Gilles Peskine
d49ab3ee60
Add ChangeLog entry.
...
Fixes #1353
2018-03-21 17:03:44 +01:00
Gilles Peskine
4e4be7cf62
Optimize unnecessary zeorizing in mbedtls_mpi_copy
...
Based on a contribution by Alexey Skalozub
(https://github.com/ARMmbed/mbedtls/pull/405 ).
2018-03-21 16:29:03 +01:00
Andres Amaya Garcia
8e0e16032d
Add ChangeLog entry for dylib builds using Makefile
2018-03-21 11:15:08 +00:00
Jaeden Amero
8be0e6db41
Update version to 2.8.0
2018-03-16 16:25:12 +00:00
Jaeden Amero
79a5e72719
Merge remote-tracking branch 'upstream-restricted/pr/463' into development-restricted-proposed
2018-03-15 08:25:05 +00:00
Jaeden Amero
24b2d6fb6d
Merge remote-tracking branch 'upstream-restricted/pr/459' into development-restricted-proposed
2018-03-15 08:24:44 +00:00
Jaeden Amero
ce183d994c
Merge remote-tracking branch 'upstream-public/pr/1448' into development-proposed
2018-03-15 08:23:53 +00:00
Jaeden Amero
d1fedc55d7
Merge remote-tracking branch 'upstream-public/pr/1440' into development-proposed
2018-03-15 08:23:35 +00:00
Jaeden Amero
95ad522ecc
Merge remote-tracking branch 'upstream-public/pr/1439' into development-proposed
2018-03-15 08:23:10 +00:00
Jaeden Amero
64293777eb
Merge remote-tracking branch 'upstream-public/pr/1423' into development-proposed
2018-03-15 08:22:48 +00:00
Krzysztof Stachowiak
7fa1ae70c8
Add Changelog entry
2018-03-14 11:57:37 +01:00
Krzysztof Stachowiak
00bbf572af
Update change log
2018-03-14 11:14:13 +01:00
Manuel Pégourié-Gonnard
fd3e4fbae7
x509: CRL: reject unsupported critical extensions
2018-03-14 09:15:02 +01:00
Gilles Peskine
5f1932817c
Merge remote-tracking branch 'upstream-restricted/pr/398' into development-restricted-proposed
2018-03-13 17:18:06 +01:00
Gilles Peskine
553a06f08a
Merge remote-tracking branch 'upstream-restricted/pr/351' into development-restricted-proposed
...
Move the added ChangeLog entry to the bottom so that the list remains
in merge order.
2018-03-13 17:15:34 +01:00
Gilles Peskine
f3ada4adb0
Merge branch 'pr_679' into development-proposed
2018-03-13 00:13:29 +01:00
Gilles Peskine
6dc4a31988
Add ChangeLog entry. Fixes #678
2018-03-13 00:13:06 +01:00
Gilles Peskine
d5f7d24e84
Merge branch 'pr_1064' into development-proposed
2018-03-13 00:08:05 +01:00
Gilles Peskine
3ff4a074af
Fix ChangeLog style. Fix #918
2018-03-13 00:06:19 +01:00
Gilles Peskine
a31d8206b1
Merge remote-tracking branch 'upstream-public/pr/778' into development-proposed
2018-03-12 23:45:08 +01:00
Gilles Peskine
469b882947
Merge branch 'pr_1407' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
19c3862d0c
Merge remote-tracking branch 'upstream-public/pr/1079' into development-proposed
2018-03-11 00:45:10 +01:00
Gilles Peskine
b4c571e603
Merge remote-tracking branch 'upstream-public/pr/1296' into HEAD
2018-03-11 00:44:14 +01:00
Gilles Peskine
3f1b89d251
This fixes #664
2018-03-11 00:35:39 +01:00
Gilles Peskine
08af538ec9
Fix grammar in ChangeLog entry
2018-03-11 00:20:08 +01:00
Gilles Peskine
29d7d4da2f
Merge remote-tracking branch 'upstream-public/pr/936' into development-proposed
2018-03-10 23:51:58 +01:00
Gilles Peskine
9c4f4038dd
Add changelog entry
2018-03-10 23:36:30 +01:00
Sanne Wouda
cf79312a6d
Update changelog entry
2018-03-06 23:31:52 +01:00
Sanne Wouda
52895b2b2e
Add Changelog entry
2018-03-06 23:31:52 +01:00
Hanno Becker
cf092b2ccf
Deprecate support for record compression
2018-03-06 14:27:09 +00:00
Hanno Becker
a3389ebb09
Merge branch 'development-restricted' into iotssl-1306-rsa-is-vulnerable-to-bellcore-glitch-attack
2018-03-06 11:55:21 +00:00
Manuel Pégourié-Gonnard
8c661b90c7
Fix section order in the ChangeLog
2018-03-06 10:00:00 +01:00
Hanno Becker
7deee20cd2
Add ChangeLog entry for previous security fix
...
Fixes #825
2018-03-05 12:44:28 +01:00
itayzafrir
693a1d9ca7
Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig.
...
Test suite test_suite_pk test pk_rsa_overflow passes valid parameters for hash and sig.
2018-02-28 15:59:40 +02:00
Gilles Peskine
1bf6123fca
Add attribution for #1351 report
2018-02-27 08:37:52 +01:00
Gilles Peskine
b7f6086ba3
Merge branch 'prr_424' into development-proposed
2018-02-22 16:15:01 +01:00
Gilles Peskine
04f9bd028f
Note incompatibility of truncated HMAC extension in ChangeLog
...
The change in the truncated HMAC extension aligns Mbed TLS with the
standard, but breaks interoperability with previous versions. Indicate
this in the ChangeLog, as well as how to restore the old behavior.
2018-02-22 15:41:26 +01:00
Gilles Peskine
9d56251260
Merge remote-tracking branch 'upstream-public/pr/1384' into development-proposed
2018-02-22 14:49:16 +01:00
mohammad1603
4bbaeb4ffa
Add guard to out_left to avoid negative values
...
return error when f_send return a value greater than out_left
2018-02-22 05:04:48 -08:00
Gilles Peskine
bb2565cf12
Add ChangeLog entry for PR #1382
2018-02-22 10:24:59 +00:00
Gilles Peskine
8db3efbc76
Add missing MBEDTLS_DEPRECATED_REMOVED guards
...
Add missing MBEDTLS_DEPRECATED_REMOVED guards around the definitions
of mbedtls_aes_decrypt and mbedtls_aes_encrypt.
This fixes the build under -Wmissing-prototypes -Werror.
Fixes #1388
2018-02-21 19:16:20 +01:00
Jaeden Amero
c5d08f8ea5
Add ChangeLog entry for PR #1384
2018-02-21 13:34:04 +00:00
Gilles Peskine
d76d8bc9a5
Merge branch 'pr_1352' into development-proposed
2018-02-20 16:42:08 +01:00
Gilles Peskine
200b24fdf8
Mention in ChangeLog that this fixes #1351
2018-02-20 16:40:11 +01:00
Gilles Peskine
e6844ccf2b
Merge branch 'pr_1135' into development-proposed
2018-02-14 17:20:42 +01:00
Gilles Peskine
3dabd6a145
Add issue number to ChangeLog
...
Resolves #1122
2018-02-14 17:19:41 +01:00
Gilles Peskine
42a97ac693
Merge branch 'pr_1219' into development-proposed
2018-02-14 16:17:21 +01:00
Gilles Peskine
1d80a67869
Note in the changelog that this fixes an interoperability issue.
...
Fixes #1339
2018-02-14 16:16:08 +01:00
Gilles Peskine
df29868bb6
Merge branch 'pr_1280' into development-proposed
...
Conflict: configs/config-picocoin.h was both edited and removed.
Resolution: removed, since this is the whole point of PR #1280 and the
changes in development are no longer relevant.
2018-02-14 15:49:54 +01:00
Gilles Peskine
2235bd677a
Style fix in ChangeLog
2018-02-14 15:47:46 +01:00
Gilles Peskine
1e3fd69777
Merge remote-tracking branch 'upstream-public/pr/1333' into development-proposed
2018-02-14 15:12:49 +01:00
Gilles Peskine
49ac5d06ed
Merge branch 'pr_1365' into development-proposed
2018-02-14 14:36:44 +01:00
Gilles Peskine
27b0754501
Add ChangeLog entries for PR #1168 and #1362
2018-02-14 14:36:33 +01:00
Gilles Peskine
5daa76537a
Add ChangeLog entry for PR #1165
2018-02-14 14:10:24 +01:00
Antonio Quartulli
12ccef2761
pkcs5v2: add support for additional hmacSHA algorithms
...
Currently only SHA1 is supported as PRF algorithm for PBKDF2
(PKCS#5 v2.0).
This means that keys encrypted and authenticated using
another algorithm of the SHA family cannot be decrypted.
This deficiency has become particularly incumbent now that
PKIs created with OpenSSL1.1 are encrypting keys using
hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default
and even if v2 was forced, it would still use hmacSHA1).
Enable support for all the digest algorithms of the SHA
family for PKCS#5 v2.0.
Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
2018-02-08 17:18:15 +08:00
Ron Eldor
1072e5c7e5
Update ChangeLog style
...
Add dot at end of change in ChangeLog
2018-02-07 18:43:02 +02:00
Ron Eldor
099e61df52
Rephrase Changelog
...
Rephrase Changelog to be more coherent to users
2018-02-06 17:34:27 +02:00
Ron Eldor
85e1dcff6a
Fix handshake failure in suite B
...
Fix handshake failure where PK key is translated as `MBEDTLS_ECKEY`
instead of `MBEDTLS_ECDSA`
2018-02-06 15:59:38 +02:00
Simon Butcher
55fc4e0c5a
Update ChangeLog with language and technical corrections
...
To clarify and correct the ChangeLog.
2018-02-05 08:41:14 +00:00
Jaeden Amero
98b9373849
Merge branch 'development' into development-restricted
2018-01-30 17:32:12 +00:00
Hanno Becker
2a03794d62
Adapt ChangeLog
2018-01-30 14:40:10 +00:00
Gilles Peskine
0edda4236d
Added ChangeLog entry for 64-bit ILP32 fix
...
Fixes #849
2018-01-29 21:31:16 +01:00
Jaeden Amero
26342e54f5
Merge branch 'development' into development-restricted
2018-01-29 12:49:52 +00:00
Jaeden Amero
3b8fbaab87
Merge remote-tracking branch 'upstream-public/pr/1328' into development
2018-01-29 12:49:46 +00:00
Manuel Pégourié-Gonnard
5405962954
Fix alarm(0) failure on mingw32
...
A new test for mbedtls_timing_alarm(0) was introduced in PR 1136, which also
fixed it on Unix. Apparently test results on MinGW were not checked at that
point, so we missed that this new test was also failing on this platform.
2018-01-29 10:24:50 +01:00
Jaeden Amero
2acbf17b97
Merge branch 'development' into development-restricted
2018-01-26 20:57:38 +00:00
Jaeden Amero
751aa510c0
Merge remote-tracking branch 'upstream-public/pr/1303' into development
2018-01-26 20:48:55 +00:00
Jaeden Amero
784de59ccd
Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted
...
- Resolve ChangeLog conflicts
- Update Doxygen warning block in dhm.h to render correctly
- Prefix the exported identifier deprecated_constant_t with mbedtls_
2018-01-26 18:43:04 +00:00
Gilles Peskine
7ecab3df4c
Error codes for hardware accelerator failures
...
Add MBEDTLS_ERR_XXX_HW_ACCEL_FAILED error codes for all cryptography
modules where the software implementation can be replaced by a hardware
implementation.
This does not include the individual message digest modules since they
currently have no way to return error codes.
This does include the higher-level md, cipher and pk modules since
alternative implementations and even algorithms can be plugged in at
runtime.
2018-01-26 17:56:38 +01:00
Jaeden Amero
a03587b848
Merge branch 'development' into development-restricted
2018-01-26 12:48:04 +00:00
Jaeden Amero
791e08ad8b
Add a ChangeLog entry
2018-01-26 12:04:12 +00:00
Jaeden Amero
66954e1c1f
Merge branch 'development' into development-restricted
2018-01-25 17:28:31 +00:00
Jaeden Amero
005239e3ed
Merge remote-tracking branch 'upstream-public/pr/1294' into development
2018-01-25 14:47:39 +00:00
Jaeden Amero
65ba60a975
Merge branch 'development' into development-restricted
2018-01-25 10:09:03 +00:00
Jaeden Amero
cef0c5a2c8
Merge remote-tracking branch 'upstream-public/pr/1304' into development
2018-01-25 10:07:39 +00:00
Hanno Becker
087d5ad593
Minor improvement in ChangeLog
2018-01-24 16:06:25 +00:00
Jaeden Amero
3c082ce293
Merge branch 'development' into development-restricted
2018-01-24 15:17:15 +00:00
Gilles Peskine
9b534666a2
Add ChangeLog entry
2018-01-24 10:47:19 +00:00
Hanno Becker
616d1ca605
Add support for alternative ECJPAKE implementation
...
This commit allows users to provide alternative implementations of the
ECJPAKE interface through the configuration option MBEDTLS_ECJPAKE_ALT.
When set, the user must add `ecjpake_alt.h` declaring the same
interface as `ecjpake.h`, as well as add some compilation unit which
implements the functionality. This is in line with the preexisting
support for alternative implementations of other modules.
2018-01-24 10:36:22 +00:00
Andres AG
9cf1f96a7b
Fix corner case uses of memory_buffer_alloc.c
...
The corner cases fixed include:
* Allocating a buffer of size 0. With this change, the allocator now
returns a NULL pointer in this case. Note that changes in pem.c and
x509_crl.c were required to fix tests that did not work under this
assumption.
* Initialising the allocator with less memory than required for headers.
* Fix header chain checks for uninitialised allocator.
2018-01-23 19:37:44 +00:00
Gilles Peskine
41b40e6463
Merge remote-tracking branch 'upstream-restricted/pr/441' into development-restricted
2018-01-23 00:59:51 +01:00
Gilles Peskine
aaaa98cd60
Merge branch 'development-proposed' into development-restricted
2018-01-23 00:59:17 +01:00
Gilles Peskine
ff812804fb
Merge branch 'pr_1239' into development-proposed
2018-01-23 00:58:13 +01:00
Gilles Peskine
cb1e5eb326
Merge branch 'pr_1000' into development-proposed
2018-01-23 00:57:34 +01:00
Gilles Peskine
550a2b036b
Merge branch 'pr_1163' into development-proposed
2018-01-23 00:57:26 +01:00
Gilles Peskine
7a0c6b8e95
Add ChangeLog entry
2018-01-22 23:16:52 +01:00
Gilles Peskine
26faa11630
Add ChangeLog entry
2018-01-22 23:13:22 +01:00
Gilles Peskine
980d203a6b
Add ChangeLog entry
2018-01-22 23:10:53 +01:00
Ron Eldor
5e9f14d4d9
Set correct minimal versions in default conf
...
Set `MBEDTLS_SSL_MIN_MAJOR_VERSION` and `MBEDTLS_SSL_MIN_MINOR_VERSION`
instead of `MBEDTLS_SSL_MAJOR_VERSION_3` and `MBEDTLS_SSL_MINOR_VERSION_1`
2018-01-22 22:06:44 +01:00
Gilles Peskine
0a96910e55
MD API deprecation: ChangeLog updates
...
Use the updated names for the new functions (xxx_ret instead of xxx_ext).
List the new deprecations in the appropriate sections.
Credit the independent report of the misuse of zeroizing to reset a
hash context in entropy.c.
2018-01-22 14:55:20 +01:00
Gilles Peskine
d91f2a26cb
Merge branch 'development' into iotssl-1251-2.7
...
Conflict resolution:
* ChangeLog: put the new entries in their rightful place.
* library/x509write_crt.c: the change in development was whitespace
only, so use the one from the iotssl-1251 feature branch.
2018-01-19 11:25:10 +01:00
Simon Butcher
952240985a
Remove picocoin reference configuration
...
Picocoin is no longer actively supported by the library, so the reference
configuration used in testing has been removed.
2018-01-17 23:24:43 +00:00
Gilles Peskine
d40c22ba20
Merge branch 'development' into development-restricted
2018-01-17 08:03:33 +01:00
Gilles Peskine
5098400d71
Add ChangeLog entry
2018-01-17 08:01:37 +01:00
Jaeden Amero
91d49e8b6a
ChangeLog: Use Steven Cooreman's correct name
2018-01-12 13:48:55 +00:00
Jaeden Amero
31f3f0b87b
Merge branch 'development' into development-restricted
2018-01-10 13:17:02 +00:00
Hanno Becker
997e2184c5
Adapt ChangeLog
2018-01-10 10:41:39 +00:00
Jaeden Amero
f342cb791b
Merge branch 'development' into development-restricted
2018-01-09 13:16:37 +00:00
Manuel Pégourié-Gonnard
239987fd31
Fix heap-buffer overread in ALPN ext parsing
2018-01-09 13:48:38 +01:00
Jaeden Amero
0bc9e30435
Merge remote-tracking branch 'upstream-public/pr/1060' into development
2018-01-09 12:20:54 +00:00