Merge branch 'mbedtls-2.18' into development

Bring Mbed TLS 2.18.0 and 2.18.1 release changes back into the
development branch. We had branched to release 2.18.0 and 2.18.1 in
order to allow those releases to go out without having to block work on
the `development` branch.

Manually resolve conflicts in the Changelog by moving all freshly addded
changes to a new, unreleased version entry.

Reject changes to include/mbedtls/platform.h made in the mbedtls-2.18
branch, as that file is now sourced from Mbed Crypto.

* mbedtls-2.18:
  platform: Include stdarg.h where needed
  Update Mbed Crypto to contain mbed-crypto#152
  CMake: Add a subdirectory build regression test
  README: Enable builds as a CMake subproject
  ChangeLog: Enable builds as a CMake subproject
  Remove use of CMAKE_SOURCE_DIR
  Update library version to 2.18.0

ChangeLog

@@ -2,6 +2,93 @@ mbed TLS ChangeLog (Sorted per branch, date)
 
 = mbed TLS x.x.x branch released xxxx-xx-xx
 
+Features
+   * Add new API functions mbedtls_ssl_session_save() and
+     mbedtls_ssl_session_load() to allow serializing a session, for example to
+     store it in non-volatile storage, and later using it for TLS session
+     resumption.
+   * Add a new API function mbedtls_ssl_check_record() to allow checking that
+     an incoming record is valid, authentic and has not been seen before. This
+     feature can be used alongside Connection ID and SSL context serialisation.
+     The feature is enabled at compile-time by MBEDTLS_SSL_RECORD_CHECKING
+     option.
+
+API Changes
+   * Add DER-encoded test CRTs to library/certs.c, allowing
+     the example programs ssl_server2 and ssl_client2 to be run
+     if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
+   * The HAVEGE state type now uses uint32_t elements instead of int.
+
+Bugfix
+   * Fix missing bounds checks in X.509 parsing functions that could
+     lead to successful parsing of ill-formed X.509 CRTs. Fixes #2437.
+   * Fix multiple X.509 functions previously returning ASN.1 low-level error
+     codes to always wrap these codes into X.509 high level error codes before
+     returning. Fixes #2431.
+   * Fix to allow building test suites with any warning that detects unused
+     functions. Fixes #1628.
+   * Fix typo in net_would_block(). Fixes #528 reported by github-monoculture.
+   * Remove redundant include file in timing.c. Fixes #2640 reported by irwir.
+   * Fix build failure when building with mingw on Windows by including
+     stdarg.h where needed. Fixes #2656.
+   * Fix Visual Studio Release x64 build configuration by inheriting
+     PlatformToolset from the project configuration. Fixes #1430 reported by
+     irwir.
+   * Enable Suite B with subset of ECP curves. Make sure the code compiles even
+     if some curves are not defined. Fixes #1591 reported by dbedev.
+   * Fix misuse of signed arithmetic in the HAVEGE module. #2598
+   * Avoid use of statically sized stack buffers for certificate writing.
+     This previously limited the maximum size of DER encoded certificates
+     in mbedtls_x509write_crt_der() to 2Kb. Reported by soccerGB in #2631.
+   * Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716.
+   * Update test certificates that were about to expire. Reported by
+     Bernhard M. Wiedemann in #2357.
+   * Fix the build on ARMv5TE in ARM mode to not use assembly instructions
+     that are only available in Thumb mode. Fix contributed by Aurelien Jarno
+     in #2169.
+   * Fix propagation of restart contexts in restartable EC operations.
+     This could previously lead to segmentation faults in builds using an
+     address-sanitizer and enabling but not using MBEDTLS_ECP_RESTARTABLE.
+
+Changes
+   * Replace multiple uses of MD2 by SHA-256 in X.509 test suite. Fixes #821.
+   * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
+     suggests). #2671
+   * Make `make clean` clean all programs always. Fixes #1862.
+   * Add a Dockerfile and helper scripts (all-in-docker.sh, basic-in-docker.sh,
+     docker-env.sh) to simplify running test suites on a Linux host. Contributed
+     by Peter Kolbus (Garmin).
+   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
+     Ashley Duncan in #2609.
+   * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
+     test runs without variability. Contributed by Philippe Antoine (Catena
+     cyber) in #2681.
+   * Extended .gitignore to ignore Visual Studio artifacts. Fixed by ConfusedSushi.
+   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
+     Ashley Duncan in #2609.
+   * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
+     test runs without variability. Contributed by Philippe Antoine (Catena
+     cyber) in #2681.
+   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
+     Ashley Duncan in #2609.
+   * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
+     test runs without variability. Contributed by Philippe Antoine (Catena
+     cyber) in #2681.
+   * Adds fuzz targets, especially for continuous fuzzing with OSS-Fuzz.
+     Contributed by Philippe Antoine (Catena cyber).
+
+= mbed TLS 2.18.1 branch released 2019-07-12
+
+Bugfix
+   * Fix build failure when building with mingw on Windows by including
+     stdarg.h where needed. Fixes #2656.
+
+Changes
+   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
+     Ashley Duncan in #2609.
+
+= mbed TLS 2.18.0 branch released 2019-06-11
+
 Features
    * Add the Any Policy certificate policy oid, as defined in
      rfc 5280 section 4.2.1.4.
@@ -31,24 +118,11 @@ Features
      changed its IP or port. The feature is enabled at compile-time by setting
      MBEDTLS_SSL_DTLS_CONNECTION_ID (disabled by default), and at run-time
      through the new APIs mbedtls_ssl_conf_cid() and mbedtls_ssl_set_cid().
-   * Add new API functions mbedtls_ssl_session_save() and
-     mbedtls_ssl_session_load() to allow serializing a session, for example to
-     store it in non-volatile storage, and later using it for TLS session
-     resumption.
-   * Add a new API function mbedtls_ssl_check_record() to allow checking that
-     an incoming record is valid, authentic and has not been seen before. This
-     feature can be used alongside Connection ID and SSL context serialisation.
-     The feature is enabled at compile-time by MBEDTLS_SSL_RECORD_CHECKING
-     option.
 
 API Changes
    * Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
      and the used tls-prf.
    * Add public API for tls-prf function, according to requested enum.
-   * Add DER-encoded test CRTs to library/certs.c, allowing
-     the example programs ssl_server2 and ssl_client2 to be run
-     if MBEDTLS_FS_IO and MBEDTLS_PEM_PARSE_C are unset. Fixes #2254.
-   * The HAVEGE state type now uses uint32_t elements instead of int.
 
 Bugfix
    * Fix private key DER output in the key_app_writer example. File contents
@@ -76,35 +150,7 @@ Bugfix
    * Set the next sequence of the subject_alt_name to NULL when deleting
      sequence on failure. Found and fix suggested by Philippe Antoine.
      Credit to OSS-Fuzz.
-   * Fix missing bounds checks in X.509 parsing functions that could
-     lead to successful parsing of ill-formed X.509 CRTs. Fixes #2437.
-   * Fix multiple X.509 functions previously returning ASN.1 low-level error
-     codes to always wrap these codes into X.509 high level error codes before
-     returning. Fixes #2431.
-   * Fix to allow building test suites with any warning that detects unused
-     functions. Fixes #1628.
-   * Fix typo in net_would_block(). Fixes #528 reported by github-monoculture.
-   * Remove redundant include file in timing.c. Fixes #2640 reported by irwir.
-   * Fix build failure when building with mingw on Windows by including
-     stdarg.h where needed. Fixes #2656.
-   * Fix Visual Studio Release x64 build configuration by inheriting
-     PlatformToolset from the project configuration. Fixes #1430 reported by
-     irwir.
-   * Enable Suite B with subset of ECP curves. Make sure the code compiles even
-     if some curves are not defined. Fixes #1591 reported by dbedev.
-   * Fix misuse of signed arithmetic in the HAVEGE module. #2598
-   * Avoid use of statically sized stack buffers for certificate writing.
-     This previously limited the maximum size of DER encoded certificates
-     in mbedtls_x509write_crt_der() to 2Kb. Reported by soccerGB in #2631.
-   * Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716.
-   * Update test certificates that were about to expire. Reported by
-     Bernhard M. Wiedemann in #2357.
-   * Fix the build on ARMv5TE in ARM mode to not use assembly instructions
-     that are only available in Thumb mode. Fix contributed by Aurelien Jarno
-     in #2169.
-   * Fix propagation of restart contexts in restartable EC operations.
-     This could previously lead to segmentation faults in builds using an
-     address-sanitizer and enabling but not using MBEDTLS_ECP_RESTARTABLE.
+
 Changes
    * Server's RSA certificate in certs.c was SHA-1 signed. In the default
      mbedTLS configuration only SHA-2 signed certificates are accepted.
@@ -121,31 +167,6 @@ Changes
      Contributed by Peter Kolbus (Garmin).
    * Change wording in the `mbedtls_ssl_conf_max_frag_len()`'s documentation to
      improve clarity. Fixes #2258.
-   * Replace multiple uses of MD2 by SHA-256 in X.509 test suite. Fixes #821.
-   * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
-     suggests). #2671
-   * Make `make clean` clean all programs always. Fixes #1862.
-   * Add a Dockerfile and helper scripts (all-in-docker.sh, basic-in-docker.sh,
-     docker-env.sh) to simplify running test suites on a Linux host. Contributed
-     by Peter Kolbus (Garmin).
-   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
-     Ashley Duncan in #2609.
-   * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
-     test runs without variability. Contributed by Philippe Antoine (Catena
-     cyber) in #2681.
-   * Extended .gitignore to ignore Visual Studio artifacts. Fixed by ConfusedSushi.
-   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
-     Ashley Duncan in #2609.
-   * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
-     test runs without variability. Contributed by Philippe Antoine (Catena
-     cyber) in #2681.
-   * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by
-     Ashley Duncan in #2609.
-   * Add `reproducible` option to `ssl_client2` and `ssl_server2` to enable
-     test runs without variability. Contributed by Philippe Antoine (Catena
-     cyber) in #2681.
-   * Adds fuzz targets, especially for continuous fuzzing with OSS-Fuzz.
-     Contributed by Philippe Antoine (Catena cyber).
 
 = mbed TLS 2.17.0 branch released 2019-03-19
 

doxygen/input/doc_mainpage.h

@@ -24,7 +24,7 @@
  */
 
 /**
- * @mainpage mbed TLS v2.17.0 source code documentation
+ * @mainpage mbed TLS v2.18.0 source code documentation
  *
  * This documentation describes the internal structure of mbed TLS.  It was
  * automatically generated from specially formatted comment blocks in

doxygen/mbedtls.doxyfile

@@ -28,7 +28,7 @@ DOXYFILE_ENCODING      = UTF-8
 # identify the project. Note that if you do not use Doxywizard you need
 # to put quotes around the project name if it contains spaces.
 
-PROJECT_NAME           = "mbed TLS v2.17.0"
+PROJECT_NAME           = "mbed TLS v2.18.0"
 
 # The PROJECT_NUMBER tag can be used to enter a project or revision number.
 # This could be handy for archiving the generated documentation or

include/mbedtls/version.h

@@ -39,17 +39,17 @@
  * Major, Minor, Patchlevel
  */
 #define MBEDTLS_VERSION_MAJOR  2
-#define MBEDTLS_VERSION_MINOR  17
+#define MBEDTLS_VERSION_MINOR  18
 #define MBEDTLS_VERSION_PATCH  0
 
 /**
  * The single version number has the following structure:
  *    MMNNPP00
  *    Major version | Minor version | Patch version
  */
-#define MBEDTLS_VERSION_NUMBER         0x02110000
-#define MBEDTLS_VERSION_STRING         "2.17.0"
-#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.17.0"
+#define MBEDTLS_VERSION_NUMBER         0x02120000
+#define MBEDTLS_VERSION_STRING         "2.18.0"
+#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.18.0"
 
 #if defined(MBEDTLS_VERSION_C)
 

library/CMakeLists.txt

@@ -172,14 +172,14 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
 if(USE_SHARED_MBEDTLS_LIBRARY)
 
     add_library(mbedx509 SHARED ${src_x509})
-    set_target_properties(mbedx509 PROPERTIES VERSION 2.17.0 SOVERSION 0)
+    set_target_properties(mbedx509 PROPERTIES VERSION 2.18.0 SOVERSION 1)
     target_link_libraries(mbedx509 ${libs} mbedcrypto)
     target_include_directories(mbedx509
         PUBLIC ${MBEDTLS_DIR}/include/
         PUBLIC ${MBEDTLS_DIR}/crypto/include/)
 
     add_library(mbedtls SHARED ${src_tls})
-    set_target_properties(mbedtls PROPERTIES VERSION 2.17.0 SOVERSION 12)
+    set_target_properties(mbedtls PROPERTIES VERSION 2.18.0 SOVERSION 13)
     target_link_libraries(mbedtls ${libs} mbedx509)
     target_include_directories(mbedtls
         PUBLIC ${MBEDTLS_DIR}/include/

library/Makefile

@@ -35,8 +35,8 @@ LOCAL_CFLAGS += -fPIC -fpic
 endif
 endif
 
-SOEXT_TLS=so.12
-SOEXT_X509=so.0
+SOEXT_TLS=so.13
+SOEXT_X509=so.1
 SOEXT_CRYPTO=so.3
 
 # Set AR_DASH= (empty string) to use an ar implementation that does not accept

tests/suites/test_suite_version.data

@@ -1,8 +1,8 @@
 Check compiletime library version
-check_compiletime_version:"2.17.0"
+check_compiletime_version:"2.18.0"
 
 Check runtime library version
-check_runtime_version:"2.17.0"
+check_runtime_version:"2.18.0"
 
 Check for MBEDTLS_VERSION_C
 check_feature:"MBEDTLS_VERSION_C":0