ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-06-28 00:58:05 +08:00
Code Issues Releases Wiki Activity
mbedtls/library
History
Manuel Pégourié-Gonnard 6062b49d29 Fix bug in handling of DTLS client hard reconnect 
We keep track of the current epoch and record sequence number in out_ctr,
which was overwritten when writing the record containing the
HelloVerifyRequest starting from out_buf. We can avoid that by only using the
rest of the buffer.

Using MBEDTLS_SSL_MAX_CONTENT_LEN as the buffer size is still correct, as it
was a pretty conservative value when starting from out_buf.

Note: this bug was also fixed unknowingly in 2.13 by introducing a new buffer
that holds the current value of the sequence number (including epoch), while
working on datagram packing: 198594709baa82d55bba4e5ee442ffb5ffe886b4

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-03-31 13:04:19 +02:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Zeroize local AES variables before exiting the function
2019-11-12 03:23:51 -05:00
aesni.c
Fix build errors on x32 by using the generic 'add' instruction
2016-05-23 14:29:28 +01:00
arc4.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
asn1parse.c
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-13 13:54:14 +01:00
asn1write.c
Fix ASN1 bitstring writing
2019-02-11 21:10:48 +00:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-15 23:31:07 +02:00
bignum.c
Minor comment improvement
2020-02-03 16:34:53 +01:00
blowfish.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
camellia.c
Address user reported coverity issues.
2016-06-07 14:52:35 +01:00
ccm.c
enforce input and output of ccm selftest on stack
2018-07-30 11:43:08 +03:00
certs.c
Fix comment to match reality
2020-02-04 09:52:27 +01:00
cipher_wrap.c
Fix after PR comments
2018-06-21 14:03:14 +03:00
cipher.c
Remove redundant block_size validity check
2020-01-22 19:09:05 +01:00
cmac.c
Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7
2018-06-27 11:11:34 +01:00
CMakeLists.txt
Bump version to Mbed TLS 2.7.14
2020-02-19 12:08:10 +00:00
ctr_drbg.c
Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted
2020-01-15 16:59:10 +00:00
debug.c
Return from debugging functions if SSL context is unset
2018-08-23 14:57:39 +01:00
des.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
dhm.c
Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted
2018-01-26 18:43:04 +00:00
ecdh.c
Fix ecdh_get_params with mismatching group
2019-02-21 18:17:05 +01:00
ecdsa.c
ECDSA: Fix side channel vulnerability
2019-10-25 09:01:34 +01:00
ecjpake.c
Fix handling of md failure
2019-07-08 15:26:09 +02:00
ecp_curves.c
ECP: Add module and function level replacement options.
2017-05-11 22:42:14 +01:00
ecp.c
Change mbedtls_mpi_cmp_mpi_ct to check less than
2019-11-11 12:27:36 +00:00
entropy_poll.c
Add missing bracket
2018-11-05 12:17:15 +00:00
entropy.c
Merge branch 'development' into development-restricted
2018-01-25 17:28:31 +00:00
error.c
Fix #2370, minor typos and spelling mistakes
2019-02-18 15:57:54 +00:00
gcm.c
Merge remote-tracking branch 'upstream-public/pr/964' into development
2018-01-02 16:24:29 +01:00
havege.c
Prevent building the HAVEGE module on platforms where it doesn't work
2019-07-05 11:33:10 +02:00
hmac_drbg.c
HMAC_DRBG: support set_entropy_len() before seed()
2019-10-23 18:01:25 +02:00
Makefile
Fix #2370, minor typos and spelling mistakes
2019-02-18 15:57:54 +00:00
md2.c
MD: Make deprecated functions not inline
2018-02-22 08:20:42 +00:00
md4.c
MD: Make deprecated functions not inline
2018-02-22 08:20:42 +00:00
md5.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
md_wrap.c
New MD API: rename functions from _ext to _ret
2018-01-22 11:54:42 +01:00
md.c
Merge branch 'development' into development-restricted
2018-01-25 17:28:31 +00:00
memory_buffer_alloc.c
Fix braces in mbedtls_memory_buffer_alloc_status()
2018-05-23 16:32:33 +01:00
net_sockets.c
net_sockets: Fix typo in net_would_block()
2019-06-20 16:28:10 +01:00
oid.c
pkcs5v2: add support for additional hmacSHA algorithms
2018-02-08 17:18:15 +08:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Merge remote-tracking branch 'upstream-public/pr/778' into mbedtls-2.7-proposed
2018-03-12 23:44:56 +01:00
pk_wrap.c
Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
2018-03-30 18:43:16 +02:00
pk.c
Change PK module preprocessor check on word size
2017-08-04 13:32:15 +01:00
pkcs5.c
Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C
2018-10-16 13:53:58 +01:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C
2018-10-16 13:53:50 +01:00
pkparse.c
Fix pkparse bug wrt MBEDTLS_RSA_ALT
2020-02-18 11:27:08 +01:00
pkwrite.c
Fix pk_write with an EC key to write a constant-length private value
2018-09-04 11:22:08 +02:00
platform.c
Omit runtime configuration of calloc/free if macro config enabled
2018-10-11 11:10:14 +01:00
ripemd160.c
MD: Make deprecated functions not inline
2018-02-22 08:20:42 +00:00
rsa_internal.c
Add explicit type cast to avoid truncation warning
2018-01-03 09:27:40 +00:00
rsa.c
Parse RSA parameters DP, DQ and QP from PKCS1 private keys
2020-01-29 13:13:04 -05:00
sha1.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
sha256.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
sha512.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
ssl_cache.c
Address PR review comments
2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c
Reduce priority of 3DES ciphersuites
2019-02-13 09:52:46 +00:00
ssl_cli.c
Add explicit unsigned-to-signed integer conversion
2018-10-10 15:50:05 +01:00
ssl_cookie.c
Fix resource leak when using mutex and ssl_cookie
2017-03-02 12:26:11 +00:00
ssl_srv.c
Fix #2370, minor typos and spelling mistakes
2019-02-18 15:57:54 +00:00
ssl_ticket.c
Indentation fix
2018-10-26 10:08:29 +01:00
ssl_tls.c
Fix bug in handling of DTLS client hard reconnect
2020-03-31 13:04:19 +02:00
threading.c
Do not define and initialize global mutexes on configurations that do not use them.
2018-03-21 15:13:08 +00:00
timing.c
timing: Remove redundant include file
2019-06-20 16:28:10 +01:00
version_features.c
Reduce priority of 3DES ciphersuites
2019-02-13 09:52:46 +00:00
version.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-10-21 12:50:45 +02:00
x509_crl.c
Always return a high-level error code from X.509 module
2019-06-04 14:03:27 +01:00
x509_crt.c
Revert "Merge pull request #3011 from Patater/dev/jp-bennett/development-2.7"
2020-02-04 14:47:45 +00:00
x509_csr.c
Fix CSR parsing header call
2018-12-05 23:23:39 +00:00
x509.c
Merge remote-tracking branch 'origin/pr/2451' into mbedtls-2.7
2019-06-21 15:55:21 +01:00
x509write_crt.c
Change size of preallocated buffer for pk_sign() calls
2019-06-06 13:06:46 +02:00
x509write_csr.c
Add missing return code check on call to mbedtls_md()
2020-01-22 19:06:32 +01:00
xtea.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00