Paul Bakker
24aaf44120
Make sure no random pointer occur during failed malloc()'s
2014-07-08 11:39:19 +02:00
Manuel Pégourié-Gonnard
c2262b58f6
Tune debug_print_ret format
2014-07-08 11:26:20 +02:00
Paul Bakker
ef3cf7088f
Provide no info from entropy_func() on future entropy
2014-07-08 11:25:51 +02:00
Paul Bakker
1e9423704a
Support for seed file writing and reading in Entropy
2014-07-08 11:20:25 +02:00
Paul Bakker
22a0ce0cef
Fix warning on MinGW and MSVC12
2014-07-08 11:17:50 +02:00
Paul Bakker
8cb73200e1
MinGW32 static build should link to windows libs and libz
2014-07-08 11:15:55 +02:00
Paul Bakker
b000f82d76
ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr
2014-07-08 11:15:18 +02:00
Manuel Pégourié-Gonnard
a9f86e03ed
Make the compiler work-around more specific
2014-07-08 11:13:59 +02:00
Manuel Pégourié-Gonnard
57291a7019
Work around a compiler bug on OS X.
2014-07-08 11:13:42 +02:00
hasufell
97a11c107e
CMake: allow to build both shared and static at once
...
This allows for more fine-grained control. Possible combinations:
* static off, shared on
* static on, shared off
* static on, shared on
The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.
Default is: only build static lib.
2014-07-08 11:10:09 +02:00
Manuel Pégourié-Gonnard
be04673c49
Forbid sequence number wrapping
2014-07-08 11:04:19 +02:00
Paul Bakker
50a5c53398
Reject certs and CRLs from the future
2014-07-08 10:59:10 +02:00
Paul Bakker
0d844dd650
Add x509parse_time_future()
2014-07-07 17:46:36 +02:00
Manuel Pégourié-Gonnard
963918b88f
Countermeasure against "triple handshake" attack
2014-07-07 17:46:35 +02:00
Manuel Pégourié-Gonnard
397858b81d
Avoid "unreachable code" warning
2014-07-07 17:46:33 +02:00
Manuel Pégourié-Gonnard
6d841c2c5c
Fix verion-major intolerance
2014-07-07 17:46:31 +02:00
Manuel Pégourié-Gonnard
c675e4bde5
Fix bug in RSA PKCS#1 v1.5 "reversed" operations
2014-07-07 17:46:29 +02:00
Paul Bakker
1e7c3d2500
net_is_block() renamed to net_would_block() and corrected behaviour on
...
non-blocking sockets
net_would_block() now does not return 1 if the socket is blocking.
2014-07-07 17:46:28 +02:00
Paul Bakker
1dc45f15a6
Added MPI_CHK around unguarded mpi calls
2014-07-07 17:46:25 +02:00
Paul Bakker
7837026b91
Remove a few dead stores
2014-07-07 16:01:34 +02:00
Manuel Pégourié-Gonnard
d220f8b709
Fix potential memory leak in bignum selftest
2014-07-07 16:01:33 +02:00
Manuel Pégourié-Gonnard
7fd620b331
Fix misplaced initialisation.
...
If one of the calls to mpi_grow() before setting Apos would fail, then
mpi_free( &Apos ) would be executed without Apos being initialised.
2014-07-07 16:01:31 +02:00
Manuel Pégourié-Gonnard
b55f578982
Fix missing error checking in gcm
2014-07-07 16:01:30 +02:00
Paul Bakker
4091141368
Add a length check in ssl_derive_keys()
2014-07-07 16:01:28 +02:00
Paul Bakker
d83584e9aa
Fixed potential overflow in certificate size in ssl_write_certificate()
2014-07-07 16:01:11 +02:00
Paul Bakker
78e819698b
Added missing MPI_CHK() around some statements
2014-07-07 16:01:10 +02:00
Paul Bakker
40cc914567
Fixed x509_crt_parse_path() bug on Windows platforms
2014-07-07 16:01:08 +02:00
Manuel Pégourié-Gonnard
9975c5d217
Check PKCS 1.5 padding in a more constant-time way
...
(Avoid branches that depend on secret data.)
2014-07-07 14:38:09 +02:00
Manuel Pégourié-Gonnard
d237d261e5
Check OAEP padding in a more constant-time way
2014-07-07 14:37:56 +02:00
Manuel Pégourié-Gonnard
3411464a64
RSA-OAEP decrypt: reorganise code
2014-07-07 14:37:39 +02:00
Paul Bakker
a1caf6e1e8
SSL now gracefully handles missing RNG
2014-07-07 14:20:52 +02:00
Paul Bakker
c941adba31
Fixed X.509 hostname comparison (with non-regular characters)
2014-07-07 14:17:24 +02:00
Paul Bakker
835481930a
Makefile now produces a .so.X with SOVERSION in it
2014-07-07 14:13:54 +02:00
Manuel Pégourié-Gonnard
5c8434cf52
Safer buffer comparisons in the SSL modules
2014-07-07 14:10:07 +02:00
Paul Bakker
c3ec63df42
Minor change that makes life easier for static analyzers / compilers
2014-07-07 14:06:22 +02:00
Paul Bakker
e46b17766c
Make get_pkcs_padding() constant-time
2014-07-07 14:04:31 +02:00
Paul Bakker
52cb87beb7
Forced cast to prevent MSVC compiler warning
2014-07-07 13:46:10 +02:00
Paul Bakker
4c9301a7af
Convert SOCKET to int to prevent compiler warnings under MSVC.
...
From kernel objects at msdn:
Kernel object handles are process specific. That is, a process must either create the object or open an existing object to obtain a kernel object handle. The per-process limit on kernel handles is 2^24.
Windows Internals by Russinovich and Solomon as well says that the high bits are zero.
2014-07-07 13:44:30 +02:00
Paul Bakker
9ccb2116a7
Introduced POLARSSL_HAVE_READDIR_R for systems without it
2014-07-07 13:43:31 +02:00
Paul Bakker
ff6e24710a
RSA blinding: check highly unlikely cases
2014-07-07 13:34:41 +02:00
Paul Bakker
6b06502c4b
Changed RSA blinding to a slower but thread-safe version
2013-10-07 12:06:29 +02:00
Paul Bakker
adace27ec9
Prepped for 1.2.10 release
2013-10-04 17:07:26 +02:00
Paul Bakker
2f1481ec73
Additional fixed to rsa.c with regards to blinding
2013-10-04 16:46:21 +02:00
Paul Bakker
62087eed22
Fixed memory leak in rsa.c introduced in 43f9799
2013-10-04 10:57:12 +02:00
Paul Bakker
e45574e7de
Prepped for 1.2.9 release
2013-09-25 18:42:42 +02:00
Paul Bakker
915ee19887
Do not allow SHA256/SHA384 ciphersuites in < TLS 1.2
2013-09-23 17:30:26 +02:00
Paul Bakker
43f9799ce6
RSA blinding on CRT operations to counter timing attacks
2013-09-23 11:23:31 +02:00
Paul Bakker
88a2264def
Fixed potential file descriptor leaks
2013-09-11 13:31:55 +02:00
Paul Bakker
f65fbee52b
x509_verify() now case insensitive for cn (RFC 6125 6.4)
...
(cherry picked from commit a5943858d8
)
Conflicts:
ChangeLog
library/x509parse.c
tests/suites/test_suite_x509parse.data
2013-09-11 13:31:55 +02:00
Paul Bakker
a565aceea1
Fixed potential memory leak when failing to resume a session
2013-09-11 13:31:53 +02:00