Manuel Pégourié-Gonnard
535553e7d8
Merge remote-tracking branch 'public/pr/1184' into development
...
* public/pr/1184:
Add --no-yotta option to all.sh
Fix build without MBEDTLS_FS_IO
2017-12-18 11:42:30 +01:00
Gilles Peskine
12c49c7f7c
compat.sh: use wait_server_start
...
Port wait_server_start from ssl-opt.sh to compat.sh, instead of just
using "sleep 1". This solves the problem that on a heavily loaded
machine, sleep 1 is sometimes not enough (we had CI failures because
of this). This is also faster on a lightly-loaded machine (execution
time reduced from ~8min to ~6min on my machine).
2017-12-14 19:02:00 +01:00
Gilles Peskine
418b536028
wait_server_start: minor efficiency improvement
...
In wait_server_start, fork less. When lsof is present, call it on the
expected process. This saves a few percent of execution time on a
lightly loaded machine. Also, sleep for a short duration rather than
using a tight loop.
2017-12-14 18:58:42 +01:00
Hanno Becker
1434a365a6
Don't split error code description across multiple lines
2017-12-13 11:24:49 +00:00
Gilles Peskine
86ffd80456
Register new error code in error.h
2017-12-10 20:04:13 +01:00
Hanno Becker
5dcae51cd9
Add affiliation of bug reporter to credits in the ChangeLog
2017-12-07 15:03:22 +00:00
Hanno Becker
25d6d1a1df
Correct record header size in case of TLS
...
The previous commit reduced the internal header size to 5 bytes in case of
TLS. This is not a valid since in that situation Mbed TLS internally uses the
first 8 bytes of the message buffer for the implicit record sequence number.
2017-12-07 08:22:51 +00:00
Hanno Becker
a5e68979ca
Resolve integer type conversion problem on MSVC
...
MSVC rightfully complained that there was some conversion from `size_t`
to `unsigned int` that could come with a loss of data. This commit
re-types the corresponding struct field `ctx_buffer::len` to `size_t`.
Also, the function `ctx_buffer_append` has an integer return value
which is supposed to be the (positive) length of the appended data
on success, and a check is inserted that the data to be appended does
not exceed MAX_INT in length.
2017-12-06 08:37:39 +00:00
Gilles Peskine
880c6e74a1
Merge branch 'development' into development-restricted
2017-12-04 18:00:26 +00:00
Gilles Peskine
d629411212
Merge branch 'pr_920' into development
2017-12-01 23:46:58 +01:00
Gilles Peskine
8acce85175
Added ChangeLog entry
2017-12-01 23:46:40 +01:00
Gilles Peskine
ff01e009e6
Merge branch 'pr_1043' into development
2017-12-01 23:42:17 +01:00
Gilles Peskine
b592f32291
Added ChangeLog entry
2017-12-01 23:40:28 +01:00
Gilles Peskine
e3783da0b2
Merge remote-tracking branch 'upstream-public/pr/1172' into development
2017-12-01 22:36:21 +01:00
Gilles Peskine
02e28fe0fd
Merge remote-tracking branch 'upstream-restricted/pr/425' into development-restricted
2017-12-01 17:58:12 +01:00
Gilles Peskine
da519251d4
Add --no-yotta option to all.sh
...
The Yotta tools break in some environments and it's useful to be able
to run the rest of all.sh nonetheless.
2017-11-30 14:24:33 +01:00
Gilles Peskine
832f349f93
Fix build without MBEDTLS_FS_IO
...
Fix missing definition of mbedtls_zeroize when MBEDTLS_FS_IO is
disabled in the configuration.
Introduced by e7707228b4
Merge remote-tracking branch 'upstream-public/pr/1062' into development
2017-11-30 12:03:27 +01:00
Gilles Peskine
0960f0663e
Merge branch 'development' into development-restricted
2017-11-29 21:07:55 +01:00
Gilles Peskine
0884f4811b
Merge remote-tracking branch 'upstream-public/pr/1141' into development
2017-11-29 20:50:59 +01:00
Gilles Peskine
183de312f9
Merge remote-tracking branch 'upstream-public/pr/895' into development
2017-11-29 20:49:21 +01:00
Hanno Becker
004198adb3
Update ChangeLog
2017-11-29 16:57:06 +00:00
Hanno Becker
1df4923eb1
Remove compile-time deprecation warning for TRUNCATED_HMAC_COMPAT
2017-11-29 16:55:56 +00:00
Hanno Becker
702dfbcf13
Improve documentation of truncated HMAC fallback option
2017-11-29 16:55:56 +00:00
Andres Amaya Garcia
c5380649d9
Change value of MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE
...
Change the value of the error MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE to
0x0023 to ensure the errors in the AES module are all in a continuous
range.
2017-11-29 10:42:49 +00:00
Ron Eldor
0728d69d6d
Change kB to KiB
...
Change the style of the units to KiB, according to
https://docs.mbed.com/docs/writing-and-publishing-guides/en/latest/units/
2017-11-29 12:08:35 +02:00
Gilles Peskine
7fb29b17c7
Merge branch 'development' into development-restricted
2017-11-28 18:46:09 +01:00
Gilles Peskine
4daffe236a
Merge branch 'pr_1025' into development
...
Merge PR #1025 + ChangeLog entry
2017-11-28 18:23:53 +01:00
Gilles Peskine
d742b74838
Add ChangeLog entry
2017-11-28 17:40:56 +01:00
Gilles Peskine
ea8d697fa2
Merge remote-tracking branch 'upstream-public/pr/1089' into development
...
Resolve trivial conflict due to additions in the same place in
tests/data_files/Makefile; minor comment/whitespace presentation
improvements.
2017-11-28 17:32:32 +01:00
Gilles Peskine
4b117d9c92
Merge remote-tracking branch 'upstream-public/pr/1055' into development
2017-11-28 17:23:37 +01:00
Gilles Peskine
f2421210a5
Merge remote-tracking branch 'upstream-public/pr/828' into development
2017-11-28 17:22:37 +01:00
Gilles Peskine
9c3573a962
Merge remote-tracking branch 'upstream-public/pr/988' into development
2017-11-28 17:08:03 +01:00
Gilles Peskine
f16de7d525
Merge remote-tracking branch 'upstream-public/pr/995' into development
2017-11-28 16:59:20 +01:00
Gilles Peskine
41e974178f
Merge remote-tracking branch 'upstream-restricted/pr/419' into development-restricted
...
Resolved simple conflicts caused by the independent addition of
calls to mbedtls_zeroize with sometimes whitespace or comment
differences.
2017-11-28 16:16:27 +01:00
Gilles Peskine
9c8ac0ce2c
Merge remote-tracking branch 'upstream-restricted/pr/404' into development-restricted
2017-11-28 15:50:02 +01:00
Ron Eldor
a0748019f1
Change KB to kB
...
Change KB to kB, as this is the proper way to write kilo bytes
2017-11-28 16:48:51 +02:00
Hanno Becker
6e5dd79a43
Fix compilation warning on MSVC
...
MSVC complains about the negation in `(uint32_t) -1u`. This commit fixes this by
using `(uint32_t) -1` instead.
2017-11-28 14:34:04 +00:00
Gilles Peskine
7ca6d1fdd4
Merge remote-tracking branch 'upstream-restricted/pr/399' into development-restricted
2017-11-28 14:17:53 +01:00
Gilles Peskine
c753f5daf4
Merge remote-tracking branch 'upstream-restricted/pr/369' into development-restricted
2017-11-28 14:16:47 +01:00
Gilles Peskine
80441c666f
Merge branch 'iotssl-1419-safermemcmp-volatile' into development-restricted
2017-11-28 13:52:33 +01:00
Gilles Peskine
d4755deafa
add changelog entry
2017-11-28 13:31:12 +01:00
Hanno Becker
63073aa3d3
Don't require P,Q in rsa_private in case of non-blinded non-CRT
...
For non-CRT, P and Q are only used for the purpose of blinding the exponent.
2017-11-27 15:33:18 +00:00
Gilles Peskine
2507267cd4
Merge branch 'development' into development-restricted
2017-11-24 16:05:49 +01:00
Gilles Peskine
e7707228b4
Merge remote-tracking branch 'upstream-public/pr/1062' into development
2017-11-24 15:35:50 +01:00
Gilles Peskine
7635cde35c
Merge branch 'development' into development-restricted
2017-11-23 20:06:04 +01:00
Gilles Peskine
68306ed31f
Merge remote-tracking branch 'upstream-public/pr/1094' into development
2017-11-23 20:02:46 +01:00
Gilles Peskine
1a2640c025
Merge branch 'iotssl-1368-unsafe-bounds-check-psk-identity-merge' into development-restricted
2017-11-23 18:58:30 +01:00
Gilles Peskine
dab611a7b1
ChangeLog entry for ssl_parse_client_psk_identity fix
2017-11-23 18:53:55 +01:00
Manuel Pégourié-Gonnard
bfa8df4c7e
Merge remote-tracking branch 'restricted/pr/416' into development-restricted
...
* restricted/pr/416:
RSA PSS: remove redundant check; changelog
RSA PSS: fix first byte check for keys of size 8N+1
RSA PSS: fix minimum length check for keys of size 8N+1
RSA: Fix another buffer overflow in PSS signature verification
RSA: Fix buffer overflow in PSS signature verification
2017-11-23 12:10:01 +01:00
Hanno Becker
4c2ac7ef58
Deprecate MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
2017-11-21 18:28:35 +00:00