Lines Matching refs:on
12 * Fix a vulnerability in TLS ciphersuites based on CBC and using SHA-384,
25 * Fix a vulnerability in TLS ciphersuites based on CBC, in (D)TLS 1.0 to
26 1.2, that allowed a local attacker, able to execute code on the local
36 on CBC, in (D)TLS 1.0 to 1.2, that allowed a local attacker, able to
37 execute code on the local machine as well as manipulate network packets,
56 * Add support for key wrapping modes based on AES as defined by
62 * Fix compilation error on C++, because of a variable named new.
64 * Fix "no symbols" warning issued by ranlib when building on Mac OS X. Fix
87 TLS 1.0. Reported by @kFYatek and by Conor Murphy on the forum. Fix
104 * Allow overriding the time on Windows via the platform-time abstraction.
127 * Fix compilation warnings with IAR toolchain, on 32 bit platform.
201 This function is necessary to determine when it is safe to idle on the
215 * Fix the Makefile build process for building shared libraries on Mac OS X.
220 * Return the plaintext data more quickly on unpadded CBC decryption, as
271 * Optimize unnecessary zeroing in mbedtls_mpi_copy. Based on a contribution
302 implementation allowed an offline 2^80 brute force attack on the
308 a crash on invalid input.
310 crash on invalid input.
329 * Fix test_suite_pk to work on 64-bit ILP32 systems. #849
339 * Fix compilation error on Mingw32 when _TRUNCATE is defined. Use _TRUNCATE
341 Nick Wilson on issue #355
350 that could cause a key exchange to fail on valid data.
352 could cause a key exchange to fail on valid data.
364 a migration path for those depending on the library's ABI.
375 6 bytes on the peer's heap, which could potentially lead to crash or remote
390 latter overflows. The exploitability of this issue depends on whether the
393 and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022.
411 name larger than 16 bytes had been configured on the server.
418 * The selftest program can execute a subset of the tests based on command
421 when run on a heavily-loaded machine.
490 dates on leap years with 100 and 400 intervals are handled correctly. Found
519 * Fix word size check in in pk.c to not depend on MBEDTLS_HAVE_INT64.
525 * Fix mbedtls_timing_alarm(0) on Unix and MinGW.
543 mbedtls_sha512_init() is called before operating on the relevant context
545 reset it. Found independently by ccli8 on Github.
557 on GitHub.
560 undeclared dependency of the RSA module on the ASN.1 module.
613 * Fix a resource leak on Windows platforms in mbedtls_x509_crt_parse_path(),
637 64-bit division. This is useful on embedded platforms where 64-bit division
638 created a dependency on external libraries. #708
657 certificate verification. SHA-1 can be turned back on with a compile-time
731 * Add checks in the PK module for the RSA functions on 64-bit systems.
752 * Fixed a bug that caused freeing a buffer that was allocated on the stack,
753 when verifying the validity of a key on secp224k1. This could be
755 and potentially could lead to remote code execution on some platforms.
816 sessions. "Nonce-Disrespecting Adversaries Practical Forgery Attacks on GCM in
847 * Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
849 * Fix for out-of-tree builds using CMake. Found by jwurzer, and fix based on
883 * Added optimization for code space for X.509/OID based on configured
949 SLOTH attack on TLS 1.2 server authentication (other attacks from the
972 * Fix potential heap corruption on Windows when
977 on untrusted input or write keys of untrusted origin. Found by Guido
979 * The X509 max_pathlen constraint was not enforced on intermediate
1003 * Fix failures in MPI on Sparc(64) due to use of bad assembly code.
1030 string of close to or larger than 1GB to exploit; on 64 bit machines, would
1033 on crafted PEM input data. Found and fix provided by Guido Vranken,
1037 buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken,
1039 * Fix potential double-free if mbedtls_conf_psk() is called repeatedly on
1113 result trying to unlock an unlocked mutex on invalid input (found by
1116 * Fix memory corruption on client with overlong PSK identity, around
1126 end of the default config.h by defining MBEDTLS_USER_CONFIG_FILE on the
1166 should generally be the first function called on this context after init:
1250 * Configuration options POLARSSL_HAVE_LONGLONG was removed (now always on).
1286 * Negotiation of truncated HMAC is now disabled by default on server too.
1296 * The NET layer now unconditionnaly relies on getaddrinfo() and select().
1306 * DTLS no longer hard-depends on TIMING_C, but uses a callback interface
1323 extendedKeyUsage on the leaf certificate was lost (results not accessible
1336 * Add support for overriding snprintf() (except on Windows) and exit() in
1344 * New script ecc-heap.sh helps measuring the impact of ECC parameters on
1349 warnings on use of deprecated functions (with GCC and Clang only).
1351 errors on use of deprecated functions.
1359 once on the same context.
1364 * mpi_size() and mpi_msb() would segfault when called on an mpi that is
1366 * Fix detection of support for getrandom() on Linux (reported by syzzer) by
1379 * Fix potential unintended sign extension in asn1_get_len() on 64-bit
1386 * Add missing dependency on SHA-256 in some x509 programs (reported by
1409 * Remove dependency on sscanf() in X.509 parsing modules.
1440 * Certificate selection based on signature hash, preferring SHA-1 over SHA-2
1442 * Add support for getrandom() syscall on recent Linux kernels with Glibc or
1460 * Fix unchecked return code in x509_crt_parse_path() on Windows (found by
1476 * ssl_set_own_cert() now returns an error on key-certificate mismatch.
1508 * ssl_read() could return non-application data records on server while
1509 renegotation was pending, and on client when a HelloRequest was received.
1514 * Fix compiler warnings on iOS (found by Sander Niemeijer).
1515 * x509_crt_parse() did not increase total_failed on PEM error
1524 ambiguous on how to encode some packets with SSL 3.0).
1528 POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
1558 required on some platforms (e.g. OpenBSD)
1570 * Remove less-than-zero checks on unsigned numbers
1571 * Stricter check on SSL ClientHello internal sizes compared to actual packet
1604 = PolarSSL 1.3.7 released on 2014-05-02
1617 * Ciphersuites based on RC4 now have the lowest priority by default
1631 * mpi_fill_random() was creating numbers larger than requested on
1636 * Fix detection of Clang on some Apple platforms with CMake
1639 = PolarSSL 1.3.6 released on 2014-04-11
1681 * Calling pk_debug() on an RSA-alt key would segfault.
1688 = PolarSSL 1.3.5 released on 2014-03-26
1729 * Fixed CMake symlinking on out-of-source builds
1732 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
1735 * m_sleep() was sleeping twice too long on most Unix platforms.
1749 = PolarSSL 1.3.4 released on 2014-01-27
1760 * net module handles timeouts on blocking sockets better (found by Tilman
1768 = PolarSSL 1.3.3 released on 2013-12-31
1791 * Fixed bug in mpi_set_bit() on platforms where t_uint is wider than int32_t
1798 * Fixed x509_crt_parse_path() bug on Windows platforms
1808 = PolarSSL 1.3.2 released on 2013-11-04
1823 * Prevent possible alignment warnings on casting from char * to 'aligned *'
1831 = PolarSSL 1.3.1 released on 2013-10-15
1853 = PolarSSL 1.3.0 released on 2013-10-01
1861 * Ability to specify allowed ciphersuites based on the protocol version.
1885 * Introduced separate SSL Ciphersuites module that is based on
1892 * Client and server now filter sent and accepted ciphersuites on minimum
1907 * zlib compression/decompression skipped on empty blocks
1912 * RSA blinding on CRT operations to counter timing attacks
1932 * Fix potential unintended sign extension in asn1_get_len() on 64-bit
1957 * Fix bug in MPI/bignum on s390/s390x (reported by Dan Horák) (introduced
1959 * Fix unchecked return code in x509_crt_parse_path() on Windows (found by
1988 * x509_crt_parse() did not increase total_failed on PEM error
1989 * Fix compiler warnings on iOS (found by Sander Niemeijer).
1992 * ssl_read() could return non-application data records on server while
1993 renegotation was pending, and on client when a HelloRequest was received.
2000 POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
2034 * Fixed x509_crt_parse_path() bug on Windows platforms
2046 * Fixed CMake symlinking on out-of-source builds
2047 * Bignum's MIPS-32 assembly was used on MIPS-64, causing chaos. (Found by
2061 * mpi_fill_random() was creating numbers larger than requested on
2064 * Stricter check on SSL ClientHello internal sizes compared to actual packet
2092 * Fixed potential heap buffer overflow on large hostname setting
2094 * RSA blinding on CRT operations to counter timing attacks
2119 * Fixed const correctness issues that have no impact on the ABI
2135 * Ability to specify allowed ciphersuites based on the protocol version.
2151 * Fixed net_bind() for specified IP addresses on little endian systems
2178 interoperability can be switched on/off with the flag
2209 * Fixed dependency on POLARSSL_SHA4_C in SSL modules
2274 * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
2277 * Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
2283 * Prevent reading over buffer boundaries on X509 certificate parsing
2290 * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
2293 = Version 1.1.8 released on 2013-10-01
2302 * Potential heap buffer overflow on large hostname setting
2304 = Version 1.1.7 released on 2013-06-19
2320 = Version 1.1.6 released on 2013-03-11
2322 * Fixed net_bind() for specified IP addresses on little endian systems
2336 = Version 1.1.5 released on 2013-01-16
2343 * Prevent reading over buffer boundaries on X509 certificate parsing
2357 * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
2360 = Version 1.1.4 released on 2012-05-31
2364 * Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
2366 = Version 1.1.3 released on 2012-04-29
2370 = Version 1.1.2 released on 2012-04-26
2372 * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
2376 * Fixed potential memory corruption on miscrafted client messages (found by
2381 = Version 1.1.1 released on 2012-01-23
2385 * Fixed issues with Intel compiler on 64-bit systems (Closes ticket #50)
2389 = Version 1.1.0 released on 2011-12-22
2399 * Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
2426 x509parse_crtfile(). With permissive parsing the parsing does not stop on
2429 * All error codes are now negative. Even on mermory failures and IO errors.
2447 = Version 1.0.0 released on 2011-07-27
2460 = Version 0.99-pre5 released on 2011-05-26
2484 net_recv() now returns 0 on EOF instead of
2486 POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function.
2493 = Version 0.99-pre4 released on 2011-04-01
2518 = Version 0.99-pre3 released on 2011-02-28
2544 * Fixed a possible Man-in-the-Middle attack on the
2548 = Version 0.99-pre1 released on 2011-01-30
2563 + Added verification callback on certificate chain
2578 = Version 0.14.0 released on 2010-08-16
2588 * Removed dependency on rand() in rsa_pkcs1_encrypt().
2599 * Fixed deadlock in rsa_pkcs1_encrypt() on failing random
2602 = Version 0.13.1 released on 2010-03-24
2607 = Version 0.13.0 released on 2010-03-21
2630 * Added small fixes for compiler warnings on a Mac
2635 = Version 0.12.1 released on 2009-10-04
2646 = Version 0.12.0 released on 2009-07-28
2663 * Fixed include location of endian.h on FreeBSD (found by
2665 * Fixed include location of endian.h and name clash on
2675 * Fixed segfault on handling empty rsa_context in
2690 = Version 0.11.1 released on 2009-05-17
2694 = Version 0.11.0 released on 2009-05-03
2717 * Fixed compatibility of XTEA and Camellia on a 64-bit system
2720 = Version 0.10.0 released on 2009-01-12
2732 = Version 0.9 released on 2008-03-16
2744 not swapped on PadLock; also fixed compilation on older versions
2754 * Added support on the client side for the TLS "hostname" extension
2771 Daniel Bleichenbacher attack on PKCS#1 v1.5 padding, as well
2774 * Fixed assembly PPC compilation errors on Mac OS X, thanks to
2777 = Version 0.8 released on 2007-10-20
2795 * Fixed a bug in mpi_read_binary() on 64-bit platforms
2802 = Version 0.7 released on 2007-07-07
2818 = Version 0.6 released on 2007-04-01
2821 time, to reduce the memory footprint on embedded systems
2828 * Fixed "long long" compilation issues on IA-64 and PPC64
2830 was not being correctly defined on ARM and MIPS
2832 = Version 0.5 released on 2007-03-01
2837 * Fixed some portability issues on WinCE, MINIX 3, Plan9
2843 = Version 0.4 released on 2007-02-01
2856 = Version 0.3 released on 2007-01-01
2862 the bignum code is no longer dependent on long long
2867 = Version 0.2 released on 2006-12-01
2870 * Updated the MPI code to support 8086 on MSVC 1.5
2884 = Version 0.1 released on 2006-11-01