polarssl

mirror of https://github.com/cuberite/polarssl.git synced 2025-08-27 15:02:47 -04:00

Author	SHA1	Message	Date
Dave Rodgman	8bb9e46c7c	Merge pull request #6082 from daverodgman/assemble-cl-case-backport2.28 Fix case of Mbed TLS in assemble_changelog.py - backport 2.28	2022-07-12 16:47:56 +01:00
Dave Rodgman	bdbc2ab3f4	Merge pull request #958 from Mbed-TLS/merge-into-2.28 Merge 2.28.1 into 2.28	2022-07-11 20:01:31 +01:00
Dave Rodgman	dd79db1001	Merge pull request #955 from Mbed-TLS/mbedtls-2.28.1rc0-pr Mbed TLS 2.28.1rc0 pr	2022-07-11 12:31:37 +01:00
Dave Rodgman	569d602890	Fix case of Mbed TLS in assemble_changelog.py Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-11 11:40:08 +01:00
Dave Rodgman	fe9d08fd12	Bump version Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-11 10:43:55 +01:00
Dave Rodgman	fa827b4b3d	Minor tweaks to Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-11 10:43:47 +01:00
Dave Rodgman	6743ec492e	Assemble Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-11 10:43:37 +01:00
Dave Rodgman	b51e0c7e56	Add correct .txt extension to Changelog entry Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-07-11 10:43:32 +01:00
Dave Rodgman	df275c4227	Merge remote-tracking branch 'restricted/mbedtls-2.28-restricted' into mbedtls-2.28.1rc0-pr	2022-07-11 10:42:55 +01:00
Paul Elliott	ada62f25a2	Merge pull request #6067 from AndrzejKurek/cid-session-resumption-2-28 [Backport 2.28] Fix DTLS 1.2 session resumption	2022-07-06 15:02:47 +01:00
Andrzej Kurek	135afdca1e	Changelog rewording Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 06:48:48 -04:00
Andrzej Kurek	77473eba5d	Clarify the need for calling mbedtls_ssl_derive_keys after extension parsing Use a more straightforward condition to note that session resumption is happening. Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 06:43:22 -04:00
Andrzej Kurek	33b731f637	Improve changelog wording Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 06:43:18 -04:00
Andrzej Kurek	78c63511ae	Add a changelog entry for the session resumption + CID bug Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 06:43:09 -04:00
Andrzej Kurek	c87d97b2ac	Rearrange the session resumption code Previously, the transforms were populated before extension parsing, which resulted in the client rejecting a server hello that contained a connection ID. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-06 06:43:00 -04:00
Paul Elliott	06986de4ea	Merge pull request #6066 from AndrzejKurek/fix-some-resource-leaks-2-28 Fix `mbedtls_pk_parse_public_key` resource leaks	2022-07-05 23:12:11 +01:00
Andrzej Kurek	cd5e671b5a	Add a changelog entry for pkparse bugs Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-07-05 10:32:38 -04:00
Paul Elliott	b39b499932	Add pem_free() to other error paths in pk_parse_public_key() Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-07-05 10:27:34 -04:00
Leonid Rozenboim	763ee3c6b4	Fix resource leaks These potential leaks were flagged by the Coverity static analyzer. Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>	2022-07-05 06:07:43 -04:00
Manuel Pégourié-Gonnard	af36c76ce3	Merge pull request #950 from paul-elliott-arm/fix_tls_record_size_check_2_28 (Backport 2.28) Fix the wrong variable being used for TLS record size checks	2022-07-01 12:29:43 +02:00
Manuel Pégourié-Gonnard	e3954e36d9	Merge pull request #5997 from gilles-peskine-arm/storage-format-doc-202206-2.28 Backport 2.28: Documentation about storage format compatibility	2022-07-01 12:21:21 +02:00
Manuel Pégourié-Gonnard	2e4b5b2c43	Merge pull request #5996 from gilles-peskine-arm/storage-format-doc-2.25-2.28 Backport 2.28: Update storage format specification for Mbed TLS 2.25.0+	2022-07-01 09:25:42 +02:00
Ronald Cron	0ae1c1c49c	Merge pull request #5991 from gilles-peskine-arm/asn1write-0-fix-2.28 Backport 2.28: Improve ASN.1 write tests	2022-06-30 15:42:31 +02:00
Gilles Peskine	be059e4b07	For status values, the macro expansions must not change either Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	fe84f38e26	More wording improvements Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	a6e71bf864	Spelling Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	3d96ea1e4c	Add warnings to test code and data about storage format stability Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	f4be01fadb	Document how to interpret negative reports The abi_check script has common false positives. Document the intent of each family of checks and typical cases of false positives that can be overridden. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	4b9f7a28c9	Remove redundant sentence Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	6140d2efcc	Backward compatibility: the key store Promise that we will keep supporting existing key store formats, at least until a major version comes along. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	6bfc19a648	Backward compatibility: add a note about the configuration Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:57:27 +02:00
Gilles Peskine	43bd07da06	Add compatibility notes regarding values embedded in the key store Certain numerical values are written to the key store. Changing those numerical values would break the backward compatibility of stored keys. Add a note to the affected types. Add comments near the definitions of affected values. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:51:01 +02:00
Gilles Peskine	7ccc5e6d4e	Document how PSA identifiers are generally constructed Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:51:01 +02:00
Gilles Peskine	fcc3a68311	Historical update: the layout on stdio changed in Mbed Crypto 1.1.0 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:48:34 +02:00
Gilles Peskine	4985728d4c	Typos Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:48:34 +02:00
Gilles Peskine	c64eab3784	Repeat the seed file documentation in 2.25.0 This way the 2.25.0 section is now fully self-contained. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:48:34 +02:00
Gilles Peskine	5d20c735a0	Fix wrong type in C snippet Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:48:34 +02:00
Gilles Peskine	141a770b68	Add section for Mbed TLS 2.25.0+ We hadn't updated the storage specification in a while. There have been no changes to the storage layout, but the details of the contents of some fields have changed. Since this is now a de facto stable format (unchanged between 2.25 and 3.2), describe it fully, avoiding references to previous versions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 13:48:34 +02:00
Paul Elliott	24ed2caaff	Fix the wrong variable being used for TLS record size checks Fix an issue whereby a variable was used to check the size of incoming TLS records against the configured maximum prior to it being set to the right value. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2022-06-30 12:37:15 +01:00
Dave Rodgman	eee5c8ac23	Merge pull request #5982 from gilles-peskine-arm/selftest-calloc-pointer-comparison-fix-2.28 Backport 2.28: Remove largely useless bit of test log to silence GCC 12	2022-06-29 15:25:00 +01:00
Dave Rodgman	492ece7b54	Merge pull request #947 from gilles-peskine-arm/mpi-0-mod-2-2.28 Backport 2.28: Fix null pointer dereference in mpi_mod_int(0, 2)	2022-06-29 15:03:03 +01:00
Gilles Peskine	d97de551e4	Don't call memcpy(NULL, 0) which has undefined behavior Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	96b8d31ef6	ASN.1: test that we can parse what we can write In asn1_write tests, when there's a parsing function corresponding to the write function, call it and check that it can parse what we wrote. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	53875878b8	Fix copypasta in test data Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	53785928fa	ASN.1 write tests: test with larger buffer Test with the output buffer size up to and including the expected output size plus one. `... < expected->len + 1` was evidently a mistake. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	bb34feea0d	Fix bug whereby 0 was written as 0200 rather than 020100 0200 is not just non-DER, it's completely invalid, since there has to be a sign bit. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	62f217b180	Add MPI write tests when the MPI object has a leading zero limb Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	4269185aa1	Fix mismatch between test data and test description Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Gilles Peskine	7f56783a0a	Uncomment mbedtls_asn1_write_mpi tests with leading 1 bit mbedtls_asn1_write_mpi() correctly handles the sign bit, so there's no reason not to test that it's handled correctly. Fix copypasta in test data that was commented out. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-29 11:04:48 +02:00
Zhangsen Wang	7d0e658386	Re-enable 7 tests disabled in mbedtls-2.28 because of an old OpenSSL bug Signed-off-by: Zhangsen Wang <zhangsen.wang@arm.com>	2022-06-29 07:33:35 +00:00

... 16 17 18 19 20 ...

17681 Commits