cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-08 06:40:16 -04:00
Code Issues Packages Projects Releases Wiki Activity
16,838 Commits 7 Branches 115 Tags
Commit Graph

16838 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tom Cosgrove
c71bc7b7d3 Fix typographical errors in .md files found by cspell 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-07-29 13:54:52 +01:00
Dave Rodgman
8934db7b8e
Merge pull request #6143 from tom-cosgrove-arm/fix-comments-in-docs-and-comments-2.28 
Backport 2.28: Fix a/an typos in doxygen and other comments
 2022-07-29 12:59:14 +01:00
Tom Cosgrove
5205c976da Fix a/an typos in doxygen and other comments 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-07-28 06:12:08 +01:00
Dave Rodgman
5048045f25
Merge pull request #6096 from tom-cosgrove-arm/bn_mul-fix-x86-pic-compilation-for-gcc-4-2.28 
Backport 2.28: bn_mul.h: fix x86 PIC inline ASM compilation with GCC < 5
 2022-07-21 17:34:52 +01:00
Dave Rodgman
59dca4b136
Merge pull request #6110 from daverodgman/add-missing-break-2.28 
Add missing break - backport 2.28
 2022-07-21 15:25:49 +01:00
Tuvshinzaya Erdenekhuu
e63492aeea Add missing break 
In ''int execute_tests( int argc , const char ** argv )'' function,
switch case is missing break statement.

Signed-off-by: Tuvshinzaya Erdenekhuu <tuvshinzaya.erdenekhuu@arm.com>
 2022-07-20 15:18:55 +01:00
Tom Cosgrove
accd50d4cd Add a ChangeLog entry 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2022-07-19 09:02:47 +01:00
Peter Korsgaard
9d9d45c6b2 bn_mul.h: fix x86 PIC inline ASM compilation with GCC < 5 
Fixes #1910

With ebx added to the MULADDC_STOP clobber list to fix #1550, the inline
assembly fails to build with GCC < 5 in PIC mode with the following error:

include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’

This is because older GCC versions treated the x86 ebx register (which is
used for the GOT) as a fixed reserved register when building as PIC.

This is fixed by an improved register allocator in GCC 5+.  From the release
notes:

Register allocation improvements: Reuse of the PIC hard register, instead of
using a fixed register, was implemented on x86/x86-64 targets.  This
improves generated PIC code performance as more hard registers can be used.

https://www.gnu.org/software/gcc/gcc-5/changes.html

As a workaround, detect this situation and disable the inline assembly,
similar to the MULADDC_CANNOT_USE_R7 logic.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2022-07-19 09:02:47 +01:00
Dave Rodgman
8bb9e46c7c
Merge pull request #6082 from daverodgman/assemble-cl-case-backport2.28 
Fix case of Mbed TLS in assemble_changelog.py - backport 2.28
 2022-07-12 16:47:56 +01:00
Dave Rodgman
bdbc2ab3f4
Merge pull request #958 from Mbed-TLS/merge-into-2.28 
Merge 2.28.1 into 2.28
 2022-07-11 20:01:31 +01:00
Dave Rodgman
dd79db1001
Merge pull request #955 from Mbed-TLS/mbedtls-2.28.1rc0-pr 
Mbed TLS 2.28.1rc0 pr
 2022-07-11 12:31:37 +01:00
Dave Rodgman
569d602890 Fix case of Mbed TLS in assemble_changelog.py 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-11 11:40:08 +01:00
Dave Rodgman
fe9d08fd12 Bump version 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-11 10:43:55 +01:00
Dave Rodgman
fa827b4b3d Minor tweaks to Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-11 10:43:47 +01:00
Dave Rodgman
6743ec492e Assemble Changelog 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-11 10:43:37 +01:00
Dave Rodgman
b51e0c7e56 Add correct .txt extension to Changelog entry 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2022-07-11 10:43:32 +01:00
Dave Rodgman
df275c4227 Merge remote-tracking branch 'restricted/mbedtls-2.28-restricted' into mbedtls-2.28.1rc0-pr 2022-07-11 10:42:55 +01:00
Paul Elliott
ada62f25a2
Merge pull request #6067 from AndrzejKurek/cid-session-resumption-2-28 
[Backport 2.28] Fix DTLS 1.2 session resumption
 2022-07-06 15:02:47 +01:00
Andrzej Kurek
135afdca1e Changelog rewording 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-06 06:48:48 -04:00
Andrzej Kurek
77473eba5d Clarify the need for calling mbedtls_ssl_derive_keys after extension parsing 
Use a more straightforward condition to note that session resumption
is happening.
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-06 06:43:22 -04:00
Andrzej Kurek
33b731f637 Improve changelog wording 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-06 06:43:18 -04:00
Andrzej Kurek
78c63511ae Add a changelog entry for the session resumption + CID bug 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-06 06:43:09 -04:00
Andrzej Kurek
c87d97b2ac Rearrange the session resumption code 
Previously, the transforms were populated before extension
parsing, which resulted in the client rejecting a server
hello that contained a connection ID.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-06 06:43:00 -04:00
Paul Elliott
06986de4ea
Merge pull request #6066 from AndrzejKurek/fix-some-resource-leaks-2-28 
Fix `mbedtls_pk_parse_public_key` resource leaks
 2022-07-05 23:12:11 +01:00
Andrzej Kurek
cd5e671b5a Add a changelog entry for pkparse bugs 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
 2022-07-05 10:32:38 -04:00
Paul Elliott
b39b499932 Add pem_free() to other error paths in pk_parse_public_key() 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-07-05 10:27:34 -04:00
Leonid Rozenboim
763ee3c6b4 Fix resource leaks 
These potential leaks were flagged by the Coverity static analyzer.

Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>
 2022-07-05 06:07:43 -04:00
Manuel Pégourié-Gonnard
af36c76ce3
Merge pull request #950 from paul-elliott-arm/fix_tls_record_size_check_2_28 
(Backport 2.28) Fix the wrong variable being used for TLS record size checks
 2022-07-01 12:29:43 +02:00
Manuel Pégourié-Gonnard
e3954e36d9
Merge pull request #5997 from gilles-peskine-arm/storage-format-doc-202206-2.28 
Backport 2.28: Documentation about storage format compatibility
 2022-07-01 12:21:21 +02:00
Manuel Pégourié-Gonnard
2e4b5b2c43
Merge pull request #5996 from gilles-peskine-arm/storage-format-doc-2.25-2.28 
Backport 2.28: Update storage format specification for Mbed TLS 2.25.0+
 2022-07-01 09:25:42 +02:00
Ronald Cron
0ae1c1c49c
Merge pull request #5991 from gilles-peskine-arm/asn1write-0-fix-2.28 
Backport 2.28: Improve ASN.1 write tests
 2022-06-30 15:42:31 +02:00
Gilles Peskine
be059e4b07 For status values, the macro expansions must not change either 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
fe84f38e26 More wording improvements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
a6e71bf864 Spelling 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
3d96ea1e4c Add warnings to test code and data about storage format stability 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
f4be01fadb Document how to interpret negative reports 
The abi_check script has common false positives. Document the intent of each
family of checks and typical cases of false positives that can be overridden.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
4b9f7a28c9 Remove redundant sentence 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
6140d2efcc Backward compatibility: the key store 
Promise that we will keep supporting existing key store formats, at least
until a major version comes along.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
6bfc19a648 Backward compatibility: add a note about the configuration 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:57:27 +02:00
Gilles Peskine
43bd07da06 Add compatibility notes regarding values embedded in the key store 
Certain numerical values are written to the key store. Changing those
numerical values would break the backward compatibility of stored keys. Add
a note to the affected types. Add comments near the definitions of affected
values.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:51:01 +02:00
Gilles Peskine
7ccc5e6d4e Document how PSA identifiers are generally constructed 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:51:01 +02:00
Gilles Peskine
fcc3a68311 Historical update: the layout on stdio changed in Mbed Crypto 1.1.0 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:48:34 +02:00
Gilles Peskine
4985728d4c Typos 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:48:34 +02:00
Gilles Peskine
c64eab3784 Repeat the seed file documentation in 2.25.0 
This way the 2.25.0 section is now fully self-contained.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:48:34 +02:00
Gilles Peskine
5d20c735a0 Fix wrong type in C snippet 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:48:34 +02:00
Gilles Peskine
141a770b68 Add section for Mbed TLS 2.25.0+ 
We hadn't updated the storage specification in a while. There have been no
changes to the storage layout, but the details of the contents of some
fields have changed.

Since this is now a de facto stable format (unchanged between 2.25 and 3.2),
describe it fully, avoiding references to previous versions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-30 13:48:34 +02:00
Paul Elliott
24ed2caaff Fix the wrong variable being used for TLS record size checks 
Fix an issue whereby a variable was used to check the size of incoming
TLS records against the configured maximum prior to it being set to the
right value.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2022-06-30 12:37:15 +01:00
Dave Rodgman
eee5c8ac23
Merge pull request #5982 from gilles-peskine-arm/selftest-calloc-pointer-comparison-fix-2.28 
Backport 2.28: Remove largely useless bit of test log to silence GCC 12
 2022-06-29 15:25:00 +01:00
Dave Rodgman
492ece7b54
Merge pull request #947 from gilles-peskine-arm/mpi-0-mod-2-2.28 
Backport 2.28: Fix null pointer dereference in mpi_mod_int(0, 2)
 2022-06-29 15:03:03 +01:00
Gilles Peskine
d97de551e4 Don't call memcpy(NULL, 0) which has undefined behavior 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-06-29 11:04:48 +02:00