1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-10 21:01:41 +03:00
Commit Graph

1783 Commits

Author SHA1 Message Date
47229c7cbb Disable MD5 in handshake signatures by default 2015-12-04 15:02:56 +01:00
e2e25e7427 DTLS: avoid dropping too many records
When the peer retransmits a flight with many record in the same datagram, and
we already saw one of the records in that datagram, we used to drop the whole
datagram, resulting in interoperability failure (spurious handshake timeouts,
due to ignoring record retransmitted by the peer) with some implementations
(issues with Chrome were reported).

So in those cases, we want to only drop the current record, and look at the
following records (if any) in the same datagram. OTOH, this is not something
we always want to do, as sometime the header of the current record is not
reliable enough.

This commit introduces a new return code for ssl_parse_header() that allows to
distinguish if we should drop only the current record or the whole datagram,
and uses it in mbedtls_ssl_read_record()

fixes #345
2015-12-03 16:13:17 +01:00
bd3639852c Merge branch 'iotssl-519-asn1write-overflows-restricted' into development-restricted
* iotssl-519-asn1write-overflows-restricted:
  Fix other int casts in bounds checking
  Fix other occurrences of same bounds check issue
  Fix potential buffer overflow in asn1write
2015-11-02 11:07:30 +09:00
f8b2442e2f Merge branch 'iotssl-517-double-free-restricted' into development-restricted
* iotssl-517-double-free-restricted:
  Fix potential double-free in ssl_conf_psk()
2015-11-02 11:03:32 +09:00
204606238c Merge branch 'development' into misc 2015-10-27 16:57:34 +00:00
459a950f31 Fixed typo in comment 2015-10-27 16:09:03 +00:00
62aab15085 Merge branch 'development' into iotssl-513-alerts 2015-10-27 16:05:34 +00:00
e357a64355 Merge pull request #328 from ARMmbed/iotssl-461-ecjpake-finalization
Iotssl 461 ecjpake finalization
2015-10-27 00:08:31 +00:00
fbdf06c1a4 Fix handling of non-fatal alerts
fixes #308
2015-10-23 13:11:31 +02:00
e5f3072aed Fix #ifdef inconsistency
fixes #310

Actually all key exchanges that use a certificate use signatures too, and
there is no key exchange that uses signatures but no cert, so merge those two
flags.
2015-10-23 08:40:23 +02:00
bc5e508855 Fix other int casts in bounds checking
Not a security issue as here we know the buffer is large enough (unless
something else if badly wrong in the code), and the value cast to int is less
than 2^16 (again, unless issues elsewhere).

Still changing to a more correct check as a matter of principle
2015-10-21 12:51:16 +02:00
cdea97c1c3 Remove useless code
closes #321
2015-10-20 20:06:36 +02:00
173c790722 Fix potential double-free in ssl_conf_psk() 2015-10-20 19:56:45 +02:00
fadacb9d0b Merge branch 'development' into iotssl-461-ecjpake-finalization
* development: (73 commits)
  Bump yotta dependencies version
  Fix typo in documentation
  Corrected misleading fn description in ssl_cache.h
  Corrected URL/reference to MPI library
  Fix yotta dependencies
  Fix minor spelling mistake in programs/pkey/gen_key.c
  Bump version to 2.1.2
  Fix CVE number in ChangeLog
  Add 'inline' workaround where needed
  Fix references to non-standard SIZE_T_MAX
  Fix yotta version dependencies again
  Upgrade yotta dependency versions
  Fix compile error in net.c with musl libc
  Add missing warning in doc
  Remove inline workaround when not useful
  Fix macroization of inline in C++
  Changed attribution for Guido Vranken
  Merge of IOTSSL-476 - Random malloc in pem_read()
  Fix for IOTSSL-473 Double free error
  Fix potential overflow in CertificateRequest
  ...

Conflicts:
	include/mbedtls/ssl_internal.h
	library/ssl_cli.c
2015-10-20 15:00:29 +02:00
5674a9797a Fix compilers warnings in reduced configs 2015-10-19 15:14:03 +02:00
024b6df3b1 Improve key export API and documentation
- "master secret" is the usual name
- move key block arg closer to the related lengths
- document lengths

Also fix some trailing whitespace while at it
2015-10-19 13:52:53 +02:00
fec73a8eec Merge of fix for IOTSSL-481 - Double free
Potential double free in mbedtls_ssl_conf_psk()
2015-10-05 10:40:31 +01:00
5b8d1d65f7 Fix for IOTSSL-473 Double free error
Fix potential double-free in mbedtls_ssl_set_hs_psk(.)
2015-10-04 22:06:51 +01:00
4feb7ae8c2 Added key export API 2015-10-02 13:33:37 +01:00
ef388f168d Merge branch 'development' into development-restricted
* development:
  Updated ChangeLog with credit
  Fix a fairly common typo in comments
  Make config check include for configs examples more consistent
2015-10-02 12:44:39 +02:00
9f81231fb8 Revised hostname length check from review 2015-09-28 19:22:33 +01:00
24417f06fe Fix potential double-free in mbedtls_ssl_conf_psk() 2015-09-28 18:09:45 +02:00
89f77623b8 Added max length checking of hostname 2015-09-27 22:50:49 +01:00
588ad50c5a Fix a fairly common typo in comments 2015-09-25 04:27:22 +02:00
77c0646ef2 Add cache for EC J-PAKE client extension
Not used yet, just add the variables and cleanup code.
2015-09-17 13:59:49 +02:00
25dbeb002d Skip certificate-related messages with ECJPAKE 2015-09-16 22:58:29 +02:00
eef142d753 Depend on ECJPAKE key exchange, not module
This is more consistent, as it doesn't make any sense for a user to be able to
set up an EC J-PAKE password with TLS if the corresponding key exchange is
disabled.

Arguably this is what we should de for other key exchanges as well instead of
depending on ECDH_C etc, but this is an independent issue, so let's just do
the right thing with the new key exchange and fix the other ones later. (This
is a marginal issue anyway, since people who disable all ECDH key exchange are
likely to also disable ECDH_C in order to minimize footprint.)
2015-09-16 22:58:29 +02:00
557535d8c4 Add ECJPAKE key exchange 2015-09-16 22:58:29 +02:00
5793e7ef01 Merge 'development' into iotssl-411-port-reuse
Conflicts:
	ChangeLog
2015-09-16 15:25:53 +01:00
7002f4a560 Add mbedtls_ssl_set_hs_ecjpake_password() 2015-09-16 16:10:48 +02:00
76cfd3f97f Add EC J-PAKE context in handshake structure 2015-09-15 18:24:08 +02:00
ea5370d4a2 Don't allow reconnect during handshake
Especially for resumed handshake, it's entirely possible for an epoch=0
ClientHello to be retransmitted or arrive so late that the server is already
at epoch=1. There is no good way to detect whether it's that or a reconnect.

However:
- a late ClientHello seems more likely that client going down and then up
  again in the middle of a handshake
- even if that's the case, we'll time out on that handshake soon enough
- we don't want to break handshake flows that used to work
So the safest option is to not treat that as a reconnect.
2015-09-15 15:17:54 +02:00
d0bf6a3891 Update ssl_tls.c
Clarification in comments
2015-09-11 17:34:49 +01:00
74ca8d07ad Update ssl_tls.c
Clarification in comments to ssl_handle_possible_reconnect()
2015-09-11 17:22:40 +01:00
0789aed39d Update ssl_tls.c
Typo
2015-09-11 17:15:17 +01:00
ddfe5d20d1 Tune dependencies
Don't depend on srv.c in config.h, but add explicit checks. This is more
in line with other options that only make sense server-side, and also it
allows to test full config minus srv.c more easily.
2015-09-09 12:46:16 +02:00
2ed05a049a Fix typos 2015-09-09 11:52:28 +02:00
62c74bb78a Stop wasting resources
Use a custom function that minimally parses the message an creates a reply
without the overhead of a full SSL context.

Also fix dependencies: needs DTLS_HELLO_VERIFY for the cookie types, and let's
also depend on SRV_C as is doesn't make sense on client.
2015-09-09 11:22:52 +02:00
2088e2ebd9 fix const-ness of argument to mbedtls_ssl_conf_cert_profile
Otherwise, it's impossible to pass in a pointer to
mbedtls_x509_crt_profile_next!
2015-09-08 16:53:18 +01:00
3f09b6d4c2 Fix API 2015-09-08 11:58:14 +02:00
be619c1264 Clean up error codes 2015-09-08 11:21:21 +02:00
11331fc25b First working dirty version
- uses too much resources
- wrong API
2015-09-08 10:39:06 +02:00
9650205df7 Start detecting epoch 0 ClientHellos 2015-09-08 10:39:06 +02:00
37ff14062e Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ed51594337 Merge pull request #265 from ARMmbed/iotssl-460-bugfixes
Iotssl 460 bugfixes
2015-09-02 23:36:36 +01:00
f81ee2eba8 Add NULL checks to top-level SSL functions
On normal use these should never be useful, but if the application has issues,
it's best for us to return an error than to crash.
2015-09-01 17:43:40 +02:00
a2cda6bfaf Add mbedtls_ssl_get_max_frag_len()
This is not very useful for TLS as mbedtls_ssl_write() will automatically
fragment and return the length used, and the application should check for that
anyway, but this is useful for DTLS where mbedtls_ssl_write() returns an
error, and the application needs to be able to query the maximum length
instead of just guessing.
2015-08-31 20:47:04 +02:00
c6b5d833ec Fix handling of long PSK identities
fixes #238
2015-08-31 10:34:26 +02:00
ea35666f50 Fix -Wshadow warnings
Checked that it is supported by gcc 4.2.1 (FreeBSD 9).

fixes #240
2015-08-31 10:34:26 +02:00
c98204e68f Fix missing break in switch for SSL presets
closes #235
2015-08-11 04:21:01 +02:00