-#define POLARSSL_VERSION_PATCH  0
+#define POLARSSL_VERSION_PATCH  1
 
 /**
  * The single version number has the following structure:
  *    MMNNPP00
  *    Major version | Minor version | Patch version
  */
-#define POLARSSL_VERSION_NUMBER         0x01010000
-#define POLARSSL_VERSION_STRING         "1.1.0"
-#define POLARSSL_VERSION_STRING_FULL    "PolarSSL 1.1.0"
+#define POLARSSL_VERSION_NUMBER         0x01010100
+#define POLARSSL_VERSION_STRING         "1.1.1"
+#define POLARSSL_VERSION_STRING_FULL    "PolarSSL 1.1.1"
 
 #if defined(POLARSSL_VERSION_C)
 

library/CMakeLists.txt

@@ -47,7 +47,7 @@ add_library(polarssl STATIC ${src})
 else(NOT USE_SHARED_POLARSSL_LIBRARY)
 
 add_library(polarssl SHARED ${src})
-set_target_properties(polarssl PROPERTIES VERSION 1.1.0 SOVERSION 1)
+set_target_properties(polarssl PROPERTIES VERSION 1.1.1 SOVERSION 1)
 
 endif(NOT USE_SHARED_POLARSSL_LIBRARY)
 

library/cipher.c

@@ -94,7 +94,7 @@ const int *cipher_list( void )
     return supported_ciphers;
 }
 
-const cipher_info_t *cipher_info_from_type( cipher_type_t cipher_type )
+const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type )
 {
     /* Find static cipher information */
     switch ( cipher_type )
@@ -433,11 +433,10 @@ static void add_pkcs_padding( unsigned char *output, size_t output_len,
         output[data_len + i] = (unsigned char) padding_len;
 }
 
-static int get_pkcs_padding( unsigned char *input, unsigned char input_len,
+static int get_pkcs_padding( unsigned char *input, unsigned int input_len,
         size_t *data_len)
 {
-    int i = 0;
-    unsigned char padding_len = 0;
+    unsigned int i, padding_len = 0;
 
     if( NULL == input || NULL == data_len )
         return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;

library/ctr_drbg.c

@@ -470,7 +470,7 @@ int ctr_drbg_self_test( int verbose )
         printf( "  CTR_DRBG (PR = TRUE) : " );
 
     test_offset = 0;
-    if( ctr_drbg_init( &ctx, ctr_drbg_self_test_entropy, entropy_source_pr, nonce_pers_pr, 16 ) != 0 )
+    if( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, entropy_source_pr, nonce_pers_pr, 16, 32 ) != 0 )
     {
         if( verbose != 0 )
             printf( "failed\n" );
@@ -513,7 +513,7 @@ int ctr_drbg_self_test( int verbose )
         printf( "  CTR_DRBG (PR = FALSE): " );
 
     test_offset = 0;
-    if( ctr_drbg_init( &ctx, ctr_drbg_self_test_entropy, entropy_source_nopr, nonce_pers_nopr, 16 ) != 0 )
+    if( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, entropy_source_nopr, nonce_pers_nopr, 16, 32 ) != 0 )
     {
         if( verbose != 0 )
             printf( "failed\n" );

library/error.c

@@ -177,10 +177,8 @@ void error_strerror( int ret, char *buf, size_t buflen )
             snprintf( buf, buflen, "MD - Bad input parameters to function" );
         if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) )
             snprintf( buf, buflen, "MD - Failed to allocate memory" );
-        if( use_ret == -(POLARSSL_ERR_MD_FILE_OPEN_FAILED) )
-            snprintf( buf, buflen, "MD - Opening of file failed" );
-        if( use_ret == -(POLARSSL_ERR_MD_FILE_READ_FAILED) )
-            snprintf( buf, buflen, "MD - Failure when reading from file" );
+        if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) )
+            snprintf( buf, buflen, "MD - Opening or reading of file failed" );
 #endif /* POLARSSL_MD_C */
 
 #if defined(POLARSSL_PEM_C)

library/md.c

@@ -222,19 +222,19 @@ int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
 
 int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
 {
+#if defined(POLARSSL_FS_IO)
     int ret;
+#endif
 
     if( md_info == NULL )
         return POLARSSL_ERR_MD_BAD_INPUT_DATA;
 
 #if defined(POLARSSL_FS_IO)
     ret = md_info->file_func( path, output );
-    if( ret == 2 )
-        return POLARSSL_ERR_MD_FILE_OPEN_FAILED;
-    if( ret == 3 )
-        return POLARSSL_ERR_MD_FILE_READ_FAILED;
+    if( ret != 0 )
+        return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
 
-    return ret;
+    return( ret );
 #else
     ((void) path);
     ((void) output);

library/rsa.c

@@ -362,7 +362,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
                        const unsigned char *input,
                        unsigned char *output )
 {
-    size_t nb_pad, olen, ret;
+    size_t nb_pad, olen;
+    int ret;
     unsigned char *p = output;
 #if defined(POLARSSL_PKCS1_V21)
     unsigned int hlen;
@@ -592,7 +593,8 @@ int rsa_pkcs1_sign( rsa_context *ctx,
     unsigned char *p = sig;
 #if defined(POLARSSL_PKCS1_V21)
     unsigned char salt[POLARSSL_MD_MAX_SIZE];
-    unsigned int slen, hlen, offset = 0, ret;
+    unsigned int slen, hlen, offset = 0;
+    int ret;
     size_t msb;
     const md_info_t *md_info;
     md_context_t md_ctx;

library/ssl_cli.c

@@ -178,7 +178,9 @@ static int ssl_write_client_hello( ssl_context *ssl )
 
 static int ssl_parse_server_hello( ssl_context *ssl )
 {
+#if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C)
     time_t t;
+#endif
     int ret, i;
     size_t n;
     int ext_len;
@@ -226,10 +228,12 @@ static int ssl_parse_server_hello( ssl_context *ssl )
 
     ssl->minor_ver = buf[5];
 
+#if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C)
     t = ( (time_t) buf[6] << 24 )
       | ( (time_t) buf[7] << 16 )
       | ( (time_t) buf[8] <<  8 )
       | ( (time_t) buf[9]       );
+#endif
 
     memcpy( ssl->randbytes + 32, buf + 6, 32 );
 

library/ssl_tls.c

@@ -1913,6 +1913,9 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
     ssl->hostname_len = strlen( hostname );
     ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 );
 
+    if( ssl->hostname == NULL )
+        return( POLARSSL_ERR_SSL_MALLOC_FAILED );
+
     memcpy( ssl->hostname, (unsigned char *) hostname,
             ssl->hostname_len );
     

library/x509parse.c

@@ -968,6 +968,10 @@ static int x509_get_entries( unsigned char **p,
         if ( *p < end )
         {
             cur_entry->next = malloc( sizeof( x509_crl_entry ) );
+
+            if( cur_entry->next == NULL )
+                return( POLARSSL_ERR_X509_MALLOC_FAILED );
+
             cur_entry = cur_entry->next;
             memset( cur_entry, 0, sizeof( x509_crl_entry ) );
         }

programs/pkey/rsa_sign.c

@@ -37,7 +37,7 @@
 
 #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) ||  \
     !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO)
-int 5ain( int argc, char *argv[] )
+int main( int argc, char *argv[] )
 {
     ((void) argc);
     ((void) argv);

tests/suites/test_suite_version.data

@@ -1,5 +1,5 @@
 Check compiletime library version
-check_compiletime_version:"1.1.0"
+check_compiletime_version:"1.1.1"
 
 Check runtime library version
-check_runtime_version:"1.1.0"
+check_runtime_version:"1.1.1"