Manuel Pégourié-Gonnard
1afde77a3f
Merge branch 'polarssl-1.2' into polarssl-1.2-restricted
...
* polarssl-1.2:
Use own implementation of strsep()
Add Changelog entries for this branch
Use symbolic constants in test data
Fixed pathlen contraint enforcement.
Additional corner cases for testing pathlen constrains
Added test case for pathlen constrains in intermediate certificates
2015-11-02 06:58:09 +09:00
Manuel Pégourié-Gonnard
4dd43ae647
Use own implementation of strsep()
2015-11-02 06:52:52 +09:00
Manuel Pégourié-Gonnard
018063477b
Add Changelog entries for this branch
2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard
7a4d9a5b92
Use symbolic constants in test data
2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard
e51f47c78b
Fixed pathlen contraint enforcement.
...
backport of 92ac059
2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard
ab003740b4
Additional corner cases for testing pathlen constrains
...
backport of 3d98a7e
2015-11-02 06:10:24 +09:00
Manuel Pégourié-Gonnard
03ae1bc3f2
Added test case for pathlen constrains in intermediate certificates
2015-11-02 06:09:57 +09:00
Manuel Pégourié-Gonnard
f2256ebd43
Merge branch 'polarssl-1.2' into polarssl-1.2-restricted
...
* polarssl-1.2:
Disable reportedly broken assembly of Sparc(64)
2015-10-30 10:18:25 +01:00
Manuel Pégourié-Gonnard
31e095ef00
Disable reportedly broken assembly of Sparc(64)
...
fixes #292
2015-10-27 15:14:35 +01:00
Manuel Pégourié-Gonnard
5388eea449
Fix potential buffer overflow in asn1write
...
Ref: IOTSSL-519
2015-10-27 11:39:32 +01:00
Manuel Pégourié-Gonnard
80e6cffcad
Fix potential heap corruption on Windows
...
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
Ref: IOTSSL-518
backport of 261faed725
2015-10-27 11:30:31 +01:00
Manuel Pégourié-Gonnard
69994584c7
Fix typo in documenation
2015-10-20 09:38:39 +02:00
Simon Butcher
66aa1a3088
Corrected misleading fn description in ssl_cache.h
...
Mistake in comments spotted by Andris Mednis
2015-10-19 19:39:46 +01:00
Manuel Pégourié-Gonnard
305722fa12
Bump version to 1.2.17
2015-10-05 19:14:51 +01:00
Simon Butcher
697b37a365
Merge branch 'polarssl-1.2-restricted' of ssh://github.com/ARMmbed/mbedtls-restricted into polarssl-1.2-restricted
2015-10-05 17:34:36 +01:00
Simon Butcher
8b846b8804
Added CVE code to ChangeLog
2015-10-05 17:34:19 +01:00
Manuel Pégourié-Gonnard
01978bfe63
Merge branch 'polarssl-1.2' into polarssl-1.2-restricted
...
* polarssl-1.2:
Fix spurious #endif from previous cherry-pick
Fix macroization of inline in C++
Add missing warning in doc
Fix compile error in net.c with musl libc
2015-10-05 17:31:05 +01:00
Simon Butcher
ac4461f783
Changed attribution for Guido Vranken
2015-10-05 17:26:53 +01:00
Simon Butcher
c047c74b95
Merge of multiple security fixes
2015-10-05 17:18:59 +01:00
Manuel Pégourié-Gonnard
42571ddb4e
Fix references to non-standard SIZE_T_MAX
...
Turns out C99 doesn't define SIZE_T_MAX, so let's not use it.
2015-10-05 15:31:53 +01:00
Manuel Pégourié-Gonnard
cfd1ba9f7c
Fix spurious #endif from previous cherry-pick
2015-10-05 14:57:55 +01:00
Manuel Pégourié-Gonnard
0123405f32
Fix macroization of inline in C++
...
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 14:37:00 +01:00
Manuel Pégourié-Gonnard
021a11500f
Add missing warning in doc
...
Found by Nicholas Wilson
fixes #288
2015-10-05 14:34:46 +01:00
Manuel Pégourié-Gonnard
27840e0d43
Fix compile error in net.c with musl libc
...
fixes #278
2015-10-05 14:32:43 +01:00
Manuel Pégourié-Gonnard
d64f1ad98b
Fix potential overflow in CertificateRequest
2015-10-02 12:36:02 +02:00
Manuel Pégourié-Gonnard
65d6a97e65
Add ChangeLog entry
2015-10-02 10:09:53 +02:00
Manuel Pégourié-Gonnard
9a656a0aaa
Fix typos in ChangeLog
2015-10-01 18:19:14 +02:00
Manuel Pégourié-Gonnard
e4e4be77be
Fix potential overflow in base64_encode
2015-10-01 18:10:17 +02:00
Manuel Pégourié-Gonnard
b73ce45b3f
Fix potential random malloc in pem_read()
2015-10-01 17:00:22 +02:00
Manuel Pégourié-Gonnard
9b75305d6a
Fix potential buffer overflow in mpi_read_string()
...
Found by Guido Vranken.
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.
Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).
Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-10-01 16:59:55 +02:00
Manuel Pégourié-Gonnard
73011bba95
Fix stack buffer overflow in pkcs12
2015-10-01 16:57:47 +02:00
Simon Butcher
13ca8951f9
Added max length checking of hostname
2015-09-30 00:45:21 +01:00
Simon Butcher
2cf9696785
Refined credits in ChangeLog for fuzzing issue
...
Changed GDS to Gotham Digital Science
2015-09-22 10:26:12 +01:00
Manuel Pégourié-Gonnard
a7975dcf9a
Remove file that should never have been added
...
Oops.
2015-09-21 12:07:10 +02:00
Manuel Pégourié-Gonnard
9405e462d0
Bump version to 1.2.15
2015-09-17 11:55:25 +02:00
Manuel Pégourié-Gonnard
5b76bb8605
Fix GNUism in bump_version.sh
2015-09-17 11:54:19 +02:00
Simon Butcher
d107e20c7a
Merge pull request #296 from ARMmbed/polarssl-1.2-restricted
...
Merge of polarssl-1.2-restricted
2015-09-17 01:27:41 +01:00
Manuel Pégourié-Gonnard
2bc4505f5d
Add counter-measure against RSA-CRT attack
...
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
backport of a1cdcd2
2015-09-09 12:36:49 +02:00
Manuel Pégourié-Gonnard
fa566e3545
Fix possible client crash on API misuse
2015-09-03 11:01:37 +02:00
Manuel Pégourié-Gonnard
aa4e55bd23
Fix warning with MD/SHA ALT implementation
...
backport of e217cee
see #239
2015-08-31 12:23:30 +02:00
Manuel Pégourié-Gonnard
121f7c9475
Disable -Wunused-result in programs and tests
2015-08-11 03:42:34 +02:00
Manuel Pégourié-Gonnard
a1e6ba6477
Fix compiler warning in test
2015-08-10 17:15:43 +02:00
Manuel Pégourié-Gonnard
59e7c73329
Silence compiler warning in test
...
Happens with some, but not all, versions of GCC/Glibc.
2015-08-10 16:52:50 +02:00
Manuel Pégourié-Gonnard
faf44abf2a
Accept a trailing space at end of PEM lines
...
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
2015-08-10 16:43:28 +02:00
Manuel Pégourié-Gonnard
ebb9cf9cc6
Fix compile error with armcc5 --gnu
2015-08-10 16:41:50 +02:00
Manuel Pégourié-Gonnard
af39e3e597
Fix missing -static-libgcc for dlls
2015-08-10 16:41:14 +02:00
Manuel Pégourié-Gonnard
7f61053371
Fix bug with cmake and old version of GCC
2015-08-10 16:40:02 +02:00
Manuel Pégourié-Gonnard
027b79fd36
Make tests/compat.sh executable
2015-08-10 16:37:09 +02:00
Paul Bakker
7fc4e3e225
Prepare for 1.2.15 release
2015-08-10 15:06:34 +01:00
Manuel Pégourié-Gonnard
3517c20df7
Up default server DH params to 2048 bits
2015-07-03 17:43:06 +02:00