Commit Graph

4157 Commits

Author SHA1 Message Date
Janos Follath
83f26052bf Fix non compliance SSLv3 in server extension handling.
The server code parses the client hello extensions even when the
protocol is SSLv3 and this behaviour is non compliant with rfc6101.
Also the server sends extensions in the server hello and omitting
them may prevent interoperability problems.
2016-05-23 14:50:15 +01:00
Janos Follath
b700c46750 Add a test for SSLv3 with extensions, server side
This test verifies if the server parses or sends extensions when
the protocol is SSLv3.
2016-05-23 14:43:54 +01:00
Paul Bakker
3b224ffd25 Split test into valgrind and no-valgrind version
Running valgrind on: "DTLS client reconnect from same port: reconnect,
nbio" results in timeouts.

New version added that runs only under valgrind. Original only runs when
valgrind is not used
2016-05-22 21:49:34 +01:00
Simon Butcher
6eb066ed56 Fixes RC4 config dependencies in tests in ssl-opt.h
Adds dependencies on MBEDTLS_REMOVE_ARC4_CIPHERSUITES for tests that
require RC4 to be disabled (the default config).
2016-05-19 22:25:42 +01:00
SimonB
493abdf692 Clarifies documentation on reported memory statistics 2016-05-05 17:55:19 +01:00
SimonB
991244cd7b Fixes memory leak in memory_buffer_alloc.c debug
Debug symbols were being leaked in memory_buffer_alloc.c
2016-05-05 17:51:09 +01:00
Attila Molnar
c7b8e3af53 Fix minor doc issue 2016-05-05 17:50:17 +01:00
Simon Butcher
d58d715680 Update ChangeLog for bug #429 in ssl_fork_server 2016-04-29 00:15:34 +01:00
Janos Follath
c89a62e809 Improves and makes pretty the ssl_fork_server output 2016-04-28 23:57:42 +01:00
Janos Follath
56a7347841 Fix issue #429 in ssl_fork_server.c 2016-04-28 23:57:28 +01:00
Janos Follath
e9d5510f05 Fix bug in ssl_write_supported_elliptic_curves_ext
Passing invalid curves to mbedtls_ssl_conf_curves potentially could caused a
crash later in ssl_write_supported_elliptic_curves_ext. #373
2016-04-22 09:55:32 +01:00
Janos Follath
689a627215 Fix null pointer dereference in the RSA module.
Introduced null pointer checks in mbedtls_rsa_rsaes_pkcs1_v15_encrypt
2016-04-19 10:20:59 +01:00
Simon Butcher
0705dd0588 Adds test for odd bit length RSA key size
Also tidy up ChangeLog following review.
2016-04-19 09:19:46 +01:00
Janos Follath
1a59a504e7 Fix odd bitlength RSA key generation
Fix issue that caused a hang up when generating RSA keys of odd
bitlength.
2016-04-19 09:19:21 +01:00
Janos Follath
365b226a56 x509: trailing bytes in DER: add integration tests 2016-03-15 23:49:46 +00:00
Janos Follath
f6f5441fd1 x509: trailing bytes in DER: correct a unit test
One of the unit test was failing, because it was testing behavior
that was part of the bug. Updated the return value to the correct one
2016-03-15 23:48:25 +00:00
Janos Follath
16734f011b x509: trailing bytes in DER: fix bug
Fix bug in mbedtls_x509_crt_parse that caused trailing extra data in the
buffer after DER certificates to be included in the raw representation. #377
2016-03-15 23:47:36 +00:00
Simon Butcher
02b8d481f6 Adapt SSLv3 test configuration for new default
Removed SSLv3 test suites from system tests in 'compat.sh' script, and
added SSLv3 specific tests to 'all.sh'
2016-03-15 20:39:52 +00:00
Janos Follath
542ee5d8f3 Update default configuration
Change the default settings for SSL and modify the tests accordingly.
2016-03-07 16:34:25 +00:00
Manuel Pégourié-Gonnard
f10f85f676 Add test for yotta debug build 2016-01-08 15:08:49 +01:00
Manuel Pégourié-Gonnard
5ae028550f Make check-names.sh happy 2016-01-08 15:08:49 +01:00
Manuel Pégourié-Gonnard
7715e669f1 Avoid build errors with -O0 due to assembly 2016-01-08 14:52:55 +01:00
Manuel Pégourié-Gonnard
bb81b4a009 Make ar invocation more portable
armar doesn't understand the syntax without dash. OTOH, the syntax with dash
is the only one specified by POSIX, and it's accepted by GNU ar, BSD ar (as
bundled with OS X) and armar, so it looks like the most portable syntax.

fixes #386
2016-01-08 14:52:14 +01:00
Manuel Pégourié-Gonnard
96ec00dd3a Update ChangeLog for latest PR merged
fixes #309
2016-01-08 14:51:51 +01:00
Janos Follath
79a1da6948 Improved on the previous fix and added a test case to cover both types
of carries.
2016-01-08 14:48:01 +01:00
Janos Follath
a65477d885 Removed recursion from fix #309. 2016-01-08 14:48:00 +01:00
Janos Follath
5429c0a7d0 Improved on the fix of #309 and extended the test to cover subroutines. 2016-01-08 14:48:00 +01:00
Janos Follath
d0e0c03520 Tests and fix added for #309 (inplace mpi doubling). 2016-01-08 14:47:16 +01:00
Manuel Pégourié-Gonnard
ddf118961a Update reference to attack in ChangeLog
We couldn't do that before the attack was public
2016-01-08 14:46:44 +01:00
Simon Butcher
543e4366bc Change version number to 2.1.4
Changed version for library files and yotta module
2016-01-04 22:41:11 +00:00
Manuel Pégourié-Gonnard
ff0a22bd9b Tune description of a change/bugfix in ChangeLog 2016-01-04 17:39:38 +01:00
Simon Butcher
fb1ad94b3f Corrected naming and text in doxygen rng module
Doxygen input file had incorrect function name for rng function
mbedtls_ctr_drbg_random(), and formatting was fixed.
2016-01-04 16:17:47 +00:00
Manuel Pégourié-Gonnard
4c9916b094 Fix doxygen warnings for generic names in config.h
When we use the same documentation for a list of #defines, we used to use a
generic name in the \def command. Use the first name of the list instead so
that doxygen stops complaining, and mention the generic name in the longer
description.

This is not entirely satisfactory as the full list of macros will not be
included in the generated doc, but it's still an improvement as at least the
first macro is documented now, with a hint that there are others.
2016-01-04 15:49:47 +00:00
Manuel Pégourié-Gonnard
2134d25070 Use a full config.h with doxygen
Otherwise we get warnings that some documentation items don't have
corresponding #define, and more importantly the corresponding snippets are not
included in the output.

For that we need a modified version of the "full" argument for config.pl.

Also, the new CMakeLists.txt target only works on Unix (which was already the
case of the Makefile target). Hopefully this is not an issue as people are
unlikely to need that target on Windows.
2016-01-04 15:49:22 +00:00
Manuel Pégourié-Gonnard
3bd5eb7567 Reintroduce line deleted by accident 2016-01-04 15:48:43 +00:00
Simon Butcher
a02fe7c2cc Various fixes to doxygen API generation
* Fixed incorrect file definitions
 * Corrected function naming in X.509 module definition
2016-01-04 15:48:12 +00:00
Simon Butcher
6189175900 Fix for MPI divide on MSVC
Resolves multiple platform issues when building bignum.c with Microsoft
Visual Studio.
2016-01-03 20:32:46 +00:00
Simon Butcher
28b35c02f7 Merge branch 'mbedtls-2.1'
Merge of fix for memory leak in RSA-SSA signing - #372
2016-01-01 23:37:07 +00:00
Simon Butcher
318daf0c7e Fix for memory leak in RSA-SSA signing
Fix in mbedtls_rsa_rsassa_pkcs1_v15_sign() in rsa.c. Resolves github issue #372
2016-01-01 23:15:10 +00:00
Simon Butcher
976794a212 Merge remote-tracking branch 'origin/mbedtls-2.1' into HEAD 2015-12-31 23:42:54 +00:00
Simon Butcher
8360433788 Merge branch 'iotssl-541-2.1-pathlen-bugfix' 2015-12-31 23:21:52 +00:00
Simon Butcher
c941b6cb31 Fix for unused variable warning 2015-12-28 01:29:10 +00:00
Simon Butcher
7ebe2781fe Fix for compiler warnings and style
Changes for C90 compliance, and style following review
2015-12-28 00:05:30 +00:00
Simon Butcher
59d2218f63 Clarification in ChangeLog 2015-12-23 18:53:21 +00:00
Simon Butcher
aa4114910a Merge 'iotssl-558-2.1-md5-tls-sigs-restricted' 2015-12-23 18:52:18 +00:00
Simon Butcher
35ea92dbc6 Merge 'iotssl-566-2.1-double-free-restricted'
Merge remote-tracking branch
'restricted/iotssl-566-2.1-double-free-restricted' into mbedtls-2.1
2015-12-23 16:49:46 +00:00
Simon Butcher
2bc3897a53 Typo in ChangeLog 2015-12-22 19:38:55 +00:00
Simon Butcher
e82ac57ef6 Merge remote-tracking branch 'origin/misc-2.1' into mbedtls-2.1 2015-12-22 19:36:17 +00:00
Simon Butcher
e103aa8a53 Added description of change to the Changelog
Also clarified some comments following review.
2015-12-16 01:51:01 +00:00
Manuel Pégourié-Gonnard
9055c1a011 Fix wrong length limit in GCM
See for example page 8 of
http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf

The previous constant probably came from a typo as it was 2^26 - 2^5 instead
of 2^36 - 2^5. Clearly the intention was to allow for a constant bigger than
2^32 as the ull suffix and cast to uint64_t show.

fixes #362
2015-12-10 15:08:37 +01:00