Manuel Pégourié-Gonnard
758f490c90
Fix potential buffer overflow in asn1write
...
Ref: IOTSSL-519
backport of 22c3b7b
2015-10-27 11:47:37 +01:00
Manuel Pégourié-Gonnard
215a14bf29
Fix potential heap corruption on Windows
...
If len is large enough, when cast to an int it will be negative and then the
test if( len > MAX_PATH - 3 ) will not behave as expected.
Ref: IOTSSL-518
backport of 261faed725
2015-10-27 11:47:37 +01:00
Manuel Pégourié-Gonnard
9c52176776
Fix potential double-free in ssl_set_psk()
...
Internal ref: IOTSSL-517
2015-10-27 11:47:37 +01:00
Manuel Pégourié-Gonnard
f093bde91e
Bump version to 1.3.14
2015-10-05 19:06:46 +01:00
Manuel Pégourié-Gonnard
c5934272fc
Merge branch 'mbedtls-1.3' into mbedtls-1.3-restricted
...
* mbedtls-1.3:
Fix spurious #endif from previous cherry-pick
Fix macroization of inline in C++
Add missing warning in doc
Fix compile error in net.c with musl libc
2015-10-05 17:06:24 +01:00
Simon Butcher
36abef4c5c
Merge multiple backported vulnerability fixes
2015-10-05 16:44:59 +01:00
Manuel Pégourié-Gonnard
20607bb0fa
Fix macroization of inline in C++
...
When compiling as C++, MSVC complains about our macroization of a keyword.
Stop doing that as we know inline is always available in C++
2015-10-05 14:28:17 +01:00
Manuel Pégourié-Gonnard
614624790d
Fix compile error in net.c with musl libc
...
fixes #278
2015-10-05 14:15:46 +01:00
Manuel Pégourié-Gonnard
de9c8a5734
Fix potential overflow in CertificateRequest
2015-10-02 12:04:20 +02:00
Manuel Pégourié-Gonnard
c7e61a2e3f
Fix more typos in ChangeLog
2015-10-01 18:22:54 +02:00
Manuel Pégourié-Gonnard
6d6018383e
Fix typos in ChangeLog and comments
2015-10-01 18:20:55 +02:00
Manuel Pégourié-Gonnard
48ec2c7b5e
Fix potential overflow in base64_encode
2015-10-01 10:07:28 +02:00
Manuel Pégourié-Gonnard
5aff029f9d
Fix potential double-free in ssl_set_psk()
2015-10-01 09:58:50 +02:00
Simon Butcher
643a922c56
Reordered extension fields and added to ChangeLog
...
Reordered the transmission sequence of TLS extension fields in client hello
and added to ChangeLog.
2015-10-01 01:17:10 +01:00
Manuel Pégourié-Gonnard
9bf29bee22
Fix potential random malloc in pem_read()
2015-09-30 17:01:35 +02:00
Manuel Pégourié-Gonnard
59efb6a1b9
Fix potential buffer overflow in mpi_read_string()
...
Found by Guido Vranken.
Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB())
could result in far too few memory to be allocated, then overflowing the
buffer in the subsequent for loop.
Both integer overflows happen when slen is close to or greater than
SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system).
Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to
CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with
respect to future code changes.
2015-09-30 16:50:31 +02:00
Manuel Pégourié-Gonnard
7b4b2ac378
Fix stack buffer overflow in pkcs12
2015-09-30 16:46:07 +02:00
Simon Butcher
21823f9a69
Refined credits in ChangeLog for fuzzing issue
...
Changed GDS to Gotham Digital Science
2015-09-22 10:20:58 +01:00
Manuel Pégourié-Gonnard
df048c59cf
Bump version to 1.3.13
2015-09-17 11:53:14 +02:00
Manuel Pégourié-Gonnard
a701d2f5e9
Fix bug in server parsing point formats extension
...
There is only one length byte but for some reason we skipped two, resulting in
reading one byte past the end of the extension. Fortunately, even if that
extension is at the very end of the ClientHello, it can't be at the end of the
buffer since the ClientHello length is at most SSL_MAX_CONTENT_LEN and the
buffer has some more room after that for MAC and so on. So there is no
buffer overread.
Possible consequences are:
- nothing, if the next byte is 0x00, which is a comment first byte for other
extensions, which is why the bug remained unnoticed
- using a point format that was not offered by the peer if next byte is 0x01.
In that case the peer will reject our ServerKeyExchange message and the
handshake will fail.
- thinking that we don't have a common point format even if we do, which will
cause us to immediately abort the handshake.
None of these are a security issue.
The same bug was fixed client-side in fd35af15
Backport of f7022d1
2015-09-17 11:46:56 +02:00
Manuel Pégourié-Gonnard
a1cdcd2364
Add counter-measure against RSA-CRT attack
...
https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
backport of 5f50104
2015-09-09 12:23:47 +02:00
Manuel Pégourié-Gonnard
bb564e0fb4
Fix possible client crash on API misuse
2015-09-03 10:44:32 +02:00
Manuel Pégourié-Gonnard
5f6b2b67c4
Changelog entry for the previous commits
2015-09-01 19:40:02 +02:00
Manuel Pégourié-Gonnard
6512554f42
Fix handling of long PSK identities
...
backport from c3b5d83
see #238
2015-08-31 11:43:47 +02:00
Manuel Pégourié-Gonnard
6432c7e782
Fix memory corruption in rsa sign/verify programs
...
backport from d74c697
see #210
2015-08-31 11:30:07 +02:00
Manuel Pégourié-Gonnard
e217ceea38
Fix warning with MD/SHA ALT implementation
...
backport of 8b2641d
see #239
2015-08-31 11:22:47 +02:00
Manuel Pégourié-Gonnard
a67fd79e8f
Fix -Wshadow warnings
...
Backport of ea35666
and 824ba72
see #240
2015-08-31 11:07:51 +02:00
Manuel Pégourié-Gonnard
5efed09c5f
Fix possible unlock before lock in RSA
...
Backport of 1385a28
and 4d04cdc
see #257
2015-08-31 10:21:10 +02:00
Manuel Pégourié-Gonnard
89789be80f
Fix handling of new config option
...
fixes #256
2015-08-27 09:54:16 +02:00
Paul Bakker
3edec6c4ed
Prepare for 1.3.12 release
2015-08-11 13:22:10 +01:00
Manuel Pégourié-Gonnard
cc86ac5d56
Fix compile error with armcc5 --gnu
2015-08-10 12:10:39 +02:00
Manuel Pégourié-Gonnard
b5d77d3fd9
Accept a trailing space at end of PEM lines
...
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
2015-08-10 12:01:50 +02:00
Manuel Pégourié-Gonnard
1b1254fa05
Fix missing -static-libgcc when building dlls
2015-08-10 11:56:54 +02:00
Manuel Pégourié-Gonnard
a64b15ee73
Fix bug with cmake and old version of GCC
2015-08-10 11:35:02 +02:00
Manuel Pégourié-Gonnard
f0f399d66c
Up default server DHM size to 2048 bits
2015-07-03 17:45:57 +02:00
Manuel Pégourié-Gonnard
006f655218
Add forgotten programs in Makefile
...
Closes #209
2015-06-29 18:52:57 +02:00
Manuel Pégourié-Gonnard
9ea1b23cc4
Up min size of DHM params to 1024 bits on client
2015-06-29 18:52:57 +02:00
Manuel Pégourié-Gonnard
6c3ccf5fd0
Fix thread-safety issue in debug.c
...
Closes #203
2015-06-29 18:52:57 +02:00
Paul Bakker
19eef51487
Prepare for 1.3.11 release
2015-06-04 14:49:19 +02:00
Manuel Pégourié-Gonnard
dccb80b7e5
Fix compile errors with NO_STD_FUNCTIONS
2015-06-03 10:20:33 +01:00
Manuel Pégourié-Gonnard
f2ec505c34
Ack external bugfix in Changelog
2015-06-03 09:50:07 +01:00
Manuel Pégourié-Gonnard
3e87a9f57f
FIx misplaced Changelog entry (oops)
2015-06-03 09:48:26 +01:00
Manuel Pégourié-Gonnard
d22514e8f6
Fix contributor's name in Changelog
2015-06-02 12:59:59 +01:00
Manuel Pégourié-Gonnard
5866848092
Update ChangeLog for recent external bugfix
2015-06-02 09:08:35 +01:00
Manuel Pégourié-Gonnard
61977614d8
Fix memleak with repeated [gc]cm_setkey()
2015-05-27 17:40:16 +02:00
Manuel Pégourié-Gonnard
154b00b07b
Update Changelog for recent contribution
2015-05-11 21:05:36 +02:00
Manuel Pégourié-Gonnard
fa950c9480
fix bug in ssl_mail_client
2015-04-30 12:50:22 +02:00
Manuel Pégourié-Gonnard
159c524df8
Fix undefined behaviour in x509
2015-04-30 11:21:18 +02:00
Manuel Pégourié-Gonnard
7b12492c77
Include changes from the 1.2 branch
2015-04-30 10:16:19 +02:00
Manuel Pégourié-Gonnard
7d1e95c991
Add countermeasure against cache-based lucky 13
2015-04-29 17:07:31 +02:00