yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
10224 commits 1 branch 0 tags 94 MiB
Commit graph

10224 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andres Amaya Garcia
e58532e1db Favour DEPRECATED_REMOVED over DEPRECATED_WARNING 2020-01-30 10:16:15 +01:00
Andres Amaya Garcia
88c2cc7213 Deprecate MBEDTLS_SSL_PROTO_SSL3 2020-01-30 10:16:15 +01:00
Andres Amaya Garcia
09634248cb Deprecate MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO 2020-01-30 10:16:13 +01:00
Manuel Pégourié-Gonnard
d020bfc396
Merge pull request #2949 from zfields/patch-1 
[cmake] Propagate public headers
 2020-01-30 09:53:16 +01:00
Janos Follath
ba1150f822 Merge pull request #2995 from gilles-peskine-arm/coverity-20200115-tls into development 2020-01-29 14:51:24 +00:00
Gilles Peskine
907e95aa20 Clarify that what we're dropping is pkcs11-helper support 
The PKCS11 module does not directly interface with PKCS#11 (also known
as Cryptoki), but with the pkcs11-helper library.
 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
312431b398 Fix typo in doxy docs for ssl_pkcs11_sign() 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
b37268d916 Add missing docs to PKCS#11 public funcs 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
9fc82efc6c Wrap PKCS1 module with DEPRECATED_REMOVED 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
99fc3876ed Fix deprecated docs for PKCS1 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
0d6e108b13 Deprecate MBEDTLS_PKCS11_C functions 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
2047cd9ed6 Add ChangeLog entry for MBEDTLS_PKCS11_C deprecation 2020-01-29 09:40:32 +01:00
Andres Amaya Garcia
be3a4406d2 Deprecate MBEDTLS_PKCS11_C feature 2020-01-29 09:38:31 +01:00
Jaeden Amero
c0c92fea3d
Merge pull request #3008 from jp-bennett/development 
Allow loading symlinked certificates
 2020-01-28 15:55:33 +00:00
Jaeden Amero
bfc73bcfd2
Merge pull request #2988 from piotr-now/iotssl-2954-custom-io-callbacks-to-ssl-unit-test 
Changes in custom IO callbacks used in unit tests
 2020-01-28 14:46:13 +00:00
Piotr Nowicki
d796e19d3b Fix memory allocation fail in TCP mock socket 
Because two buffers were aliased too early in the code, it was possible that
after an allocation failure, free() would be called twice for the same pointer.
 2020-01-28 13:04:21 +01:00
Janos Follath
4c987e2c83
Merge pull request #2993 from yanesca/bump-version-2.20.0 
Bump version to Mbed TLS 2.20.0
 2020-01-28 11:31:57 +00:00
Manuel Pégourié-Gonnard
042c5e4217
Merge pull request #3000 from gilles-peskine-arm/changelog-2.20.0 
Add changelog entries for the crypto changes in 2.20.0
 2020-01-28 09:38:30 +01:00
Zachary J. Fields
96134effea
Update ChangeLog 2020-01-27 16:12:02 -06:00
Janos Follath
4c736fb6a8 Update Mbed Crypto SO version 
The recent update changed the Mbed Crypto SO version, get Mbed TLS in
sync.
 2020-01-27 16:37:14 +00:00
Janos Follath
ceceedb532 Update Mbed Crypto to 3.0.1 2020-01-27 16:23:55 +00:00
Gilles Peskine
e3b285d2c8 Add crypto security fixes merged after mbedcrypto-3.0.0 2020-01-27 14:24:19 +01:00
Jaeden Amero
62236d7651 Add ChangeLog entry 
Add a ChangeLog entry for Jonathan Bennett's contribution which allows
loading symlinked certificates.
 2020-01-24 18:20:56 +00:00
Jonathan Bennett
fdc16f36b4 Allow loading symlinked certificates 
When mbedtls_x509_crt_parse_path() checks each object in the supplied path, it only processes regular files. This change makes it also accept a symlink to a file. Fixes #3005.

This was observed to be a problem on Fedora/CentOS/RHEL systems, where the ca-bundle in the default location is actually a symlink.
 2020-01-24 09:12:03 -06:00
Manuel Pégourié-Gonnard
f2e2902c5a Add detection for zlib headers to all.sh 2020-01-24 10:44:13 +01:00
Manuel Pégourié-Gonnard
c40b685837 Fix bug in record decompression 
ssl_decompress_buf() was operating on data from the ssl context, but called at
a point where this data is actually in the rec structure. Call it later so
that the data is back to the ssl structure.
 2020-01-24 10:44:13 +01:00
Manuel Pégourié-Gonnard
342d2ca9ab Add test for record compression in ssl-opt.sh 
Deprecated but still needs to be tested.
 2020-01-24 10:44:13 +01:00
Manuel Pégourié-Gonnard
95e04490fa Add all.sh components with ZLIB enabled 
ZLIB support is deprecated, but until it's removed it should still be tested.
 2020-01-24 10:44:13 +01:00
Gilles Peskine
80fcacebdb Add changelog entry for the zlib support fix 2020-01-24 09:35:01 +01:00
jiblime
9f25b8deff Fixes definition error when the deprecated MBEDTLS_ZLIB_SUPPORT and ENABLE_ZLIB_SUPPORT macro are defined/enabled for zlib support in mbedtls 
100% tests passed, 0 tests failed out of 85

https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.19.1/library/ssl_tls.c#L1842

https://github.com/ARMmbed/mbedtls/blob/mbedtls-2.19.1/library/ssl_tls.c#L1862
 2020-01-24 09:34:06 +01:00
Gilles Peskine
50f577067c Fix GitHub repository indications for crypto changes in 2.20 
The content was originally written for mbed-crypto. Change pull
request references to be relative to mbedtls instead.
 2020-01-22 19:02:59 +01:00
Gilles Peskine
8c7d2c25a4 Remove markdown artifacts 2020-01-22 19:02:09 +01:00
Gilles Peskine
4073d4e529 Add changelog entry for the unchecked mbedtls_md call 2020-01-22 18:58:20 +01:00
Gilles Peskine
6a4c340c36 Add changelog entries for the crypto changes in 2.20.0 
Describe changes between mbedcrypto-2.0.0 (version in Mbed TLS 2.19.0)
and mbedcrypto-3.0.0 (version in Mbed TLS 2.20.0).
 2020-01-22 18:28:24 +01:00
Philippe Antoine
8b1ed1cf0e Adds explicit include to stdlib.h for abort 2020-01-22 16:22:36 +01:00
Piotr Nowicki
890b5ca330 Change non-blocking read/write in TCP mock socket 
Previously mocked non-blocking read/write was returning 0 when buffer was empty/full. That was causing ERR_SSL_CONN_EOF error in tests which was using these mocked callbacks. Beside that non-blocking read/write was returning ERR_SSL_WANT_READ/_WRITE depending on block pattern set by test design. Such behavior forced to redesign of these functions so that they could be used in other tests
 2020-01-22 14:15:17 +01:00
Philippe Antoine
7d4bd6f15f Checks mbedtls_rsa_export_crt return in fuzz targets 2020-01-22 14:14:18 +01:00
Philippe Antoine
66070bc19d Checks mbedtls_rsa_export return in fuzz targets 2020-01-22 13:54:56 +01:00
Piotr Nowicki
fb437d72ef Fix segmentation fault in mbedtls_test_buffer 
This error occurs when free space in the buffer is in the middle (the buffer has come full circle) and function mbedtls_test_buffer_put is called. Then the arguments for memcpy are calculated incorrectly and program ends with segmentation fault
 2020-01-22 13:25:36 +01:00
Andrzej Kurek
bc483dea84 Add a message-based socket mock connection to the ssl tests 
The connection will send/receive full messages.
 2020-01-22 06:38:03 -05:00
Andrzej Kurek
13719cdae4 Add a message metadata queue in ssl tests 
Add a metadata queue that will be used on top of the ring buffer callbacks.
Add normal and negative tests.
 2020-01-22 06:36:39 -05:00
Andrzej Kurek
f7774146b6 ssl test suite: enable dropping bytes from buffer 
Add an option to not pass any buffer to mbedtls_test_buffer_get to drop data.
 2020-01-22 06:34:59 -05:00
Gilles Peskine
9c673233bc Fix outcome file leak if execute_tests exits early 
If there was a fatal error (bizarre behavior from the standard
library, or missing test data file), execute_tests did not close the
outcome file. Fix this.
 2020-01-21 18:03:56 +01:00
Gilles Peskine
2ac4d86040 Fix file leak in test program 
A similar bug was fixed earlier in ssl_server2, but we missed the fix
in ssl_client2.
 2020-01-21 17:39:52 +01:00
Gilles Peskine
b08e44fda7 Add missing return code check on call to mbedtls_md() 2020-01-21 16:56:14 +01:00
Janos Follath
83f33d33eb Bump version to Mbed TLS 2.20.0 2020-01-20 14:52:29 +00:00
Jaeden Amero
dbcb44202c Update Mbed Crypto to 3.0.0 2020-01-15 18:08:44 +00:00
Jaeden Amero
d56a2af3f8 Add date to ChangeLog for 2.20.0 release 2020-01-15 18:07:20 +00:00
Janos Follath
dbd3304e8f Merge branch 'development' into development-restricted 2020-01-15 16:06:15 +00:00
Jaeden Amero
252faff19f
Merge pull request #2966 from dgreen-arm/fix-pylint-warnings 
Sideport: Fix some pylint warnings
 2019-12-20 16:07:07 +00:00