From eb00fbadb4ca7551b181570e055a4f16ef656aa8 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Mon, 16 Sep 2019 16:23:58 +0100 Subject: [PATCH] tls: Update to Mbed TLS 2.19.1 Update Mbed TLS to Mbed TLS 2.19.1. --- features/mbedtls/VERSION.txt | 2 +- features/mbedtls/importer/Makefile | 2 +- features/mbedtls/inc/mbedtls/check_config.h | 8 ++++++++ features/mbedtls/inc/mbedtls/ssl.h | 7 ++++--- features/mbedtls/src/ssl_tls.c | 5 ++--- 5 files changed, 16 insertions(+), 8 deletions(-) diff --git a/features/mbedtls/VERSION.txt b/features/mbedtls/VERSION.txt index cfa2e5f977..ef825252be 100644 --- a/features/mbedtls/VERSION.txt +++ b/features/mbedtls/VERSION.txt @@ -1 +1 @@ -mbedtls-2.19.0 +mbedtls-2.19.1 diff --git a/features/mbedtls/importer/Makefile b/features/mbedtls/importer/Makefile index 4bda69efe3..d556591f36 100644 --- a/features/mbedtls/importer/Makefile +++ b/features/mbedtls/importer/Makefile @@ -27,7 +27,7 @@ # # Set the mbed TLS release to import (this can/should be edited before import) -MBED_TLS_RELEASE ?= mbedtls-2.19.0 +MBED_TLS_RELEASE ?= mbedtls-2.19.1 MBED_TLS_REPO_URL ?= git@github.com:ARMmbed/mbedtls-restricted.git # Translate between mbed TLS namespace and mbed namespace diff --git a/features/mbedtls/inc/mbedtls/check_config.h b/features/mbedtls/inc/mbedtls/check_config.h index 72d2376166..1c93331af0 100644 --- a/features/mbedtls/inc/mbedtls/check_config.h +++ b/features/mbedtls/inc/mbedtls/check_config.h @@ -305,6 +305,14 @@ #error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequesites" +#endif + +#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequesites" +#endif + #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM) #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites" #endif diff --git a/features/mbedtls/inc/mbedtls/ssl.h b/features/mbedtls/inc/mbedtls/ssl.h index 458857f6c2..655f59d328 100644 --- a/features/mbedtls/inc/mbedtls/ssl.h +++ b/features/mbedtls/inc/mbedtls/ssl.h @@ -970,7 +970,8 @@ struct mbedtls_ssl_config * tls_prf and random bytes. Should replace f_export_keys */ int (*f_export_keys_ext)( void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t, - unsigned char[32], unsigned char[32], mbedtls_tls_prf_types ); + const unsigned char[32], const unsigned char[32], + mbedtls_tls_prf_types ); void *p_export_keys; /*!< context for key export callback */ #endif @@ -1925,8 +1926,8 @@ typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey, size_t maclen, size_t keylen, size_t ivlen, - unsigned char client_random[32], - unsigned char server_random[32], + const unsigned char client_random[32], + const unsigned char server_random[32], mbedtls_tls_prf_types tls_prf_type ); #endif /* MBEDTLS_SSL_EXPORT_KEYS */ diff --git a/features/mbedtls/src/ssl_tls.c b/features/mbedtls/src/ssl_tls.c index f4bca87d21..a7facb81a2 100644 --- a/features/mbedtls/src/ssl_tls.c +++ b/features/mbedtls/src/ssl_tls.c @@ -1427,9 +1427,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, master, keyblk, mac_key_len, keylen, iv_copy_len, - /* work around bug in exporter type */ - (unsigned char *) randbytes + 32, - (unsigned char *) randbytes, + randbytes + 32, + randbytes, tls_prf_get_type( tls_prf ) ); } #endif