diff --git a/ChangeLog b/ChangeLog index 49e48491e..b331aa04e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,13 @@ PolarSSL ChangeLog += Version 1.1.1 released on 2012-01-23 +Bugfix + * Check for failed malloc() in ssl_set_hostname() and x509_get_entries() + (Closes ticket #47, found by Hugo Leisink) + * Fixed issues with Intel compiler on 64-bit systems (Closes ticket #50) + * Fixed multiple compiler warnings for VS6 and armcc + * Fixed bug in CTR_CRBG selftest + = Version 1.1.0 released on 2011-12-22 Features * Added ssl_session_reset() to allow better multi-connection pools of diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index c5d5507b1..456b5e617 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -1,10 +1,10 @@ -l/** +/** * @file * Main page documentation file. */ /** - * @mainpage PolarSSL v1.1.0 source code documentation + * @mainpage PolarSSL v1.1.1 source code documentation * * This documentation describes the internal structure of PolarSSL. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/polarssl.doxyfile b/doxygen/polarssl.doxyfile index 29f3656e1..41cb6e0fb 100644 --- a/doxygen/polarssl.doxyfile +++ b/doxygen/polarssl.doxyfile @@ -25,7 +25,7 @@ DOXYFILE_ENCODING = UTF-8 # The PROJECT_NAME tag is a single word (or a sequence of words surrounded # by quotes) that should identify the project. -PROJECT_NAME = "PolarSSL v1.1.0" +PROJECT_NAME = "PolarSSL v1.1.1" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/polarssl/asn1.h b/include/polarssl/asn1.h index 8daef5a70..bc7b6bba9 100644 --- a/include/polarssl/asn1.h +++ b/include/polarssl/asn1.h @@ -212,6 +212,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end, * \param p The position in the ASN.1 data * \param end End of data * \param cur First variable in the chain to fill + * \param tag Type of sequence * * \return 0 if successful or a specific ASN.1 error code. */ diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h index f830c087f..ad033084c 100644 --- a/include/polarssl/bignum.h +++ b/include/polarssl/bignum.h @@ -30,6 +30,8 @@ #include #include +#include "config.h" + #define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ #define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ #define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ @@ -95,12 +97,14 @@ typedef unsigned long t_udbl; #if defined(_MSC_VER) && defined(_M_IX86) typedef unsigned __int64 t_udbl; #else - #if defined(__amd64__) || defined(__x86_64__) || \ + #if defined(__GNUC__) && ( \ + defined(__amd64__) || defined(__x86_64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ia64__) || defined(__alpha__) || \ (defined(__sparc__) && defined(__arch64__)) || \ - defined(__s390x__) + defined(__s390x__) ) typedef unsigned int t_udbl __attribute__((mode(TI))); + #define POLARSSL_HAVE_LONGLONG #else #if defined(POLARSSL_HAVE_LONGLONG) typedef unsigned long long t_udbl; diff --git a/include/polarssl/bn_mul.h b/include/polarssl/bn_mul.h index f278dd04e..a6a2c65fb 100644 --- a/include/polarssl/bn_mul.h +++ b/include/polarssl/bn_mul.h @@ -41,7 +41,7 @@ #ifndef POLARSSL_BN_MUL_H #define POLARSSL_BN_MUL_H -#include "config.h" +#include "bignum.h" #if defined(POLARSSL_HAVE_ASM) diff --git a/include/polarssl/error.h b/include/polarssl/error.h index 78ad36255..9c1707105 100644 --- a/include/polarssl/error.h +++ b/include/polarssl/error.h @@ -72,8 +72,8 @@ * X509 2 21 * DHM 3 6 * RSA 4 9 - * MD 5 1 - * CIPER 6 1 + * MD 5 4 + * CIPHER 6 5 * SSL 7 30 * * Module dependent error code (5 bits 0x.08.-0x.F8.) diff --git a/include/polarssl/md.h b/include/polarssl/md.h index f62ef2038..88596cb04 100644 --- a/include/polarssl/md.h +++ b/include/polarssl/md.h @@ -42,8 +42,7 @@ #define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ #define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_MD_FILE_OPEN_FAILED -0x5200 /**< Opening of file failed. */ -#define POLARSSL_ERR_MD_FILE_READ_FAILED -0x5280 /**< Failure when reading from file. */ +#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ typedef enum { POLARSSL_MD_NONE=0, diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index c897a1e3e..74c5d2df7 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -562,7 +562,7 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); * \param ssl SSL context * \param hostname the server hostname * - * \return 0 if successful + * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED */ int ssl_set_hostname( ssl_context *ssl, const char *hostname ); diff --git a/include/polarssl/version.h b/include/polarssl/version.h index 13f14208a..98eb0b3f1 100644 --- a/include/polarssl/version.h +++ b/include/polarssl/version.h @@ -39,16 +39,16 @@ */ #define POLARSSL_VERSION_MAJOR 1 #define POLARSSL_VERSION_MINOR 1 -#define POLARSSL_VERSION_PATCH 0 +#define POLARSSL_VERSION_PATCH 1 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define POLARSSL_VERSION_NUMBER 0x01010000 -#define POLARSSL_VERSION_STRING "1.1.0" -#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.1.0" +#define POLARSSL_VERSION_NUMBER 0x01010100 +#define POLARSSL_VERSION_STRING "1.1.1" +#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.1.1" #if defined(POLARSSL_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index bd676d2b8..de7273571 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -47,7 +47,7 @@ add_library(polarssl STATIC ${src}) else(NOT USE_SHARED_POLARSSL_LIBRARY) add_library(polarssl SHARED ${src}) -set_target_properties(polarssl PROPERTIES VERSION 1.1.0 SOVERSION 1) +set_target_properties(polarssl PROPERTIES VERSION 1.1.1 SOVERSION 1) endif(NOT USE_SHARED_POLARSSL_LIBRARY) diff --git a/library/cipher.c b/library/cipher.c index 2a9da25a6..485a09bc0 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -94,7 +94,7 @@ const int *cipher_list( void ) return supported_ciphers; } -const cipher_info_t *cipher_info_from_type( cipher_type_t cipher_type ) +const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ) { /* Find static cipher information */ switch ( cipher_type ) @@ -433,11 +433,10 @@ static void add_pkcs_padding( unsigned char *output, size_t output_len, output[data_len + i] = (unsigned char) padding_len; } -static int get_pkcs_padding( unsigned char *input, unsigned char input_len, +static int get_pkcs_padding( unsigned char *input, unsigned int input_len, size_t *data_len) { - int i = 0; - unsigned char padding_len = 0; + unsigned int i, padding_len = 0; if( NULL == input || NULL == data_len ) return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 5b610a20f..882d68618 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -470,7 +470,7 @@ int ctr_drbg_self_test( int verbose ) printf( " CTR_DRBG (PR = TRUE) : " ); test_offset = 0; - if( ctr_drbg_init( &ctx, ctr_drbg_self_test_entropy, entropy_source_pr, nonce_pers_pr, 16 ) != 0 ) + if( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, entropy_source_pr, nonce_pers_pr, 16, 32 ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); @@ -513,7 +513,7 @@ int ctr_drbg_self_test( int verbose ) printf( " CTR_DRBG (PR = FALSE): " ); test_offset = 0; - if( ctr_drbg_init( &ctx, ctr_drbg_self_test_entropy, entropy_source_nopr, nonce_pers_nopr, 16 ) != 0 ) + if( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, entropy_source_nopr, nonce_pers_nopr, 16, 32 ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); diff --git a/library/error.c b/library/error.c index 5dcd17580..9bc503429 100644 --- a/library/error.c +++ b/library/error.c @@ -177,10 +177,8 @@ void error_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "MD - Bad input parameters to function" ); if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) ) snprintf( buf, buflen, "MD - Failed to allocate memory" ); - if( use_ret == -(POLARSSL_ERR_MD_FILE_OPEN_FAILED) ) - snprintf( buf, buflen, "MD - Opening of file failed" ); - if( use_ret == -(POLARSSL_ERR_MD_FILE_READ_FAILED) ) - snprintf( buf, buflen, "MD - Failure when reading from file" ); + if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) ) + snprintf( buf, buflen, "MD - Opening or reading of file failed" ); #endif /* POLARSSL_MD_C */ #if defined(POLARSSL_PEM_C) diff --git a/library/md.c b/library/md.c index 51fb82e15..d15bf1dca 100644 --- a/library/md.c +++ b/library/md.c @@ -222,19 +222,19 @@ int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, int md_file( const md_info_t *md_info, const char *path, unsigned char *output ) { +#if defined(POLARSSL_FS_IO) int ret; +#endif if( md_info == NULL ) return POLARSSL_ERR_MD_BAD_INPUT_DATA; #if defined(POLARSSL_FS_IO) ret = md_info->file_func( path, output ); - if( ret == 2 ) - return POLARSSL_ERR_MD_FILE_OPEN_FAILED; - if( ret == 3 ) - return POLARSSL_ERR_MD_FILE_READ_FAILED; + if( ret != 0 ) + return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret ); - return ret; + return( ret ); #else ((void) path); ((void) output); diff --git a/library/rsa.c b/library/rsa.c index 3133b2f74..ed1f45b25 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -362,7 +362,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, const unsigned char *input, unsigned char *output ) { - size_t nb_pad, olen, ret; + size_t nb_pad, olen; + int ret; unsigned char *p = output; #if defined(POLARSSL_PKCS1_V21) unsigned int hlen; @@ -592,7 +593,8 @@ int rsa_pkcs1_sign( rsa_context *ctx, unsigned char *p = sig; #if defined(POLARSSL_PKCS1_V21) unsigned char salt[POLARSSL_MD_MAX_SIZE]; - unsigned int slen, hlen, offset = 0, ret; + unsigned int slen, hlen, offset = 0; + int ret; size_t msb; const md_info_t *md_info; md_context_t md_ctx; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 08aaf801f..95ceea644 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -178,7 +178,9 @@ static int ssl_write_client_hello( ssl_context *ssl ) static int ssl_parse_server_hello( ssl_context *ssl ) { +#if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C) time_t t; +#endif int ret, i; size_t n; int ext_len; @@ -226,10 +228,12 @@ static int ssl_parse_server_hello( ssl_context *ssl ) ssl->minor_ver = buf[5]; +#if defined(POLARSSL_DEBUG_MSG) && defined(POLARSSL_DEBUG_C) t = ( (time_t) buf[6] << 24 ) | ( (time_t) buf[7] << 16 ) | ( (time_t) buf[8] << 8 ) | ( (time_t) buf[9] ); +#endif memcpy( ssl->randbytes + 32, buf + 6, 32 ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 545317ab8..44e972cf9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1913,6 +1913,9 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname ) ssl->hostname_len = strlen( hostname ); ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 ); + if( ssl->hostname == NULL ) + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + memcpy( ssl->hostname, (unsigned char *) hostname, ssl->hostname_len ); diff --git a/library/x509parse.c b/library/x509parse.c index f561754eb..ec4fffc93 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -968,6 +968,10 @@ static int x509_get_entries( unsigned char **p, if ( *p < end ) { cur_entry->next = malloc( sizeof( x509_crl_entry ) ); + + if( cur_entry->next == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + cur_entry = cur_entry->next; memset( cur_entry, 0, sizeof( x509_crl_entry ) ); } diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 76d0eff50..7063e8e5e 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -37,7 +37,7 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_FS_IO) -int 5ain( int argc, char *argv[] ) +int main( int argc, char *argv[] ) { ((void) argc); ((void) argv); diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 0ac11252a..8809a5914 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,5 +1,5 @@ Check compiletime library version -check_compiletime_version:"1.1.0" +check_compiletime_version:"1.1.1" Check runtime library version -check_runtime_version:"1.1.0" +check_runtime_version:"1.1.1"