mbedtls/library at 39ae8cd2077d2e9e7d00161162ad8d3fb45dba27 - mbedtls - Gitea: Git with a cup of tea

mirror/mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-26 21:35:35 +00:00

History

Hanno Becker 39ae8cd207 Fix implementation of VERIFY_OPTIONAL verification mode

This commit changes the behaviour of mbedtls_ssl_parse_certificate
to make the two authentication modes MBEDTLS_SSL_VERIFY_REQUIRED and
MBEDTLS_SSL_VERIFY_OPTIONAL be in the following relationship:

    Mode == MBEDTLS_SSL_VERIFY_REQUIRED
<=> Mode == MBEDTLS_SSL_VERIFY_OPTIONAL + check verify result

Also, it changes the behaviour to perform the certificate chain
verification even if the trusted CA chain is empty. Previously, the
function failed in this case, even when using optional verification,
which was brought up in #864.

2017-06-07 11:13:19 +01:00

..

.gitignore

Split libs with make + general make cleanups

2015-06-25 10:59:56 +02:00

aes.c

Change return type of AES decrypt and encrypt

2017-05-16 10:22:37 +01:00

aesni.c

Fix build errors on x32 by using the generic 'add' instruction

2016-05-23 14:29:28 +01:00

arc4.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

asn1parse.c

Fix 1 byte overread in mbedtls_asn1_get_int()

2016-10-13 13:54:14 +01:00

asn1write.c

Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths

2016-08-25 15:42:27 +01:00

base64.c

Add comment to integer overflow fix in base64.c

2017-02-15 23:31:07 +02:00

bignum.c

Fix buffer overflow in mbedtls_mpi_write_string()

2017-03-02 21:34:21 +00:00

blowfish.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

camellia.c

Address user reported coverity issues.

2016-06-07 14:52:35 +01:00

ccm.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

certs.c

X.509 self-tests: replaced SHA-1 certificates by SHA-256

2017-06-06 18:44:13 +02:00

cipher_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

cipher.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

cmac.c

Fix check-doxy-blocks.pl errors (cmac.c ecjpake.h)

2017-05-12 00:18:04 +01:00

CMakeLists.txt

Updated version number to 2.5.0

2017-05-16 10:22:37 +01:00

ctr_drbg.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

debug.c

Fix compiler warning in debug.c

2017-02-15 09:08:26 +00:00

des.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

dhm.c

Corrected references for RSA and DHM

2016-01-20 00:44:42 +00:00

ecdh.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ecdsa.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ecjpake.c

Fix potential stack buffer overflow in ecjpake

2015-10-20 16:20:56 +02:00

ecp_curves.c

ECP: Add module and function level replacement options.

2017-05-11 22:42:14 +01:00

ecp.c

Fix cleanup label alignment

2017-05-11 22:42:14 +01:00

entropy_poll.c

Renames null entropy source function for clarity

2016-06-12 00:31:33 +01:00

entropy.c

Fix unused variable warnings for null entropy config

2016-09-15 18:57:34 +01:00

error.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

gcm.c

Fix documentation for mbedtls_gcm_finish()

2016-10-13 13:54:47 +01:00

havege.c

Fixes warnings found by Clang static analyser

2016-05-23 23:18:26 +01:00

hmac_drbg.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

Makefile

Added cmac.o to libary/Makefile

2016-10-13 13:51:09 +01:00

md2.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

md4.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md5.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

memory_buffer_alloc.c

Fixes memory leak in memory_buffer_alloc.c debug

2016-05-23 14:29:29 +01:00

net_sockets.c

Fix formatting issues in net_sockets.c

2017-02-15 09:08:26 +00:00

oid.c

Removing in compile time unused entries from oid_ecp_grp list

2016-09-04 15:14:38 +01:00

padlock.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pem.c

Fix unused variable/function compilation warnings

2017-02-15 22:54:42 +02:00

pk_wrap.c

Fix data loss in unsigned int cast in PK

2017-05-11 21:55:17 +01:00

pk.c

Fix data loss in unsigned int cast in PK

2017-05-11 21:55:17 +01:00

pkcs5.c

Fix output of PKCS#5 and RIPEMD-160 self tests

2016-08-25 16:36:35 +01:00

pkcs11.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pkcs12.c

Shut up a few clang-analyze warnings about use of uninitialized variables

2016-05-23 14:29:28 +01:00

pkparse.c

Clarify Comments and Fix Typos (#651 )

2017-02-15 09:08:26 +00:00

pkwrite.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

platform.c

Fix various compiler warnings with MSVC

2017-02-15 09:08:26 +00:00

ripemd160.c

Fix output of PKCS#5 and RIPEMD-160 self tests

2016-08-25 16:36:35 +01:00

rsa.c

RSA: wipe more stack buffers

2017-05-16 10:22:37 +01:00

sha1.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

sha256.c

Use allocated memory for SHA self tests

2016-10-13 15:10:14 +01:00

sha512.c

Use allocated memory for SHA self tests

2016-10-13 15:10:14 +01:00

ssl_cache.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_ciphersuites.c

Remember suitable hash function for any signature algorithm.

2017-05-15 11:50:11 +01:00

ssl_cli.c

Merge remote-tracking branch 'gilles/IOTSSL-1330/development' into development

2017-06-06 19:22:41 +02:00

ssl_cookie.c

Fix resource leak when using mutex and ssl_cookie

2017-03-02 12:26:11 +00:00

ssl_srv.c

Merge remote-tracking branch 'gilles/iotssl-1223/development' into development

2017-06-06 20:11:36 +02:00

ssl_ticket.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_tls.c

Fix implementation of VERIFY_OPTIONAL verification mode

2017-06-07 11:13:19 +01:00

threading.c

Fix bug in threading sample implementation #667

2017-05-16 10:22:37 +01:00

timing.c

Give better error messages for semi-portable parts

2016-02-22 10:47:32 +01:00

version_features.c

Update version features with ECP macros

2017-05-11 22:42:14 +01:00

version.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

x509_create.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

x509_crl.c

Fix memory leak in mbedtls_x509_crl_parse()

2017-02-28 14:51:31 +00:00

x509_crt.c

SHA-1 deprecation: allow it in key exchange

2017-06-06 18:44:14 +02:00

x509_csr.c

Fix unused variable/function compilation warnings

2017-02-15 22:54:42 +02:00

x509.c

X.509 self-tests: replaced SHA-1 certificates by SHA-256

2017-06-06 18:44:13 +02:00

x509write_crt.c

Add missing bounds check in X509 DER write funcs

2016-10-11 14:07:48 +01:00

x509write_csr.c

Add missing bounds check in X509 DER write funcs

2016-10-11 14:07:48 +01:00

xtea.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00