Commit Graph

1016 Commits

Author SHA1 Message Date
Jaeden Amero
d3841737e9 Merge remote-tracking branch 'origin/pr/2356' into mbedtls-2.7 2019-01-30 14:55:35 +00:00
Hanno Becker
6950ebb31f Document psk_list parameter of ssl_server2 example program 2019-01-14 09:27:04 +00:00
Masashi Honma
4a47112834 Remove duplicate #include
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-09 15:38:37 +00:00
Jaeden Amero
b85e35d8d2 Merge remote-tracking branch 'upstream-public/pr/2102' into mbedtls-2.7 2018-12-07 16:15:46 +00:00
Hanno Becker
dc631fb87e Add explicit integer to enumeration casts to programs/pkey/gen_key.c
Fixes #2170.
2018-11-06 13:36:19 +00:00
Simon Butcher
5a15fa3cdc Merge remote-tracking branch 'public/pr/2096' into mbedtls-2.7-proposed 2018-11-04 18:48:46 +00:00
Simon Butcher
fa8c974329 Merge remote-tracking branch 'public/pr/2115' into mbedtls-2.7-proposed 2018-11-04 18:42:47 +00:00
Simon Butcher
80544a1fc2 Merge remote-tracking branch 'public/pr/2057' into mbedtls-2.7-proposed 2018-10-28 17:23:49 +00:00
Simon Butcher
50f03ce4fb Merge remote-tracking branch 'public/pr/2071' into mbedtls-2.7-proposed 2018-10-28 16:55:12 +00:00
Simon Butcher
437f96e3a4 Add a macro to define the memory size in ssl_server2.c
When MBEDTLS_MEMORY_BUFFER_ALLOC_C was defined, the sample ssl_server2.c was
using its own memory buffer for memory allocated by the library. The memory
used wasn't obvious, so this adds a macro for the memory buffer allocated to
make the allocated memory size more obvious and hence easier to configure.
2018-10-18 10:08:56 +01:00
Simon Butcher
35007df398 Increase the memory buffer size for ssl_server2.c
Newer features in the library have increased the overall RAM usage of the
library, when all features are enabled. ssl_server2.c, with all features enabled
was running out of memory for the ssl-opt.sh test 'Authentication: client
max_int chain, server required'.

This commit increases the memory buffer allocation for ssl_server2.c to allow
the test to work with all features enabled.
2018-10-18 10:08:53 +01:00
Hanno Becker
3a3f1aa1a6 Add dependency of key_app_writer example program on PK parse module 2018-10-16 13:54:04 +01:00
Hanno Becker
9a1a151a1a Zeroize sensitive data in aescrypt2 and crypt_and_hash examples
This commit replaces multiple `memset()` calls in the example
programs aes/aescrypt2.c and aes/crypt_and_hash.c by calls to
the reliable zeroization function `mbedtls_zeroize()`.

While not a security issue because the code is in the example
programs, it's bad practice and should be fixed.
2018-10-15 13:26:37 +01:00
Hanno Becker
f690ffa53c Fix ordering of free()ing of internal structures in ssl_server2
If `MBEDTLS_MEMORY_BUFFER_ALLOC_C` is configured and Mbed TLS'
custom buffer allocator is used for calloc() and free(), the
read buffer used by the server example application is allocated
from the buffer allocator, but freed after the buffer allocator
has been destroyed. If memory backtracing is enabled, this leaves
a memory leak in the backtracing structure allocated for the buffer,
as found by valgrind.

Fixes #2069.
2018-10-09 12:45:46 +01:00
Hanno Becker
294e584e5e Fix memory leak and freeing without initialization in cert_write
* The variables `csr` and `issuer_crt` are initialized but not freed.
* The variable `entropy` is unconditionally freed in the cleanup section
  but there's a conditional jump to that section before its initialization.
  This cmmot Moves it to the other initializations happening before the
  first conditional jump to the cleanup section.

Fixes #1422.
2018-10-05 09:55:13 +01:00
Simon Butcher
5c0204ef62 Change the default IP addresses for DTLS samples
Changes the IP address to bind to for dtls_server.c to be "::" or optionally
"0.0.0.0" if the preprocessor symbol FORCE_IPV4 is defined.

Also changes the destinaton IP address for dtls_client.c to be "::1" or if
FORCE_IPV4 symbol is defined "127.0.0.1".

This change allows on compilation dtls_server.c and dtls_client.c to both be
compiled to use either IPv4 or IPv6 so out of the box they will work together
without problem, and to avoid dtls_server.c binding to IPv6 and dtls_client.c
binding to IPv4.
2018-09-30 16:03:48 +01:00
Andrzej Kurek
3d5cd4ec0a Remove trailing whitespace 2018-09-26 22:53:13 +01:00
Andrzej Kurek
216b40de9b ssl_server2: add buffer overhead for a termination character
Switch to mbedtls style of memory allocation
2018-09-26 22:53:12 +01:00
Andrzej Kurek
557335e56d Added buffer_size and response_size options for ssl-server2.
Added appropriate tests.
2018-09-26 22:53:12 +01:00
Simon Butcher
9863afc5e2 Merge remote-tracking branch 'public/pr/1899' into mbedtls-2.7 2018-09-26 22:00:02 +01:00
Simon Butcher
fbd0ccc0f0 Merge remote-tracking branch 'public/pr/1978' into mbedtls-2.7 2018-08-28 12:32:21 +01:00
Hanno Becker
063c50df8a pk_encrypt: Uniformize debugging output 2018-08-23 15:57:15 +01:00
Hanno Becker
45d006a9cc Fix typos in programs/x509/cert_write.c
Fixes #1922.
2018-08-23 15:27:21 +01:00
Hanno Becker
6953ac2dbe Minor formatting improvements in pk_encrypt and pk_decrypt examples 2018-08-23 15:14:52 +01:00
Hanno Becker
a82a6e126d Correct memory leak in pk_decrypt example program 2018-08-23 15:14:50 +01:00
Hanno Becker
20fce25f28 Correct memory-leak in pk_encrypt example program 2018-08-23 15:14:50 +01:00
Mohammad Azim Khan
7e84affb45 Fix Wformat-overflow warning in ssl_mail_client.c
sprintf( (char *) buf, "%s\r\n", base );
 Above code generates Wformat-overflow warning since both buf and base
are of same size. buf should be sizeof( base ) + characters added in
the format. In this case format 2 bytes for "\r\n".
2018-08-16 14:34:15 +01:00
Ron Eldor
f19a7ab45d Fix hmac_drbg failure in benchmark, with threading
Remove redunadnat calls to `hmac_drbg_free()` between seeding operations,
which make the mutex invalid. Fixes #1095
2018-07-30 11:13:18 +03:00
Simon Butcher
1bb41e5d04 Merge remote-tracking branch 'public/pr/1800' into mbedtls-2.7 2018-07-24 13:30:40 +01:00
Simon Butcher
d5a3ed36b8 Merge remote-tracking branch 'public/pr/1863' into mbedtls-2.7 2018-07-24 12:57:15 +01:00
Andres Amaya Garcia
46a6d5cbe5 Fix ssl_client2 to send 0-length app data 2018-07-16 20:14:45 +01:00
Andres Amaya Garcia
808a09ca85 Remove redundant ret = 1 in dh_client.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
cfb61b33cf Add missing platform macro defines in cert_app.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
9f92a805e9 Add missing platform macro defines in pk_decrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
2b0599bc91 Fix typo in platform macro defines for examples 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
0dcc6a9f7d Fix ret code in gen_random_havege.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
053e1cd7ab Fix ret code in rsa_encrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
156099b76f Fix ret code in rsa_decrypt.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
8ec767c042 Fix ret code in cert_app.c 2018-07-10 17:34:25 +01:00
Andres Amaya Garcia
77d2de223c Fix ret code in generic_sum.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
2702000d2c Fix ret code in pk_verify.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
a5236b1dd3 Fix ret code in pk_sign.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
a0ea01d273 Fix ret code in pk_encrypt.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
141b4f4526 Fix ret code in pk_encrypt.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
81982c84d4 Fix ret code in ecdh_curve25519.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
c899c464f6 Fix ret code in mpi_demo.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
6118adab09 Fix ret code in pem2der.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
73081c3e2f Fix ret code in ssl_cert_test.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
01e3d21350 Fix ret code in udp_proxy.c 2018-07-10 17:34:24 +01:00
Andres Amaya Garcia
12ab7a6884 Fix ret code in req_app.c 2018-07-10 17:34:24 +01:00