Manuel Pégourié-Gonnard
0bdb050b2d
x509: CRL: add tests for malformed extensions
...
This covers all lines added in the previous commit. Coverage was tested using:
make CFLAGS='--coverage -g3 -O0'
(cd tests && ./test_suite_x509parse)
make lcov
firefox Coverage/index.html # then visual check
Test data was generated by taking a copy of tests/data_files/crl-idp.pem,
encoding it as hex, and then manually changing the values of some bytes to
achieve the desired errors, using https://lapo.it/asn1js/ for help in locating
the desired bytes.
2018-03-14 12:00:55 +01:00
Krzysztof Stachowiak
7fa1ae70c8
Add Changelog entry
2018-03-14 11:57:37 +01:00
Krzysztof Stachowiak
00bbf572af
Update change log
2018-03-14 11:14:13 +01:00
Manuel Pégourié-Gonnard
fd3e4fbae7
x509: CRL: reject unsupported critical extensions
2018-03-14 09:15:02 +01:00
Gilles Peskine
5f1932817c
Merge remote-tracking branch 'upstream-restricted/pr/398' into development-restricted-proposed
2018-03-13 17:18:06 +01:00
Gilles Peskine
553a06f08a
Merge remote-tracking branch 'upstream-restricted/pr/351' into development-restricted-proposed
...
Move the added ChangeLog entry to the bottom so that the list remains
in merge order.
2018-03-13 17:15:34 +01:00
Hanno Becker
b6f880b63b
Revert whitespace change to ease merging
2018-03-13 12:48:50 +00:00
Manuel Pégourié-Gonnard
1ba8a3fc55
Yet another dependency issue (PKCS1_V15)
...
Found by running:
CC=clang cmake -D CMAKE_BUILD_TYPE="Check"
tests/scripts/depend-pkalgs.pl
(Also tested with same command but CC=gcc)
Another PR will address improving all.sh and/or the depend-xxx.pl scripts
themselves to catch this kind of thing.
2018-03-13 13:42:38 +01:00
Andrzej Kurek
ccbd8a4bbb
Add a missing bracket in ifdef for __cplusplus
2018-03-13 07:52:09 -04:00
Hanno Becker
bc6c110139
Add test to ssl-opt.sh demonstrating the need for ssl_check_pending
2018-03-13 11:48:32 +00:00
Hanno Becker
ddc3ebbc3f
Exemplify use of mbedtls_ssl_check_pending
in ssl_server2.c
2018-03-13 11:48:32 +00:00
Hanno Becker
6a33f59f76
Add tests for event-driven I/O in DTLS to ssl-opt.sh
2018-03-13 11:48:29 +00:00
Hanno Becker
62dcbaf567
Improve crediting in ChangeLog
2018-03-13 10:54:43 +00:00
Krzysztof Stachowiak
5224a7544c
Prevent arithmetic overflow on bounds check
2018-03-13 11:31:38 +01:00
Krzysztof Stachowiak
740b218386
Add bounds check before length read
2018-03-13 11:31:14 +01:00
Krzysztof Stachowiak
027f84c69f
Prevent arithmetic overflow on bounds check
2018-03-13 11:29:24 +01:00
Krzysztof Stachowiak
a1098f81c2
Add bounds check before signature length read
2018-03-13 11:28:49 +01:00
Darryl Green
127c5affce
Add copyright to abi_check script
2018-03-13 09:17:23 +00:00
Gilles Peskine
f3ada4adb0
Merge branch 'pr_679' into development-proposed
2018-03-13 00:13:29 +01:00
Gilles Peskine
6dc4a31988
Add ChangeLog entry. Fixes #678
2018-03-13 00:13:06 +01:00
Gilles Peskine
13678d251f
Merge remote-tracking branch 'upstream-public/pr/922' into development-proposed
2018-03-13 00:10:07 +01:00
Gilles Peskine
d5f7d24e84
Merge branch 'pr_1064' into development-proposed
2018-03-13 00:08:05 +01:00
Gilles Peskine
3ff4a074af
Fix ChangeLog style. Fix #918
2018-03-13 00:06:19 +01:00
Gilles Peskine
a31d8206b1
Merge remote-tracking branch 'upstream-public/pr/778' into development-proposed
2018-03-12 23:45:08 +01:00
Gilles Peskine
69845ed00d
Merge remote-tracking branch 'upstream-public/pr/1241' into development-proposed
2018-03-12 23:43:30 +01:00
Manuel Pégourié-Gonnard
88a8dcb38e
Fix remaining issues found by depend-hashes
2018-03-12 15:49:35 +01:00
Manuel Pégourié-Gonnard
147b28ec3f
Fix remaining issues found by depend-pkalgs
2018-03-12 15:26:59 +01:00
Gilles Peskine
b21a085bae
Show build modes in code font
...
This clarifies that it's the string to type and not just some
description of it.
2018-03-12 13:12:34 +01:00
Gilles Peskine
469b882947
Merge branch 'pr_1407' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
754768262b
Merge remote-tracking branch 'upstream-public/pr/1249' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
19c3862d0c
Merge remote-tracking branch 'upstream-public/pr/1079' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
34ba06fac8
Merge remote-tracking branch 'upstream-public/pr/1012' into development-proposed
2018-03-11 00:45:09 +01:00
Gilles Peskine
b4c571e603
Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD
2018-03-11 00:44:14 +01:00
Gilles Peskine
3f1b89d251
This fixes #664
2018-03-11 00:35:39 +01:00
Gilles Peskine
08af538ec9
Fix grammar in ChangeLog entry
2018-03-11 00:20:08 +01:00
Gilles Peskine
29d7d4da2f
Merge remote-tracking branch 'upstream-public/pr/936' into development-proposed
2018-03-10 23:51:58 +01:00
Gilles Peskine
9c4f4038dd
Add changelog entry
2018-03-10 23:36:30 +01:00
Darryl Green
7c2dd5890f
Add script for ABI compatibility checking
2018-03-09 17:33:32 +00:00
Brendan Shanks
e61514d70d
benchmark: Fix incompatibility with C89 compilers
...
Initializing arrays using non-constant expressions is not permitted in
C89, and was causing errors when compiling with Metrowerks CodeWarrior
(for classic MacOS) in C89 mode. Clang also produces a warning when
compiling with '-Wc99-extensions':
test/benchmark.c:670:42: warning: initializer for aggregate is not a compile-time constant [-Wc99-extensions]
const unsigned char *dhm_P[] = { dhm_P_2048, dhm_P_3072 };
^~~~~~~~~~
test/benchmark.c:674:42: warning: initializer for aggregate is not a compile-time constant [-Wc99-extensions]
const unsigned char *dhm_G[] = { dhm_G_2048, dhm_G_3072 };
^~~~~~~~~~
Declaring the arrays as 'static' makes them constant expressions.
fixes #1353
2018-03-08 17:41:40 -08:00
Gilles Peskine
1ed45ea36b
Refer to X.690 by number
...
It's easier to identify and find by number than by its very wordy
title, especially as there was a typo in the title.
2018-03-08 18:19:17 +01:00
Hanno Becker
6f486a6fb5
Fix merge error
2018-03-08 13:31:44 +00:00
Hanno Becker
e494e20f0c
Move and reword deprecation warning/error on compression support
2018-03-08 13:26:12 +00:00
Manuel Pégourié-Gonnard
e57d7438b0
Improve documentation of some internal functions
2018-03-07 10:00:57 +01:00
Sanne Wouda
22797fcc57
Remove redundant dependency
2018-03-06 23:35:14 +01:00
Sanne Wouda
bb50113123
Rename test and update dependencies
2018-03-06 23:35:14 +01:00
Sanne Wouda
cf79312a6d
Update changelog entry
2018-03-06 23:31:52 +01:00
Sanne Wouda
52895b2b2e
Add Changelog entry
2018-03-06 23:31:52 +01:00
Sanne Wouda
90da97d587
Add test case found through fuzzing to pkparse test suite
2018-03-06 23:31:12 +01:00
Sanne Wouda
7b2e85dd7c
Use both applicable error codes and a proper coding style
2018-03-06 23:28:46 +01:00
Sanne Wouda
b2b29d5259
Add end-of-buffer check to prevent heap-buffer-overflow
...
Dereference of *p should not happen when it points past the end of the
buffer.
Internal reference: IOTSSL-1663
2018-03-06 23:28:46 +01:00