Commit Graph

457 Commits

Author SHA1 Message Date
Paul Bakker
24aaf44120 Make sure no random pointer occur during failed malloc()'s 2014-07-08 11:39:19 +02:00
Manuel Pégourié-Gonnard
c2262b58f6 Tune debug_print_ret format 2014-07-08 11:26:20 +02:00
Paul Bakker
ef3cf7088f Provide no info from entropy_func() on future entropy 2014-07-08 11:25:51 +02:00
Paul Bakker
1e9423704a Support for seed file writing and reading in Entropy 2014-07-08 11:20:25 +02:00
Paul Bakker
22a0ce0cef Fix warning on MinGW and MSVC12 2014-07-08 11:17:50 +02:00
Paul Bakker
8cb73200e1 MinGW32 static build should link to windows libs and libz 2014-07-08 11:15:55 +02:00
Paul Bakker
b000f82d76 ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr 2014-07-08 11:15:18 +02:00
Manuel Pégourié-Gonnard
a9f86e03ed Make the compiler work-around more specific 2014-07-08 11:13:59 +02:00
Manuel Pégourié-Gonnard
57291a7019 Work around a compiler bug on OS X. 2014-07-08 11:13:42 +02:00
hasufell
97a11c107e CMake: allow to build both shared and static at once
This allows for more fine-grained control. Possible combinations:
  * static off, shared on
  * static on, shared off
  * static on, shared on

The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.

Default is: only build static lib.
2014-07-08 11:10:09 +02:00
Manuel Pégourié-Gonnard
be04673c49 Forbid sequence number wrapping 2014-07-08 11:04:19 +02:00
Paul Bakker
50a5c53398 Reject certs and CRLs from the future 2014-07-08 10:59:10 +02:00
Paul Bakker
0d844dd650 Add x509parse_time_future() 2014-07-07 17:46:36 +02:00
Manuel Pégourié-Gonnard
963918b88f Countermeasure against "triple handshake" attack 2014-07-07 17:46:35 +02:00
Manuel Pégourié-Gonnard
397858b81d Avoid "unreachable code" warning 2014-07-07 17:46:33 +02:00
Manuel Pégourié-Gonnard
6d841c2c5c Fix verion-major intolerance 2014-07-07 17:46:31 +02:00
Manuel Pégourié-Gonnard
c675e4bde5 Fix bug in RSA PKCS#1 v1.5 "reversed" operations 2014-07-07 17:46:29 +02:00
Paul Bakker
1e7c3d2500 net_is_block() renamed to net_would_block() and corrected behaviour on
non-blocking sockets

net_would_block() now does not return 1 if the socket is blocking.
2014-07-07 17:46:28 +02:00
Paul Bakker
1dc45f15a6 Added MPI_CHK around unguarded mpi calls 2014-07-07 17:46:25 +02:00
Paul Bakker
7837026b91 Remove a few dead stores 2014-07-07 16:01:34 +02:00
Manuel Pégourié-Gonnard
d220f8b709 Fix potential memory leak in bignum selftest 2014-07-07 16:01:33 +02:00
Manuel Pégourié-Gonnard
7fd620b331 Fix misplaced initialisation.
If one of the calls to mpi_grow() before setting Apos would fail, then
mpi_free( &Apos ) would be executed without Apos being initialised.
2014-07-07 16:01:31 +02:00
Manuel Pégourié-Gonnard
b55f578982 Fix missing error checking in gcm 2014-07-07 16:01:30 +02:00
Paul Bakker
4091141368 Add a length check in ssl_derive_keys() 2014-07-07 16:01:28 +02:00
Paul Bakker
d83584e9aa Fixed potential overflow in certificate size in ssl_write_certificate() 2014-07-07 16:01:11 +02:00
Paul Bakker
78e819698b Added missing MPI_CHK() around some statements 2014-07-07 16:01:10 +02:00
Paul Bakker
40cc914567 Fixed x509_crt_parse_path() bug on Windows platforms 2014-07-07 16:01:08 +02:00
Manuel Pégourié-Gonnard
9975c5d217 Check PKCS 1.5 padding in a more constant-time way
(Avoid branches that depend on secret data.)
2014-07-07 14:38:09 +02:00
Manuel Pégourié-Gonnard
d237d261e5 Check OAEP padding in a more constant-time way 2014-07-07 14:37:56 +02:00
Manuel Pégourié-Gonnard
3411464a64 RSA-OAEP decrypt: reorganise code 2014-07-07 14:37:39 +02:00
Paul Bakker
a1caf6e1e8 SSL now gracefully handles missing RNG 2014-07-07 14:20:52 +02:00
Paul Bakker
c941adba31 Fixed X.509 hostname comparison (with non-regular characters) 2014-07-07 14:17:24 +02:00
Paul Bakker
835481930a Makefile now produces a .so.X with SOVERSION in it 2014-07-07 14:13:54 +02:00
Manuel Pégourié-Gonnard
5c8434cf52 Safer buffer comparisons in the SSL modules 2014-07-07 14:10:07 +02:00
Paul Bakker
c3ec63df42 Minor change that makes life easier for static analyzers / compilers 2014-07-07 14:06:22 +02:00
Paul Bakker
e46b17766c Make get_pkcs_padding() constant-time 2014-07-07 14:04:31 +02:00
Paul Bakker
52cb87beb7 Forced cast to prevent MSVC compiler warning 2014-07-07 13:46:10 +02:00
Paul Bakker
4c9301a7af Convert SOCKET to int to prevent compiler warnings under MSVC.
From kernel objects at msdn:
    Kernel object handles are process specific. That is, a process must either create the object or open an existing object to obtain a kernel object handle. The per-process limit on kernel handles is 2^24.

Windows Internals by Russinovich and Solomon as well says that the high bits are zero.
2014-07-07 13:44:30 +02:00
Paul Bakker
9ccb2116a7 Introduced POLARSSL_HAVE_READDIR_R for systems without it 2014-07-07 13:43:31 +02:00
Paul Bakker
ff6e24710a RSA blinding: check highly unlikely cases 2014-07-07 13:34:41 +02:00
Paul Bakker
6b06502c4b Changed RSA blinding to a slower but thread-safe version 2013-10-07 12:06:29 +02:00
Paul Bakker
adace27ec9 Prepped for 1.2.10 release 2013-10-04 17:07:26 +02:00
Paul Bakker
2f1481ec73 Additional fixed to rsa.c with regards to blinding 2013-10-04 16:46:21 +02:00
Paul Bakker
62087eed22 Fixed memory leak in rsa.c introduced in 43f9799 2013-10-04 10:57:12 +02:00
Paul Bakker
e45574e7de Prepped for 1.2.9 release 2013-09-25 18:42:42 +02:00
Paul Bakker
915ee19887 Do not allow SHA256/SHA384 ciphersuites in < TLS 1.2 2013-09-23 17:30:26 +02:00
Paul Bakker
43f9799ce6 RSA blinding on CRT operations to counter timing attacks 2013-09-23 11:23:31 +02:00
Paul Bakker
88a2264def Fixed potential file descriptor leaks 2013-09-11 13:31:55 +02:00
Paul Bakker
f65fbee52b x509_verify() now case insensitive for cn (RFC 6125 6.4)
(cherry picked from commit a5943858d8)

Conflicts:
	ChangeLog
	library/x509parse.c
	tests/suites/test_suite_x509parse.data
2013-09-11 13:31:55 +02:00
Paul Bakker
a565aceea1 Fixed potential memory leak when failing to resume a session 2013-09-11 13:31:53 +02:00