mbedtls

Author	SHA1	Message	Date
Eduardo Silva	e1bfffc4f6	x509_crt: handle properly broken links when looking for certificates On non-windows environments, when loading certificates from a given path through mbedtls_x509_crt_parse_path() function, if a symbolic link is found and is broken (meaning the target file don't exists), the function is returning MBEDTLS_ERR_X509_FILE_IO_ERROR which is not honoring the default behavior of just skip the bad certificate file and increase the counter of wrong files. The problem have been raised many times in our open source project called Fluent Bit which depends on MbedTLS: https://github.com/fluent/fluent-bit/issues/843#issuecomment-486388209 The expected behavior is that if a simple certificate cannot be processed, it should just be skipped. This patch implements a workaround with lstat(2) and stat(2) to determinate first if the entry found in the directory is a symbolic link or not, if is a simbolic link, do a proper stat(2) for the target file, otherwise process normally. Upon find a broken symbolic link it will increase the counter of not processed certificates. Signed-off-by: Eduardo Silva <eduardo@treaure-data.com>	2022-07-20 14:36:12 +01:00
Ronald Cron	d5b1eb51db	Merge pull request #6078 from yuhaoth/pr/add-tls13-paser-psk-kex-mode-ext TLS 1.3: PSK: Add parser of psk kex mode ext on server side	2022-07-18 11:34:24 +02:00
Jerry Yu	854dd9e23f	fix comment issue Co-authored-by: Xiaokang Qian <53458466+xkqian@users.noreply.github.com> Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-15 14:38:38 +08:00
Paul Elliott	0b5f4950cc	Merge pull request #5953 from tuvshinzayaArm/update-document-PSA_ALG_RSA_PSS Update documentation of PSA_ALG_RSA_PSS	2022-07-14 10:40:21 +01:00
Jerry Yu	c52e3bd93b	Improve comment Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-14 10:49:47 +08:00
Jerry Yu	299e31f10e	fix various issue - remove unused test case - add alert message - improve readabitlity Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-13 23:06:36 +08:00
Dave Rodgman	0dca5ef773	Merge pull request #6081 from daverodgman/assemble-cl-case Fix case of Mbed TLS in assemble_changelog.py	2022-07-12 16:48:20 +01:00
Paul Elliott	72fa1c23ed	Merge pull request #960 from paul-elliott-arm/merge-into-3.2.1 Merge 3.2.1 into development	2022-07-12 16:24:10 +01:00
Paul Elliott	af4b90db3f	Revert "Add missing library/psa_crypto_driver_wrappers.c" This reverts commit `c2a9387110` Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 11:30:17 +01:00
Paul Elliott	81c69b547a	Revert "Revert "Revert "Add generated files for 3.2.0 release""" This reverts commit `185d24ba0e`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 11:29:34 +01:00
Jerry Yu	fe52e55301	redirect stderr output in ubuntu22.04 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-12 09:53:37 +00:00
Jerry Yu	e36397d13b	add tests for psk_key_exchange_mode To confirm, psk_key_exchange_modes were received and parsed. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-12 09:53:36 +00:00
Jerry Yu	e19e3b9eb8	Add psk_key_exchange_modes parser Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-07-12 09:53:35 +00:00
Paul Elliott	869298bffe	Add 3.2.1 Changelog Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 10:51:55 +01:00
Paul Elliott	cd08ba0326	Bump version to 3.2.1 Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 10:51:55 +01:00
Dave Rodgman	c2a9387110	Add missing library/psa_crypto_driver_wrappers.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-12 10:51:55 +01:00
Dave Rodgman	185d24ba0e	Revert "Revert "Add generated files for 3.2.0 release"" This reverts commit `7adb8cbc0e`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-12 10:51:44 +01:00
Paul Elliott	6dc7cdfdd1	Merge pull request #959 from paul-elliott-arm/merge-into-3.2.0 Merge 3.2.0 into development	2022-07-11 20:01:18 +01:00
Paul Elliott	7adb8cbc0e	Revert "Add generated files for 3.2.0 release" This reverts commit `cb21f2eab3`. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 18:18:30 +01:00
Paul Elliott	3aef7670b7	Merge pull request #957 from paul-elliott-arm/mbedtls-3.2.0rc0-pr Mbedtls 3.2.0rc0 PR	2022-07-11 15:45:03 +01:00
Paul Elliott	cb21f2eab3	Add generated files for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:56:01 +01:00
Paul Elliott	f14b742689	Update BRANCHES.md for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:56:01 +01:00
Paul Elliott	20362cd1ca	Bump library and so versions for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:56:01 +01:00
Paul Elliott	2238eed2d9	Update Changelog for 3.2.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:55:59 +01:00
Paul Elliott	2089fd0ea9	Rename Changelog entries that don't have .txt extension Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:52:54 +01:00
Paul Elliott	237c87ba0e	Add missing Changelog entries Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 13:52:28 +01:00
Paul Elliott	f518f81d41	Ensure return for mbedtls_ssl_write_alpn_ext() is checked Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 12:37:47 +01:00
Dave Rodgman	ca9556bff1	Fix case of Mbed TLS in assemble_changelog.py Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-11 11:39:21 +01:00
Paul Elliott	9a8d78419f	Fixup test tls13_server_certificate_msg_invalid_vector_len The parameters for init_handshake_options had changed on the development branch after this test was created, so fixing up this test in order to correct build failures after merge. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-11 11:34:14 +01:00
Paul Elliott	20ccd6e8bb	Merge remote-tracking branch 'origin/development' into mbedtls-3.2.0rc2-pr Merge missing commits from development into release	2022-07-11 11:29:32 +01:00
Ronald Cron	ce7d76e2ee	Merge remote-tracking branch 'mbedtls-restricted/development-restricted' into mbedtls-3.2.0rc0-pr	2022-07-11 10:22:37 +02:00
Paul Elliott	a343d34f0d	Merge pull request #6077 from paul-elliott-arm/fix_generate_debug_helpers_pylint Fix formatting of generate_ssl_debug_helpers.py	2022-07-08 22:28:41 +01:00
Paul Elliott	4a49651860	Fix formatting of generate_ssl_debug_helpers.py Satisfy pylint formatting errors Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-08 20:45:39 +01:00
Dave Rodgman	391e33ac93	Merge pull request #6076 from paul-elliott-arm/fix_generate_debug_helpers Fix generation of ssl_debug_helpers	2022-07-08 17:55:51 +01:00
Paul Elliott	fe9d43c21d	Fix generation of ssl_debug_helpers File was being generated with tabs rather than spaces which breaks release builds Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-08 17:27:25 +01:00
Paul Elliott	6e80e09bd1	Merge pull request #5915 from AndrzejKurek/cid-resumption-clash Fix DTLS 1.2 session resumption	2022-07-06 15:03:36 +01:00
Andrzej Kurek	1ce9ca0630	Changelog rewording Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 06:50:30 -04:00
Andrzej Kurek	21b50808cd	Clarify the need for calling mbedtls_ssl_derive_keys after extension parsing Use a more straightforward condition to note that session resumption is happening. Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 03:26:55 -04:00
Paul Elliott	826762e315	Merge pull request #5765 from leorosen/fix-some-resource-leaks Fix resource leaks	2022-07-05 23:12:02 +01:00
Andrzej Kurek	3a29e9cf57	Improve changelog wording Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-05 10:49:10 -04:00
Dave Rodgman	c6a4a1cc13	Merge pull request #6011 from gabor-mezei-arm/coverity_22_07_01 Fix uninitialised memory access in test	2022-07-05 13:59:34 +01:00
Andrzej Kurek	ddb8cd601d	test_suite_ssl: Fix handshake options cleanup Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 16:07:28 -04:00
Manuel Pégourié-Gonnard	0358597589	Merge pull request #5757 from mpg/update-doc-use-psa Update "use PSA" documentation (inc. strategy)	2022-07-04 17:59:00 +02:00
Andrzej Kurek	9dc4402afa	test_suite_ssl: zeroize the cache pointer in case if the struct memory gets reused Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:40:15 -04:00
Andrzej Kurek	1e085686ec	test_suite_ssl: remove unnecessary user data checks Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:40:09 -04:00
Andrzej Kurek	3d0d501517	test_suite_ssl: prefer ASSERT_ALLOC over malloc Fix formatting for option initialization Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:39:34 -04:00
Andrzej Kurek	2e1a232261	Fix changelog wording Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	92d7417d89	Formatting fixes Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	e11acb2c9b	test_suite_ssl: add proper cache cleanup Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00
Andrzej Kurek	e8ad0d7d42	Disable bad session id length test in TLS 1.3 Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-04 10:21:59 -04:00

1 2 3 4 5 ...

20509 commits