Commit Graph

4762 Commits

Author SHA1 Message Date
Gilles Peskine
a66fb3f221 selftest: allow excluding a subset of the tests
E.g. "selftest -x timing" runs all the self-tests except timing.
2017-12-20 21:58:25 +01:00
Gilles Peskine
edede44d97 selftest: allow running a subset of the tests
If given command line arguments, interpret them as test names and only
run those tests.
2017-12-20 20:31:32 +01:00
Gilles Peskine
6d51b63316 selftest: fixed an erroneous return code 2017-12-20 20:25:03 +01:00
Gilles Peskine
9d7dfb74d1 selftest: refactor to separate the list of tests from the logic
No behavior change.
2017-12-20 20:23:46 +01:00
Gilles Peskine
105e6bcb7d Timing self test: print some diagnosis information
Print some not-very-nice-looking but helpful diagnosis information if
the timing selftest fails. Since the failures tend to be due to heavy
system load that's hard to reproduce, this information is necessary to
understand what's going on.
2017-12-20 19:33:55 +01:00
Gilles Peskine
b29e70bb01 mbedtls_timing_get_timer: don't use uninitialized memory
mbedtls_timing_get_timer with reset=1 is called both to initialize a
timer object and to reset an already-initialized object. In an
initial call, the content of the data structure is indeterminate, so
the code should not read from it. This could crash if signed overflows
trap, for example.

As a consequence, on reset, we can't return the previously elapsed
time as was previously done on Windows. Return 0 as was done on Unix.
2017-12-20 19:33:48 +01:00
Gilles Peskine
02c3167b40 timing interface documentation: minor clarifications 2017-12-20 19:33:42 +01:00
Gilles Peskine
3099b43c6b Timing: fix mbedtls_set_alarm(0) on Unix/POSIX
The POSIX/Unix implementation of mbedtls_set_alarm did not set the
mbedtls_timing_alarmed flag when called with 0, which was inconsistent
with what the documentation implied and with the Windows behavior.
2017-12-20 19:33:38 +01:00
Gilles Peskine
b9344e3266 all.sh: new option --no-armcc
With this option, don't run anything that requires armcc or yotta, so
the script can run offline.
2017-12-20 13:51:41 +01:00
Gilles Peskine
a8bf9867d4 all.sh: --keep-going mode
Add --keep-going mode to all.sh. In this mode, if a test fails, keep
running the subsequent tests. If a build fails, skip any tests of this
build and move on to the next tests. Errors in infrastructure, such as
git or cmake runs, remain fatal. Print an error summary at the end of
the run, and return a nonzero code if there was any failure.

In known terminal types, use color to highlight errors.

On a fatal signal, interrupt the run and report the errors so far.
2017-12-20 13:51:41 +01:00
Gilles Peskine
c83f57b4c6 Merge remote-tracking branch 'upstream-restricted/pr/434' into mbedtls-2.1-restricted 2017-12-19 19:49:44 +01:00
Gilles Peskine
a6901f48cb all.sh: cleaned up usage output 2017-12-19 18:41:28 +01:00
Gilles Peskine
30dfbafb82 all.sh: indent 2017-12-19 18:37:30 +01:00
Gilles Peskine
78493be3ee compat.sh: use wait_server_start
Port wait_server_start from ssl-opt.sh to compat.sh, instead of just
using "sleep 1". This solves the problem that on a heavily loaded
machine, sleep 1 is sometimes not enough (we had CI failures because
of this). This is also faster on a lightly-loaded machine (execution
time reduced from ~8min to ~6min on my machine).
2017-12-19 13:33:12 +01:00
Gilles Peskine
684a517220 wait_server_start: minor efficiency improvement
In wait_server_start, fork less. When lsof is present, call it on the
expected process. This saves a few percent of execution time on a
lightly loaded machine. Also, sleep for a short duration rather than
using a tight loop.
2017-12-19 13:33:08 +01:00
Manuel Pégourié-Gonnard
4aa6f12d0c Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted
* mbedtls-2.1:
  Allow comments in test data files
2017-12-19 12:20:18 +01:00
Manuel Pégourié-Gonnard
86bc448e75 Merge remote-tracking branch 'public/pr/1118' into mbedtls-2.1
* public/pr/1118:
  Allow comments in test data files
2017-12-19 12:19:52 +01:00
Manuel Pégourié-Gonnard
914fd5d2c9 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted
* mbedtls-2.1:
  ssl-opt.sh: support fixed seed for random tests
2017-12-19 12:19:12 +01:00
Manuel Pégourié-Gonnard
157393a2f4 Merge remote-tracking branch 'public/pr/1192' into mbedtls-2.1
* public/pr/1192:
  ssl-opt.sh: support fixed seed for random tests
2017-12-19 12:18:54 +01:00
Manuel Pégourié-Gonnard
329d0904ab Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted
* mbedtls-2.1:
  Address PR review comments
  Backport 2.1:Fix crash when calling `mbedtls_ssl_cache_free` twice
2017-12-19 11:43:10 +01:00
Manuel Pégourié-Gonnard
227692a6b1 Merge remote-tracking branch 'public/pr/1160' into mbedtls-2.1
* public/pr/1160:
  Address PR review comments
  Backport 2.1:Fix crash when calling `mbedtls_ssl_cache_free` twice
2017-12-19 11:42:29 +01:00
Manuel Pégourié-Gonnard
451ea75286 Merge remote-tracking branch 'restricted/pr/412' into mbedtls-2.1-restricted
* restricted/pr/412:
  Correct record header size in case of TLS
  Don't allocate space for DTLS header if DTLS is disabled
  Improve debugging output
  Adapt ChangeLog
  Add run-time check for handshake message size in ssl_write_record
  Add run-time check for record content size in ssl_encrypt_buf
  Add compile-time checks for size of record content and payload
2017-12-19 11:33:07 +01:00
Manuel Pégourié-Gonnard
4b133e6dcf Fix magic constant in previous commit 2017-12-19 10:05:03 +01:00
Manuel Pégourié-Gonnard
b67a5c1f29 Fix SSLv3 MAC computation
In a previous PR (Fix heap corruption in implementation of truncated HMAC
extension #425) the place where MAC is computed was changed from the end of
the SSL I/O buffer to a local buffer (then (part of) the content of the local
buffer is either copied to the output buffer of compare to the input buffer).

Unfortunately, this change was made only for TLS 1.0 and later, leaving SSL
3.0 in an inconsistent state due to ssl_mac() still writing to the old,
hard-coded location, which, for MAC verification, resulted in later comparing
the end of the input buffer (containing the computed MAC) to the local buffer
(uninitialised), most likely resulting in MAC verification failure, hence no
interop (even with ourselves).

This commit completes the move to using a local buffer by using this strategy
for SSL 3.0 too. Fortunately ssl_mac() was static so it's not a problem to
change its signature.
2017-12-19 10:05:00 +01:00
Manuel Pégourié-Gonnard
c0b9456f60 Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted
* mbedtls-2.1:
  Fix build error with gcc -Werror=misleading-indentation
2017-12-18 11:46:43 +01:00
Manuel Pégourié-Gonnard
d1ededf4a3 Merge remote-tracking branch 'public/pr/1187' into mbedtls-2.1
* public/pr/1187:
  Fix build error with gcc -Werror=misleading-indentation
2017-12-18 11:46:10 +01:00
Manuel Pégourié-Gonnard
3fe67dae0b Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted
* mbedtls-2.1:
  Fix build without MBEDTLS_FS_IO
2017-12-18 11:44:26 +01:00
Manuel Pégourié-Gonnard
912e4471bb Merge remote-tracking branch 'public/pr/1185' into mbedtls-2.1
* public/pr/1185:
  Fix build without MBEDTLS_FS_IO
2017-12-18 11:44:07 +01:00
Hanno Becker
de42c59b91 Add affiliation of bug reporter to credits in the ChangeLog 2017-12-07 15:16:04 +00:00
Hanno Becker
e40802aebc Correct record header size in case of TLS
The previous commit reduced the internal header size to 5 bytes in case of
TLS. This is not a valid since in that situation Mbed TLS internally uses the
first 8 bytes of the message buffer for the implicit record sequence number.
2017-12-07 08:27:56 +00:00
Gilles Peskine
92e6a0e71a Merge branch 'mbedtls-2.1' into mbedtls-2.1-restricted 2017-12-04 18:01:28 +00:00
Gilles Peskine
a15486a35f Merge branch 'pr_1044' into mbedtls-2.1 2017-12-04 17:29:28 +01:00
Gilles Peskine
45c8f6a38a Added ChangeLog entry 2017-12-04 17:28:09 +01:00
Gilles Peskine
4b36dfb820 Merge remote-tracking branch 'upstream-public/pr/1174' into mbedtls-2.1 2017-12-04 17:20:45 +01:00
Hanno Becker
7862cd0ca4 Remove deprecation statement for TRUNC_HMAC_COMPAT from config.h 2017-12-01 17:10:31 +00:00
Gilles Peskine
aed7188b2e Merge remote-tracking branch 'upstream-restricted/pr/427' into mbedtls-2.1-restricted 2017-12-01 18:05:40 +01:00
Gilles Peskine
bb4aaf1bbc ssl-opt.sh: support fixed seed for random tests
Support --seed and $SEED to set the seed for random tests.

Partial backport of commit 7770ea82d5
(the part applying to all.sh is already present).
2017-12-01 17:23:34 +01:00
Gilles Peskine
14ab4cff9f Fix build error with gcc -Werror=misleading-indentation
Fix misleading indentation. This was just bad indentation, the
behavior was correct. It was detected by gcc 6.
2017-12-01 11:45:21 +01:00
Hanno Becker
e84d901816 Update ChangeLog 2017-12-01 10:20:47 +00:00
Hanno Becker
e53dc43d3a Deprecate MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT 2017-12-01 10:20:47 +00:00
Hanno Becker
adb30b9453 Improve documentation of MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT option
Explain more clearly when this option should be used and which versions of Mbed
TLS build on the non-compliant implementation.
2017-12-01 10:20:44 +00:00
Hanno Becker
8e75b6ce56 Improve style in tests/ssl-opt.sh
Try to avoid line breaks in server and client command line arguments to ease
reading of test cases.
2017-12-01 10:18:41 +00:00
Hanno Becker
b018723d3e Correct truncated HMAC tests in ssl-opt.sh
Many truncated HMAC tests were missing the `trunc_hmac=1` for the server
application, thereby not testing the extension.
2017-12-01 10:18:41 +00:00
Hanno Becker
053b3459d4 Add fallback to non-compliant truncated HMAC for compatibiltiy
In case truncated HMAC must be used but the Mbed TLS peer hasn't been updated
yet, one can use the compile-time option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT to
temporarily fall back to the old, non-compliant implementation of the truncated
HMAC extension.
2017-12-01 10:18:41 +00:00
Hanno Becker
e9dcb843b2 Adapt ChangeLog 2017-12-01 10:18:22 +00:00
Hanno Becker
02f632ecce Add truncated HMAC extension tests for DTLS 2017-12-01 10:18:22 +00:00
Hanno Becker
d51bec701b Add missing truncated HMAC test for TLS
The case 'Client disabled, Server enabled' was missing.
2017-12-01 10:18:22 +00:00
Hanno Becker
461cb81a55 Add small packet tests for DTLS
Add a DTLS small packet test for each of the following combinations:
- DTLS version: 1.0 or 1.2
- Encrypt then MAC extension enabled
- Truncated HMAC extension enabled

Large packets tests for DTLS are currently not possible due to parameter
constraints in ssl_server2.
2017-12-01 10:18:22 +00:00
Hanno Becker
0b9d913ac6 Extend large packet tests for TLS
Same as previous commit, but for large packet tests.
2017-12-01 10:18:22 +00:00
Hanno Becker
7aae46c05a Extend small packet tests for TLS
This commit ensures that there is a small packet test for at least any
combination of
- SSL/TLS version: SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2
- Stream cipher (RC4) or Block cipher (AES)
- Usage of Encrypt then MAC extension [TLS only]
- Usage of truncated HMAC extension [TLS only]
2017-12-01 10:18:22 +00:00