mbedtls/library at b51130dd5ce743f27762a0c1b9685b4ad5aa32d5 - mbedtls - Gitea: Git with a cup of tea

mirror/mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 18:40:01 +00:00

History

Gilles Peskine b51130dd5c Parse HelloVerifyRequest: avoid buffer overread on the cookie

In ssl_parse_hello_verify_request, we print cookie_len bytes without
checking that there are that many bytes left in ssl->in_msg. This
could potentially log data outside the received message (not a big
deal) and could potentially read from memory outside of the receive
buffer (which would be a remotely exploitable crash).

2019-09-27 14:00:36 +02:00

..

.gitignore

Split libs with make + general make cleanups

2015-06-25 10:59:56 +02:00

certs.c

Add support for all SHA modes in cert_write

2019-07-14 09:17:57 +03:00

CMakeLists.txt

Merge remote-tracking branch 'origin/pr/2799' into development

2019-08-30 15:50:45 +01:00

debug.c

Merge remote-tracking branch 'origin/pr/1818' into development

2019-03-05 16:27:38 +00:00

error.c

Introduce specific error for ver/cfg mismatch on deserialization

2019-08-23 12:51:21 +03:00

Makefile

Handle deleting non-existant files on Windows

2019-08-30 15:45:46 +01:00

net_sockets.c

Added mbedtls_net_close and use it in ssl_fork_server to correctly

2019-08-23 10:57:03 +02:00

pkcs11.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ssl_cache.c

Remove peer CRT from cache if !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE

2019-02-26 14:38:09 +00:00

ssl_ciphersuites.c

Reduce priority of 3DES ciphersuites

2019-03-01 10:19:27 +01:00

ssl_cli.c

Parse HelloVerifyRequest: avoid buffer overread on the cookie

2019-09-27 14:00:36 +02:00

ssl_cookie.c

Rename mbedtls_zeroize to mbedtls_platform_zeroize

2018-04-17 10:00:21 -05:00

ssl_srv.c

Make calc_verify() return the length as well

2019-08-23 12:45:33 +03:00

ssl_ticket.c

Move session save/load function to ssl_tls.c

2019-08-23 12:48:41 +03:00

ssl_tls.c

tls_prf: support an empty master secret

2019-09-23 18:19:22 +02:00

version_features.c

Add new config MBEDTLS_SSL_CONTEXT_SERIALIZATION

2019-08-23 12:52:29 +03:00

version.c

Fix missing void argument declarations #678

2016-11-04 23:05:56 +01:00

x509_create.c

Break overly long line in library/x509_create.c

2018-11-02 10:52:38 +00:00

x509_crl.c

Always return a high-level error code from X.509 module

2019-06-04 13:59:48 +01:00

x509_crt.c

Fix uninitialized variable in x509_crt

2019-08-30 14:48:36 +03:00

x509_csr.c

Merge development commit 8e76332 into development-psa

2019-01-31 08:20:20 -05:00

x509.c

Improve documentation of mbedtls_x509_get_ext()

2019-06-04 13:59:55 +01:00

x509write_crt.c

Merge remote-tracking branch 'origin/development' into development-restricted

2019-07-10 08:46:54 +01:00

x509write_csr.c

Change size of preallocated buffer for pk_sign() calls

2019-06-06 13:20:48 +02:00