The library/net.c and its corresponding include/mbedtls/net.h file are
renamed to library/net_sockets.c and include/mbedtls/net_sockets.h
respectively. This is to avoid naming collisions in projects which also
have files with the common name 'net'.
The main makefile check target does not depend on tests. When running
make with the -j option it could happen that the tests are build twice
and concurrently, which causes errors.
Allow the size of the entry_name character array in x509_crt.c to be
configurable through a macro in config.h. entry_name holds a
path/filename string. The macro introduced in
MBEDTLS_X509_MAX_FILE_PATH_LEN.
Changes to allow the entropy tests to work for configurations without an
entropy seed file (MBEDTLS_ENTROPY_NV_SEED), and with no entropy sources
configured (MBEDTLS_TEST_NULL_ENTROPY).
Ensure that the entropy self test always fails whenever
MBEDTLS_TEST_NULL_ENTROPY is defined. This is because the option is
meant to be for testing and development purposes rather than production
quality software. Also, this patch enhances the documentation for
mbedtls_entropy_source_self_test() and mbedtls_entropy_self_test().
Ideally, Makefile targets should be called irrespectively of their
execution order. In this sense, `clean` and `lib` should not be
passed both as target command line arguments in the same make
invocation. This is because out-of-order execution could cause a
failure. This change ensures that `clean` and `lib` are called in
separate executions of make in scripts/footprint.sh
When the output_env.sh script is executed, if any application wasn't found on
the path by hash, and error was being output, which as an error looked like
the script wasn't working.
This change redirects the output to stderr from hash to /dev/null to suppress
the error.
Also fixes a formatting error.
In some tests in ssl-opt.sh the client finishes sooner and the server
gets killed before it could reach certain errors. Consequently the
the script doesn't find the error it is looking for and the test fails.
To resolve this issue, we introduce a per-test option to wait after the
client finishes.
* Fix crypt_and_hash to support decrypting GCM encrypted files
* Fix documentation in crypt_and_hash for the generic case
* Remove unused lastn from crypt_and_hash
lastn is not used with the cipher layer as it already provides padding
and understanding of length of the original data.
Instead of polling the hardware entropy source a single time and
comparing the output with itself, the source is polled at least twice
and make sure that the separate outputs are different.
The self test is a quick way to check at startup whether the entropy
sources are functioning correctly. The self test only polls 8 bytes
from the default entropy source and performs the following checks:
- The bytes are not all 0x00 or 0xFF.
- The hardware does not return an error when polled.
- The entropy does not provide data in a patter. Only check pattern
at byte, word and long word sizes.
