yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 09:34:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,275 Commits 88 Branches 205 Tags 69 MiB
6c2f139271
Commit Graph

5275 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
51de2d25a3 HMAC_DRBG: clean stack buffers 
Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
 2018-09-13 22:39:42 +02:00
Gilles Peskine
17b2ac2a7c CTR_DRBG: clean stack buffers 
Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
 2018-09-13 22:39:30 +02:00
Simon Butcher
96e0d8ebfc Clarified ChangeLog entry 
ChangeLog entry for backport of #1890 was misleading, so corrected it.
 2018-09-13 12:05:40 +01:00
Gilles Peskine
3ccce199a2 Document the behavior change of make apidoc 2018-09-10 12:21:04 +02:00
Manuel Pégourié-Gonnard
b82d09b6a2 Add scripts/apidoc_full.sh 
This re-introduces the apidoc with full config.h, but hopefully with the race
conditions and other issues that the previous implementation had.

Adapt doxygen test script to use that new script, and also check for errors
in addition to warnings while at it.
 2018-09-10 12:16:58 +02:00
Manuel Pégourié-Gonnard
85c379d6d1 Revert changes done to 'make apidoc' target 
This partially reverts 1989caf71c (only the changes to Makefile and
CMakeLists, the addition to scripts/config.pl is kept).

Modifying config.h in the apidoc target creates a race condition with

    make -j4 all apidoc

where some parts of the library, tests or programs could be built with the
wrong config.h, resulting in all kinds of (semi-random) errors. Recent
versions of CMake mitigate this by adding a .NOTPARALLEL target to the
generated Makefile, but people would still get errors with older CMake
versions that are still in use (eg in RHEL 5), and with plain make.

An additional issue is that, by failing to use cp -p, the apidoc target was
updating the timestamp on config.h, which seems to cause further build issues.

Let's get back to the previous, safe, situation. The improved apidoc building
will be resurrected in a script in the next commit.

fixes #390
fixes #391
 2018-09-10 12:16:47 +02:00
Simon Butcher
71d5c58a1f Reverted the INPUT in doxygen to . 
Previous change to include excluded the content in doxygen/input
 2018-09-10 12:16:38 +02:00
Manuel Pégourié-Gonnard
b8a78d9112 Exclude more things from doxygen inputs 2018-09-10 12:16:27 +02:00
Manuel Pégourié-Gonnard
43e015a4cf Exclude some warnings from the doxygen test 
Apparently travis has an old version of doxygen that doesn't know all tags in
our config. That's not something we care about, we only want to know about
warnings in our doxygen content
 2018-09-10 12:15:43 +02:00
Manuel Pégourié-Gonnard
dec65c27ee Add new doxygen test to travis 2018-09-10 12:15:19 +02:00
Manuel Pégourié-Gonnard
9c81d0101d Add test script for doxygen warnings 2018-09-10 12:13:40 +02:00
Manuel Pégourié-Gonnard
5642833345 Fix doxygen warnings about deprecated tags 
Doxygen 1.8.10 warns that those tags are obsolete. Since we're not generating
XML anyway, it seems harmless to remove them even for earlier versions.
 2018-09-10 12:11:48 +02:00
Simon Butcher
c4a33d54cf
Merge pull request #507 from sbutcher-arm/mbedtls-version-2.1.15 
Update library version number to 2.1.15
 2018-08-31 17:29:47 +01:00
Simon Butcher
d3a5393a38 Update library version number to 2.1.15 2018-08-31 16:10:48 +01:00
Simon Butcher
cb9f70e23d Fix misclassification of bug in Changelog 2018-08-31 12:01:43 +01:00
Andrzej Kurek
10108318e8 ssl-opt.sh: change expected output for large srv packet test with SSLv3 
This test also exercises a protection against BEAST
and should expect message splitting.
 2018-08-29 06:46:50 -04:00
Andrzej Kurek
9b89e3664f Remove trailing whitespace 2018-08-29 06:46:27 -04:00
Andrzej Kurek
85e411f813 ssl_server2: add buffer overhead for a termination character 
Switch to mbedtls style of memory allocation
 2018-08-29 06:46:27 -04:00
Andrzej Kurek
4115a8cf47 Add missing large and small packet tests for ssl_server2 2018-08-29 06:46:27 -04:00
Andrzej Kurek
f4f59c0429 Added buffer_size and response_size options for ssl-server2. 
Added appropriate tests.
 2018-08-29 06:46:27 -04:00
Simon Butcher
8d408fac1d Merge remote-tracking branch 'restricted/pr/438' into mbedtls-2.1-restricted 2018-08-28 15:35:41 +01:00
Simon Butcher
9add36bbcb Merge remote-tracking branch 'restricted/pr/497' into mbedtls-2.1-restricted 2018-08-28 15:31:41 +01:00
Simon Butcher
d22de0aaa7 Merge remote-tracking branch 'restricted/pr/492' into mbedtls-2.1-restricted 2018-08-28 15:23:56 +01:00
Simon Butcher
7a47cbca16 Merge remote-tracking branch 'public/pr/1137' into mbedtls-2.1 2018-08-28 12:33:27 +01:00
Simon Butcher
85e5bfd00c Merge remote-tracking branch 'public/pr/1889' into mbedtls-2.1 2018-08-28 12:26:33 +01:00
Simon Butcher
263ca7282e Merge remote-tracking branch 'public/pr/1957' into mbedtls-2.1 2018-08-28 12:17:38 +01:00
Simon Butcher
d288ac0e83 Merge remote-tracking branch 'public/pr/1959' into mbedtls-2.1 2018-08-28 11:53:47 +01:00
Simon Butcher
1c5e4c2258 Merge remote-tracking branch 'public/pr/1980' into mbedtls-2.1 2018-08-28 10:18:48 +01:00
Hanno Becker
badbe80c7f pk_encrypt: Uniformize debugging output 2018-08-23 15:56:55 +01:00
Hanno Becker
6b1b598c2f Fix typos in programs/x509/cert_write.c 
Fixes #1922.
 2018-08-23 15:26:55 +01:00
Hanno Becker
b31e9dad60 Minor formatting improvements in pk_encrypt and pk_decrypt examples 2018-08-23 15:13:12 +01:00
Hanno Becker
47a34ff29e Adapt ChangeLog 2018-08-23 15:12:24 +01:00
Hanno Becker
7cee15e967 Correct memory leak in pk_decrypt example program 2018-08-23 15:12:23 +01:00
Hanno Becker
34cbd7e536 Correct memory-leak in pk_encrypt example program 2018-08-23 15:12:22 +01:00
Hanno Becker
1a60330e08 Adapt ChangeLog 2018-08-22 15:05:36 +01:00
Hanno Becker
d636dd0cbb Fix bug in SSL ticket implementation removing keys of age < 1s 
Fixes #1968.
 2018-08-22 15:05:07 +01:00
Hanno Becker
16fe2fd15a ssl-opt.sh: Add DTLS session resumption tests 
Fixes #1969.
 2018-08-22 15:05:07 +01:00
Jaeden Amero
6b7b35b127 Merge remote-tracking branch 'upstream-public/pr/1952' into mbedtls-2.1 2018-08-17 15:31:51 +01:00
Hanno Becker
42d267bbe4 Compute record expansion in steps to ease readability 2018-08-17 15:29:48 +01:00
Jaeden Amero
b4d3c5ad11 Merge remote-tracking branch 'upstream-public/pr/1945' into mbedtls-2.1 2018-08-17 14:27:02 +01:00
Hanno Becker
d3475498e5 Adapt ChangeLog 2018-08-17 10:11:31 +01:00
Hanno Becker
07eb7ca17c Fix mbedtls_ssl_get_record_expansion() for CBC modes 
`mbedtls_ssl_get_record_expansion()` is supposed to return the maximum
difference between the size of a protected record and the size of the
encapsulated plaintext.

Previously, it did not correctly estimate the maximum record expansion
in case of CBC ciphersuites in (D)TLS versions 1.1 and higher, in which
case the ciphertext is prefixed by an explicit IV.

This commit fixes this bug. Fixes #1914.
 2018-08-17 10:11:28 +01:00
Hanno Becker
10652b10d9 Improve ChangeLog wording for the commmit that Fixes #1954. 2018-08-17 10:03:48 +01:00
Hanno Becker
a24ed19a5d Add tests for empty CA list in CertificateRequest, TLS 1.0 & 1.1 2018-08-17 10:03:48 +01:00
Hanno Becker
10195ab853 Adapt ChangeLog 2018-08-16 15:53:17 +01:00
Hanno Becker
9e2237ac47 Fix overly strict bounds check in ssl_parse_certificate_request() 2018-08-16 15:53:17 +01:00
Mohammad Azim Khan
4c01904819 Fix Wformat-overflow warning in ssl_mail_client.c 
sprintf( (char *) buf, "%s\r\n", base );
 Above code generates Wformat-overflow warning since both buf and base
are of same size. buf should be sizeof( base ) + characters added in
the format. In this case format 2 bytes for "\r\n".
 2018-08-16 14:33:03 +01:00
Hanno Becker
048dba33cf Adapt ChangeLog 2018-08-14 15:50:07 +01:00
Hanno Becker
3328d8cf88 Reset session_in/out pointers in ssl_session_reset_int() 
Fixes #1941.
 2018-08-14 15:50:02 +01:00
Jaeden Amero
942cfea65f Merge remote-tracking branch 'upstream-public/pr/1815' into mbedtls-2.1 2018-08-10 11:00:40 +01:00