Gilles Peskine
4daffe236a
Merge branch 'pr_1025' into development
...
Merge PR #1025 + ChangeLog entry
2017-11-28 18:23:53 +01:00
Gilles Peskine
d742b74838
Add ChangeLog entry
2017-11-28 17:40:56 +01:00
Gilles Peskine
ea8d697fa2
Merge remote-tracking branch 'upstream-public/pr/1089' into development
...
Resolve trivial conflict due to additions in the same place in
tests/data_files/Makefile; minor comment/whitespace presentation
improvements.
2017-11-28 17:32:32 +01:00
Gilles Peskine
4b117d9c92
Merge remote-tracking branch 'upstream-public/pr/1055' into development
2017-11-28 17:23:37 +01:00
Gilles Peskine
f2421210a5
Merge remote-tracking branch 'upstream-public/pr/828' into development
2017-11-28 17:22:37 +01:00
Gilles Peskine
9c3573a962
Merge remote-tracking branch 'upstream-public/pr/988' into development
2017-11-28 17:08:03 +01:00
Gilles Peskine
e7707228b4
Merge remote-tracking branch 'upstream-public/pr/1062' into development
2017-11-24 15:35:50 +01:00
Gilles Peskine
68306ed31f
Merge remote-tracking branch 'upstream-public/pr/1094' into development
2017-11-23 20:02:46 +01:00
Simon Butcher
6f63db7ed5
Fix changelog for ssl_server2.c usage fix
2017-10-12 23:22:17 +01:00
Gilles Peskine
085c10afdb
Allow comments in test data files
2017-10-12 23:22:17 +01:00
Andres Amaya Garcia
735b37eeef
Correctly handle leap year in x509_date_is_valid()
...
This patch ensures that invalid dates on leap years with 100 or 400
years intervals are handled correctly.
2017-10-12 23:21:37 +01:00
Ron Eldor
73a381772b
Parse Signature Algorithm ext when renegotiating
...
Signature algorithm extension was skipped when renegotiation was in
progress, causing the signature algorithm not to be known when
renegotiating, and failing the handshake. Fix removes the renegotiation
step check before parsing the extension.
2017-10-12 23:21:37 +01:00
Gilles Peskine
4552bf7558
Allow comments in test data files
2017-10-12 23:20:56 +01:00
Simon Butcher
16373a5933
Fix changelog for ssl_server2.c usage fix
2017-10-06 11:59:13 +01:00
Simon Butcher
2c4f9460ea
Update ChangeLog for fix to #836
2017-10-06 11:59:13 +01:00
Hanno Becker
1a9a51c7cf
Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
...
Add a reference to the relevant RFC, adapt ChangeLog.
2017-10-06 11:58:50 +01:00
Gilles Peskine
b04e2c3d81
Allow comments in test data files
2017-10-06 11:58:50 +01:00
Hanno Becker
86e5230e54
Adapt ChangeLog
2017-10-05 09:08:53 +01:00
Hanno Becker
041a6b030f
Adapt ChangeLog
2017-09-28 14:52:26 +01:00
Hanno Becker
930025da6d
Adapt ChangeLog
2017-09-18 16:12:28 +01:00
Andres Amaya Garcia
f569f701c2
Fix ChangeLog entry
2017-09-14 20:20:21 +01:00
Andres Amaya Garcia
06fc6650f4
Add ChangeLog entry
2017-09-14 20:20:15 +01:00
Hanno Becker
f28dc2f900
Adapt ChangeLog
2017-09-04 13:07:52 +01:00
Ron Eldor
f231eaae28
Add configuration file in md.h
...
include `*config.h*` in md.h as MACROS in the header file get ignored.
Fix for #1001 .
2017-08-22 14:50:14 +03:00
Simon Butcher
72ea31b026
Update version number to 2.6.0
2017-08-10 11:51:16 +01:00
Simon Butcher
01971d094e
Fix language in Changelog for clarity
2017-08-10 10:48:01 +01:00
Hanno Becker
85b602e5d0
Improve documentation of PKCS1 decryption functions
...
Document the preconditions on the input and output buffers for
the PKCS1 decryption functions
- mbedtls_rsa_pkcs1_decrypt,
- mbedtls_rsa_rsaes_pkcs1_v15_decrypt
- mbedtls_rsa_rsaes_oaep_decrypt
2017-08-01 22:48:41 +01:00
Simon Butcher
3f2557e6f1
Fix style and missing item in ChangeLog
2017-08-01 18:06:12 +01:00
Simon Butcher
a418e82a35
Add credit to Changelog to fix for #666
2017-07-28 23:52:10 +01:00
Simon Butcher
9fae22269b
Fix ChangeLog for duplication after merge
2017-07-28 22:32:23 +01:00
Hanno Becker
61937d4a83
Rename time and index parameter to avoid name conflict.
...
As noted in #557 , several functions use 'index' resp. 'time'
as parameter names in their declaration and/or definition, causing name
conflicts with the functions in the C standard library of the same
name some compilers warn about.
This commit renames the arguments accordingly.
2017-07-28 22:28:08 +01:00
Hanno Becker
7ec83df47f
Adapt ChangeLog
2017-07-28 22:28:08 +01:00
Andres AG
6b171e4aec
Fix potential integer overflow parsing DER CRT
...
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-28 22:28:04 +01:00
Andres AG
ce49a25033
Fix potential integer overflow parsing DER CRL
...
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-28 22:28:04 +01:00
Ron Eldor
a207e75089
Check return code of mbedtls_mpi_fill_random
...
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
2017-07-28 22:27:30 +01:00
Ron Eldor
7faf92a2fe
Resource leak fix on windows platform
...
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-28 22:27:30 +01:00
Ron Eldor
368d55c549
Wrong preproccessor condition fix
...
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-28 22:27:30 +01:00
Ron Eldor
d5a75f44a1
fix for issue 1118: check if iv is zero in gcm.
...
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-28 22:27:29 +01:00
Janos Follath
c08d9ddd55
Remove mutexes from ECP hardware acceleration
...
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.
Fixes #863
2017-07-28 22:27:29 +01:00
Simon Butcher
b060cc21b1
Reorder and group sections in the ChangeLog
2017-07-28 01:04:34 +01:00
Simon Butcher
00d3cc61a6
Fix merge errors in ChangeLog
2017-07-27 21:44:34 +01:00
Andres AG
2e3ddfac5f
Prevent signed integer overflow in CSR parsing
...
Modify the function mbedtls_x509_csr_parse_der() so that it checks the
parsed CSR version integer before it increments the value. This prevents
a potential signed integer overflow, as these have undefined behaviour
in the C standard.
2017-07-27 21:44:34 +01:00
Andres AG
80164741e1
Fix potential integer overflow parsing DER CRT
...
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
2017-07-27 21:44:34 +01:00
Andres AG
4f753c1186
Fix potential integer overflow parsing DER CRL
...
This patch prevents a potential signed integer overflow during the
CRL version verification checks.
2017-07-27 21:44:34 +01:00
Simon Butcher
256da0f0d8
Added missing credit to Changelog and format fixes
2017-07-27 21:44:34 +01:00
Ron Eldor
80697a0c11
Check return code of mbedtls_mpi_fill_random
...
Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740
2017-07-27 21:44:34 +01:00
Ron Eldor
b2d6e591f9
Resource leak fix on windows platform
...
Fix a resource leak on windows platform, in mbedtls_x509_crt_parse_path,
in case a failure. when an error occurs, goto cleanup, and free the
resource, instead of returning error code immediately.
2017-07-27 21:44:34 +01:00
Ron Eldor
5843db932d
Wrong preproccessor condition fix
...
Fix for issue #696
Change #if defined(MBEDTLS_THREADING_PTHREAD)
to #if defined(MBEDTLS_THREADING_C)
2017-07-27 21:44:34 +01:00
Ron Eldor
e13b224d17
fix for issue 1118: check if iv is zero in gcm.
...
1) found by roberto in mbedtls forum
2) if iv_len is zero, return an error
3) add tests for invalid parameters
2017-07-27 21:44:34 +01:00
Janos Follath
325294013f
Remove mutexes from ECP hardware acceleration
...
Protecting the ECP hardware acceleratior with mutexes is inconsistent with the
philosophy of the library. Pre-existing hardware accelerator interfaces
leave concurrency support to the underlying platform.
Fixes #863
2017-07-27 21:44:33 +01:00