Hanno Becker
6c794faa46
Fix bug in SSL ticket implementation removing keys of age < 1s
...
Fixes #1968 .
2018-08-22 14:58:31 +01:00
Jaeden Amero
e4d14208aa
Merge remote-tracking branch 'upstream-public/pr/1953' into mbedtls-2.7
2018-08-17 15:31:58 +01:00
Hanno Becker
12f7ede56e
Compute record expansion in steps to ease readability
2018-08-17 15:30:03 +01:00
Jaeden Amero
ab397dd47c
Merge remote-tracking branch 'upstream-public/pr/1944' into mbedtls-2.7
2018-08-17 14:27:06 +01:00
Hanno Becker
f38db01c42
Adapt ChangeLog
2018-08-17 10:12:23 +01:00
Hanno Becker
dbd3e88479
Fix mbedtls_ssl_get_record_expansion() for CBC modes
...
`mbedtls_ssl_get_record_expansion()` is supposed to return the maximum
difference between the size of a protected record and the size of the
encapsulated plaintext.
Previously, it did not correctly estimate the maximum record expansion
in case of CBC ciphersuites in (D)TLS versions 1.1 and higher, in which
case the ciphertext is prefixed by an explicit IV.
This commit fixes this bug. Fixes #1914 .
2018-08-17 10:12:21 +01:00
Hanno Becker
517e84a0e3
Improve ChangeLog wording for the commmit that Fixes #1954 .
2018-08-17 10:04:08 +01:00
Hanno Becker
3a333a58ba
Add tests for empty CA list in CertificateRequest, TLS 1.0 & 1.1
2018-08-17 10:04:08 +01:00
Hanno Becker
4a4c04dc9c
Adapt ChangeLog
2018-08-16 15:53:02 +01:00
Hanno Becker
78d5d8225e
Fix overly strict bounds check in ssl_parse_certificate_request()
2018-08-16 15:53:02 +01:00
Mohammad Azim Khan
7e84affb45
Fix Wformat-overflow warning in ssl_mail_client.c
...
sprintf( (char *) buf, "%s\r\n", base );
Above code generates Wformat-overflow warning since both buf and base
are of same size. buf should be sizeof( base ) + characters added in
the format. In this case format 2 bytes for "\r\n".
2018-08-16 14:34:15 +01:00
Hanno Becker
8058800d54
Adapt ChangeLog
2018-08-14 15:48:41 +01:00
Hanno Becker
cd6a64a516
Reset session_in/out pointers in ssl_session_reset_int()
...
Fixes #1941 .
2018-08-14 15:48:36 +01:00
Jaeden Amero
9eb78b4dab
Merge remote-tracking branch 'upstream-public/pr/1900' into mbedtls-2.7
...
Add a Changelog entry
2018-08-10 11:26:15 +01:00
Jaeden Amero
f37a99e3fc
Merge remote-tracking branch 'upstream-public/pr/1814' into mbedtls-2.7
2018-08-10 11:01:29 +01:00
Jaeden Amero
3b69174852
Merge remote-tracking branch 'upstream-public/pr/1886' into mbedtls-2.7
2018-08-10 10:50:34 +01:00
k-stachowiak
2c161144e2
Revert change of a return variable name
2018-07-31 17:02:56 +02:00
Simon Butcher
51a46b9b38
Add ChangeLog entry for bug #1890
2018-07-30 22:15:14 +01:00
Simon Butcher
91ac97e469
Merge remote-tracking branch 'public/pr/1893' into mbedtls-2.7
2018-07-30 22:12:22 +01:00
Ron Eldor
15b0a39322
enforce input and output of ccm selftest on stack
...
In `mbedtls_ccm_self_test()`, enforce input and output
buffers sent to the ccm API to be contigous and aligned,
by copying the test vectors to buffers on the stack.
2018-07-30 11:43:08 +03:00
Ron Eldor
f19a7ab45d
Fix hmac_drbg failure in benchmark, with threading
...
Remove redunadnat calls to `hmac_drbg_free()` between seeding operations,
which make the mutex invalid. Fixes #1095
2018-07-30 11:13:18 +03:00
Simon Butcher
f88aace580
Change test dependencies to RC4 from DES
...
Some tests were dependent on DES yet actually used RC4. Likely a copy and paste
error. This change fixes them.
2018-07-27 17:33:34 +01:00
Philippe Antoine
84cc74e82b
Fix undefined shifts
...
- in x509_profile_check_pk_alg
- in x509_profile_check_md_alg
- in x509_profile_check_key
and in ssl_cli.c : unsigned char gets promoted to signed integer
2018-07-26 22:49:42 +01:00
Simon Butcher
5ef42fd415
Merge remote-tracking branch 'restricted/pr/500' into mbedtls-2.7-restricted
2018-07-26 14:33:14 +01:00
Angus Gratton
cb7a5b0b0c
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
...
In ecp_mul_comb(), if (!p_eq_g && grp->T == NULL) and then ecp_precompute_comb() fails (which can
happen due to OOM), then the new array of points T will be leaked (as it's newly allocated, but
hasn't been asigned to grp->T yet).
Symptom was a memory leak in ECDHE key exchange under low memory conditions.
2018-07-26 11:08:06 +03:00
Simon Butcher
a64621929f
Clarify Changelog entries
...
Corrected some style issues, and moved some entries from bugfixes to changes.
2018-07-25 17:30:20 +01:00
Jaeden Amero
8385110ae8
Update version to 2.7.5
2018-07-25 15:43:21 +01:00
Simon Butcher
7daacda940
Merge remote-tracking branch 'restricted/pr/494' into mbedtls-2.7
2018-07-24 23:40:53 +01:00
Simon Butcher
d7126d7009
Merge remote-tracking branch 'public/pr/779' into mbedtls-2.7
2018-07-24 13:38:44 +01:00
Simon Butcher
1bb41e5d04
Merge remote-tracking branch 'public/pr/1800' into mbedtls-2.7
2018-07-24 13:30:40 +01:00
Simon Butcher
b47e0a68ab
Merge remote-tracking branch 'public/pr/1805' into mbedtls-2.7
2018-07-24 13:16:25 +01:00
Simon Butcher
a8ee41ce80
Revise ChangeLog entry for empty data records fixes
2018-07-24 12:59:21 +01:00
Simon Butcher
d5a3ed36b8
Merge remote-tracking branch 'public/pr/1863' into mbedtls-2.7
2018-07-24 12:57:15 +01:00
Simon Butcher
bd40916dfa
Merge remote-tracking branch 'public/pr/1872' into mbedtls-2.7
2018-07-24 12:12:43 +01:00
k-stachowiak
f4a668870f
Fix code formatting
2018-07-24 12:54:39 +02:00
Simon Butcher
b65d6ce83f
Merge remote-tracking branch 'public/pr/1870' into mbedtls-2.7
2018-07-24 10:30:11 +01:00
Simon Butcher
c6a0fd8e83
Add ChangeLog entry for #1098 fix.
2018-07-24 10:17:36 +01:00
Simon Butcher
66e2b654a8
Merge remote-tracking branch 'public/pr/1877' into mbedtls-2.7
2018-07-24 08:26:26 +01:00
Simon Butcher
e08754762d
Correct logic to exclude i386 inline assenbly when -O0
...
The i386 MPI inline assembly code was being incorrectly included when
all compiler optimisation was disabled.
2018-07-23 13:41:33 +01:00
Simon Butcher
948f264302
Add additional i386 tests to all.sh
...
Added an additional i386 test to all.sh, to allow one test with -O0 which
compiles out inline assembly, and one to test with -01 which includes the inline
assembly.
2018-07-23 13:41:25 +01:00
Jaeden Amero
5113bdec6e
all.sh: Return error on keep-going failure
...
When calling all.sh from a script and using "--keep-going", errors were
sometimes missed due to all.sh always returning 0 "success" return code.
Return 1 if there is any failure encountered during a "keep-going" run.
2018-07-23 10:24:31 +01:00
Simon Butcher
7c6b84102d
Expand i386 all.sh tests to full config ASan builds
...
The i386 test builds were only building the default configuration and had
no address sanitisation. This commit expands the test configuration to the full
configuration in all.sh and builds with ASan for when the test suites are
executed.
2018-07-20 21:34:04 +01:00
Simon Butcher
48883cd800
Merge remote-tracking branch 'public/pr/1780' into mbedtls-2.7
2018-07-20 14:40:51 +01:00
Dawid Drozd
2ba7d8ed2d
Remove unnecessary mark as unused #1098 (backport)
2018-07-20 14:08:02 +02:00
Simon Butcher
e9aa8c1d6d
Merge remote-tracking branch 'public/pr/1838' into mbedtls-2.7
2018-07-19 20:01:33 +01:00
Simon Butcher
7924d93209
Fix ChangeLog entry for issue #1663
...
The ChangeLog entry was under the wrong version, and under Changes, not
Bug Fixes.
2018-07-19 19:54:18 +01:00
Simon Butcher
bc5ec41c01
Merge remote-tracking branch 'public/pr/1847' into mbedtls-2.7
2018-07-19 19:48:25 +01:00
Simon Butcher
cd9a2c6dd1
Merge remote-tracking branch 'public/pr/1848' into mbedtls-2.7
2018-07-19 16:17:07 +01:00
Simon Butcher
be347c6e21
Merge remote-tracking branch 'public/pr/1849' into mbedtls-2.7
2018-07-19 16:13:07 +01:00
Ron Eldor
8839e31fbc
Update ChangeLog
...
Remove extra entries added by a bad cherry-pick.
2018-07-17 14:13:53 +03:00