| Age | Commit message (Collapse) | Author |
|---|
|
As a cryptographically secure random generator.
Internally it uses mbedTLS CTR-DRBG implementation which gets re-seeded
with entropy from OS::get_entropy when needed.
CryptoCore now additionally depends on `ctr_drbg.c` and `entropy.c`
thirdparty mbedtls files.
|
|
Keep applying the windows entropy patch (UWP support).
Remove no longer needed padlock patch.
Update thirdparty README to reflect changes, and new source inclusion
criteria.
|
|
Remove upstreamed patches.
Re-apply padlock and uwp patches.
NOTE: We could replace our padloack patch with mbedtls 3452.
|
|
Fixes engine startup time regression described here:
https://github.com/godotengine/godot/issues/43351#issuecomment-847466783
|
|
Backports PR https://github.com/ARMmbed/mbedtls/pull/4948 to fix a regression
with our macOS builds using Clang 12.
Fixes #53297.
|
|
|
|
|
|
|
|
|
|
|
|
Fixes https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-04
|
|
The comment mentioned a conflict with libwebsockets, but we actually
still get this conflict even now that we don't use libwebsockets.
Not sure what component is clashing but we should basically just keep
this patch.
Follow-up to #36823.
|
|
For some weird reason 'git apply' does not error out when it does nothing,
so I missed that I did not apply the patch properly in #36823...
This broke the UWP 32-bit x86 build.
|
|
Fixes https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02
Drop patch to disable VIA padlock since we no longer use libwebsockets,
so there's no conflict anymore.
|
|
Fixes CVE-2019-18222.
`include/mbedtls/version.h` was modified to include the forgotten
version bump to 2.16.4, fixed upstream by ARMmbed/mbedtls#2992.
|
|
|
|
|
|
Godot core needs MD5/SHA256/AES/Base64 which used to be provided by
separate libraries.
Since we bundle mbedtls in most cases, and we can easily only include
the needed sources if we so desire, let's use it.
To simplify library changes in the future, and better isolate header
dependencies all functions have been wrapped around inside a class in
`core/math/crypto_base.h`.
If the mbedtls module is disabled, we only bundle the needed source
files independently of the `builtin_mbedtls` option.
If the module is enabled, the `builtin_mbedtls` option works as usual.
Also remove some unused headers from StreamPeerMbedTLS which were
causing build issues.
|
|
This code defines a symbol 'unsupported' which is also in a newer
version of libwebsockets. To fix 32bit linux builds just disable
padlock support. Processors that support this are rare and old.
|
|
Also remove .orig file which should not have been committed in the first
place
|
|
|
|
This code defines a symbol 'unsupported' which is also in a newer
version of libwebsockets. To fix 32bit linux builds just disable
padlock support. Processors that support this are rare and old.
|
|
_WIN32_WINNT redefinition fix is no longer needed as it was merged
upstream. PR 1453 is still not merged, diff updated to current state.
|
|
|
|
Rename `lws` to `libwebsockets` which is its library name.
Add missing license file for mbedtls.
|
|
The patch seems to be ready for merge upstream
|
|
|
|
|
|
We are using 0x0601 as min anyway.
This avoids SOCKADDR_STORAGE error on uwp build
|
|
Fixes UWP build while we wait for it to get into next release.
|
|
|