Skip to content

Commit

Permalink
Merge pull request #690 from ARMmbed/update-development-restricted-20…
Browse files Browse the repository at this point in the history
…2004329

Merge development into development restricted
  • Loading branch information
gilles-peskine-arm authored Apr 29, 2020
2 parents 215d2e1 + bdd5ba9 commit 4926f0d
Show file tree
Hide file tree
Showing 185 changed files with 6,070 additions and 2,242 deletions.
4 changes: 2 additions & 2 deletions .github/issue_template.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
Note: This is just a template, so feel free to use/remove the unnecessary things

### Description
- Type: Bug | Enhancement\Feature Request | Question
- Type: Bug | Enhancement\Feature Request
- Priority: Blocker | Major | Minor

---------------------------------------------------------------
Expand Down Expand Up @@ -38,4 +38,4 @@ Version:

## Question

**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb), and preferably file an issue in the [Mbed TLS support forum](https://forums.mbed.com/c/mbed-tls)**
**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb). If you can't find the answer you're looking for then please use the [Mbed TLS mailing list](https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls)**
22 changes: 21 additions & 1 deletion .pylintrc
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,27 @@ max-attributes=15
max-module-lines=2000

[MESSAGES CONTROL]
disable=
# * locally-disabled, locally-enabled: If we disable or enable a message
# locally, it's by design. There's no need to clutter the Pylint output
# with this information.
# * logging-format-interpolation: Pylint warns about things like
# ``log.info('...'.format(...))``. It insists on ``log.info('...', ...)``.
# This is of minor utility (mainly a performance gain when there are
# many messages that use formatting and are below the log level).
# Some versions of Pylint (including 1.8, which is the version on
# Ubuntu 18.04) only recognize old-style format strings using '%',
# and complain about something like ``log.info('{}', foo)`` with
# logging-too-many-args (Pylint supports new-style formatting if
# declared globally with logging_format_style under [LOGGING] but
# this requires Pylint >=2.2).
# * no-else-return: Allow the perfectly reasonable idiom
# if condition1:
# return value1
# else:
# return value2
# * unnecessary-pass: If we take the trouble of adding a line with "pass",
# it's because we think the code is clearer that way.
disable=locally-disabled,locally-enabled,logging-format-interpolation,no-else-return,unnecessary-pass

[REPORTS]
# Don't diplay statistics. Just the facts.
Expand Down
2 changes: 1 addition & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ if(CMAKE_COMPILER_IS_GNU)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wlogical-op")
endif()
if (GCC_VERSION VERSION_GREATER 4.8 OR GCC_VERSION VERSION_EQUAL 4.8)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wshadow -Wformat-signedness")
endif()
set(CMAKE_C_FLAGS_RELEASE "-O2")
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
Expand Down
26 changes: 25 additions & 1 deletion ChangeLog
Original file line number Diff line number Diff line change
@@ -1,12 +1,22 @@
mbed TLS ChangeLog (Sorted per branch, date)

= mbed TLS x.x.x branch released xxxx-xx-xx
= mbed TLS 2.22.0 branch released 2020-04-14

New deprecations
* Deprecate MBEDTLS_SSL_HW_RECORD_ACCEL that enables function hooks in the
SSL module for hardware acceleration of individual records.
* Deprecate mbedtls_ssl_get_max_frag_len() in favour of
mbedtls_ssl_get_output_max_frag_len() and
mbedtls_ssl_get_input_max_frag_len() to be more precise about which max
fragment length is desired.

Security
* Fix issue in DTLS handling of new associations with the same parameters
(RFC 6347 section 4.2.8): an attacker able to send forged UDP packets to
the server could cause it to drop established associations with
legitimate clients, resulting in a Denial of Service. This could only
happen when MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE was enabled in config.h
(which it is by default).
* Fix side channel in ECC code that allowed an adversary with access to
precise enough timing and memory access information (typically an
untrusted operating system attacking a secure enclave) to fully recover
Expand All @@ -15,13 +25,27 @@ Security
* Fix a potentially remotely exploitable buffer overread in a
DTLS client when parsing the Hello Verify Request message.

Features
* The new build option MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH automatically
resizes the I/O buffers before and after handshakes, reducing the memory
consumption during application data transfer.

Bugfix
* Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.
* Remove a spurious check in ssl_parse_client_psk_identity that triggered
a warning with some compilers. Fix contributed by irwir in #2856.
* Fix a function name in a debug message. Contributed by Ercan Ozturk in
#3013.

Changes
* Mbed Crypto is no longer a Git submodule. The crypto part of the library
is back directly in the present repository.
* Split mbedtls_ssl_get_max_frag_len() into
mbedtls_ssl_get_output_max_frag_len() and
mbedtls_ssl_get_input_max_frag_len() to ensure that a sufficient input
buffer is allocated by the server (if MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
is defined), regardless of what MFL was configured for it.

= mbed TLS 2.21.0 branch released 2020-02-20

Expand Down
67 changes: 67 additions & 0 deletions ChangeLog.d/00README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
# Pending changelog entry directory

This directory contains changelog entries that have not yet been merged
to the changelog file ([`../ChangeLog`](../ChangeLog)).

## Changelog entry file format

A changelog entry file must have the extension `*.txt` and must have the
following format:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Security
* Change description.
* Another change description.
Features
* Yet another change description. This is a long change description that
spans multiple lines.
* Yet again another change description.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The permitted changelog entry categories are as follows:
<!-- Keep this synchronized with STANDARD_CATEGORIES in assemble_changelog.py! -->

API changes
Default behavior changes
Requirement changes
New deprecations
Removals
Features
Security
Bugfix
Changes

Use “Changes” for anything that doesn't fit in the other categories, such as
performance, documentation and test improvements.

## How to write a changelog entry

Each entry starts with three spaces, an asterisk and a space. Continuation
lines start with 5 spaces. Lines wrap at 79 characters.

Write full English sentences with proper capitalization and punctuation. Use
the present tense. Use the imperative where applicable. For example: “Fix a
bug in mbedtls_xxx() ….”

Include GitHub issue numbers where relevant. Use the format “#1234” for an
Mbed TLS issue. Add other external references such as CVE numbers where
applicable.

Credit the author of the contribution if the contribution is not a member of
the Mbed TLS development team. Also credit bug reporters where applicable.

**Explain why, not how**. Remember that the audience is the users of the
library, not its developers. In particular, for a bug fix, explain the
consequences of the bug, not how the bug was fixed. For a new feature, explain
why one might be interested in the feature. For an API change or a deprecation,
explain how to update existing applications.

See [existing entries](../ChangeLog) for examples.

## How `ChangeLog` is updated

Run [`../scripts/assemble_changelog.py`](../scripts/assemble_changelog.py)
from a Git working copy
to move the entries from files in `ChangeLog.d` to the main `ChangeLog` file.
4 changes: 4 additions & 0 deletions ChangeLog.d/bugfix.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Bugfix
* Fix the Visual Studio Release x64 build configuration for mbedtls itself.
Completes a previous fix in Mbed TLS 2.19 that only fixed the build for
the example programs. Reported in #1430 and fix contributed by irwir.
6 changes: 6 additions & 0 deletions ChangeLog.d/error_const.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
Features
* New functions in the error module return constant strings for
high- and low-level error codes, complementing mbedtls_strerror()
which constructs a string for any error code, including compound
ones, but requires a writable buffer. Contributed by Gaurav Aggarwal
in #3176.
4 changes: 4 additions & 0 deletions ChangeLog.d/fix-ecp_double_add_mxz.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Changes
* Fix minor performance issue in operations on Curve25519 caused by using a
suboptimal modular reduction in one place. Found and fix contributed by
Aurelien Jarno in #3209.
3 changes: 3 additions & 0 deletions ChangeLog.d/fix-gcc-format-signedness-warnings.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Changes
* Fix warnings about signedness issues in format strings. The build is now
clean of -Wformat-signedness warnings. Contributed by Kenneth Soerensen in #3153.
5 changes: 5 additions & 0 deletions ChangeLog.d/max_pathlen.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Bugfix
* Fix undefined behavior in X.509 certificate parsing if the
pathLenConstraint basic constraint value is equal to INT_MAX.
The actual effect with almost every compiler is the intended
behavior, so this is unlikely to be exploitable anywhere. #3192
3 changes: 3 additions & 0 deletions ChangeLog.d/md_switch.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Changes
* Combine identical cases in switch statements in md.c. Contributed
by irwir in #3208.
3 changes: 3 additions & 0 deletions ChangeLog.d/ssl_context_info.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Features
* The new utility programs/ssl/ssl_context_info prints a human-readable
dump of an SSL context saved with mbedtls_ssl_context_save().
3 changes: 3 additions & 0 deletions ChangeLog.d/ssl_write_certificate_request.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
Changes
* Simplify a bounds check in ssl_write_certificate_request(). Contributed
by irwir in #3150.
4 changes: 3 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -124,8 +124,10 @@ endif

## Editor navigation files
C_SOURCE_FILES = $(wildcard include/*/*.h library/*.[hc] programs/*/*.[hc] tests/suites/*.function)
# Exuberant-ctags invocation. Other ctags implementations may require different options.
CTAGS = ctags --langmap=c:+.h.function -o
tags: $(C_SOURCE_FILES)
ctags -o $@ $(C_SOURCE_FILES)
$(CTAGS) $@ $(C_SOURCE_FILES)
TAGS: $(C_SOURCE_FILES)
etags -o $@ $(C_SOURCE_FILES)
GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
Expand Down
2 changes: 1 addition & 1 deletion doxygen/input/doc_mainpage.h
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
*/

/**
* @mainpage mbed TLS v2.21.0 source code documentation
* @mainpage mbed TLS v2.22.0 source code documentation
*
* This documentation describes the internal structure of mbed TLS. It was
* automatically generated from specially formatted comment blocks in
Expand Down
4 changes: 2 additions & 2 deletions doxygen/mbedtls.doxyfile
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.

PROJECT_NAME = "mbed TLS v2.21.0"
PROJECT_NAME = "mbed TLS v2.22.0"

# The PROJECT_NUMBER tag can be used to enter a project or revision number.
# This could be handy for archiving the generated documentation or
Expand Down Expand Up @@ -1594,7 +1594,7 @@ SEARCH_INCLUDES = YES
# contain include files that are not input files but should be processed by
# the preprocessor.

INCLUDE_PATH =
INCLUDE_PATH = ../include

# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
# patterns (like *.h and *.hpp) to filter out the header-files in the
Expand Down
21 changes: 21 additions & 0 deletions include/mbedtls/check_config.h
Original file line number Diff line number Diff line change
Expand Up @@ -619,6 +619,23 @@
#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif

#if (defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \
!(defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) )
#error "One or more versions of the TLS protocol are enabled " \
"but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx"
#endif

#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_2)
Expand Down Expand Up @@ -763,6 +780,10 @@
#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
#endif

#if defined(MBEDTLS_CERTS_C) && !defined(MBEDTLS_X509_USE_C)
#error "MBEDTLS_CERTS_C defined, but not all prerequisites"
#endif

#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites"
#endif
Expand Down
7 changes: 4 additions & 3 deletions include/mbedtls/config.h
Original file line number Diff line number Diff line change
Expand Up @@ -1520,8 +1520,8 @@

/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
*
* Enable support for Extended Master Secret, aka Session Hash
* (draft-ietf-tls-session-hash-02).
* Enable support for RFC 7627: Session Hash and Extended Master Secret
* Extension.
*
* This was introduced as "the proper fix" to the Triple Handshake familiy of
* attacks, but it is recommended to always use it (even if you disable
Expand All @@ -1539,7 +1539,8 @@
/**
* \def MBEDTLS_SSL_FALLBACK_SCSV
*
* Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
* Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV)
* for Preventing Protocol Downgrade Attacks.
*
* For servers, it is recommended to always enable this, unless you support
* only one version of TLS, or know for sure that none of your clients
Expand Down
30 changes: 30 additions & 0 deletions include/mbedtls/error.h
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,36 @@ extern "C" {
*/
void mbedtls_strerror( int errnum, char *buffer, size_t buflen );

/**
* \brief Translate the high-level part of an Mbed TLS error code into a string
* representation.
*
* This function returns a const pointer to an un-modifiable string. The caller
* must not try to modify the string. It is intended to be used mostly for
* logging purposes.
*
* \param error_code error code
*
* \return The string representation of the error code, or \c NULL if the error
* code is unknown.
*/
const char * mbedtls_high_level_strerr( int error_code );

/**
* \brief Translate the low-level part of an Mbed TLS error code into a string
* representation.
*
* This function returns a const pointer to an un-modifiable string. The caller
* must not try to modify the string. It is intended to be used mostly for
* logging purposes.
*
* \param error_code error code
*
* \return The string representation of the error code, or \c NULL if the error
* code is unknown.
*/
const char * mbedtls_low_level_strerr( int error_code );

#ifdef __cplusplus
}
#endif
Expand Down
Loading

0 comments on commit 4926f0d

Please sign in to comment.