mbedtls: Update to upstream version 2.28.3

Rediff patch from PR 1453, lstrlenW is no longer used upstream so that part of the patch was dropped. (cherry picked from commit 1fde2092d0)
2025-12-04 17:04:49 +00:00 · 2023-04-18 10:38:24 +02:00
parent 212190ae49
commit ac4daf4147
174 changed files with 36064 additions and 35819 deletions
--- a/thirdparty/mbedtls/patches/1453.diff
+++ b/thirdparty/mbedtls/patches/1453.diff
@@ -1,8 +1,8 @@
 diff --git a/thirdparty/mbedtls/library/entropy_poll.c b/thirdparty/mbedtls/library/entropy_poll.c
-index a858c1892b..69ac29e4f7 100644
+index 3420616a06..57fddd4d62 100644
 --- a/thirdparty/mbedtls/library/entropy_poll.c
 +++ b/thirdparty/mbedtls/library/entropy_poll.c
-@@ -54,28 +54,43 @@
+@@ -55,26 +55,41 @@
 #define _WIN32_WINNT 0x0400
 #endif
 #include <windows.h>
@@ -22,99 +22,32 @@ index a858c1892b..69ac29e4f7 100644
 +#pragma warning( pop )
 +#endif
 
- int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
-                            size_t *olen )
+ int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
+                                   size_t *olen)
 {
 -    HCRYPTPROV provider;
 +    ULONG len_as_ulong = 0;
     ((void) data);
     *olen = 0;
 
-    if( CryptAcquireContext( &provider, NULL, NULL,
-                              PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
+-    if (CryptAcquireContext(&provider, NULL, NULL,
+-                            PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) {
 +    /*
 +     * BCryptGenRandom takes ULONG for size, which is smaller than size_t on
 +     * 64-bit Windows platforms. Ensure len's value can be safely converted into
 +     * a ULONG.
 +     */
-+    if ( FAILED( SizeTToULong( len, &len_as_ulong ) ) )
-     {
-         return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+    if (FAILED(SizeTToULong(len, &len_as_ulong))) {
+         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
     }
 
-    if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
-+    if ( !BCRYPT_SUCCESS( BCryptGenRandom( NULL, output, len_as_ulong, BCRYPT_USE_SYSTEM_PREFERRED_RNG ) ) )
-     {
-        CryptReleaseContext( provider, 0 );
-         return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+-    if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) {
+-        CryptReleaseContext(provider, 0);
+    if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, len_as_ulong, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
+         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
     }
 
-    CryptReleaseContext( provider, 0 );
+-    CryptReleaseContext(provider, 0);
     *olen = len;
 
-     return( 0 );
-diff --git a/thirdparty/mbedtls/library/x509_crt.c b/thirdparty/mbedtls/library/x509_crt.c
-index def1414eca..4361f43ed0 100644
--- a/thirdparty/mbedtls/library/x509_crt.c
-+++ b/thirdparty/mbedtls/library/x509_crt.c
-@@ -58,6 +58,19 @@
- #if defined(MBEDTLS_HAVE_TIME)
- #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
- #include <windows.h>
-+#if defined(_MSC_VER) && _MSC_VER <= 1600
-+/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and
-+ * <intsafe.h> are included, as they redefine a number of <TYPE>_MAX constants.
-+ * These constants are guaranteed to be the same, though, so we suppress the
-+ * warning when including intsafe.h.
-+ */
-+#pragma warning( push )
-+#pragma warning( disable : 4005 )
-+#endif
-+#include <intsafe.h>
-+#if defined(_MSC_VER) && _MSC_VER <= 1600
-+#pragma warning( pop )
-+#endif
- #else
- #include <time.h>
- #endif
-@@ -1549,6 +1562,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
-     char filename[MAX_PATH];
-     char *p;
-     size_t len = strlen( path );
-+    int lengthAsInt = 0;
- 
-     WIN32_FIND_DATAW file_data;
-     HANDLE hFind;
-@@ -1563,7 +1577,18 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
-     p = filename + len;
-     filename[len++] = '*';
- 
-    w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir,
-+    if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) )
-+        return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
-+
-+    /*
-+     * Note this function uses the code page CP_ACP, and assumes the incoming
-+     * string is encoded in ANSI, before translating it into Unicode. If the
-+     * incoming string were changed to be UTF-8, then the length check needs to
-+     * change to check the number of characters, not the number of bytes, in the
-+     * incoming string are less than MAX_PATH to avoid a buffer overrun with
-+     * MultiByteToWideChar().
-+     */
-+    w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir,
-                                  MAX_PATH - 3 );
-     if( w_ret == 0 )
-         return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
-@@ -1580,8 +1605,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
-         if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
-             continue;
- 
-+        if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) )
-+            return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
-+
-         w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
-                                     lstrlenW( file_data.cFileName ),
-+                                     lengthAsInt,
-                                      p, (int) len - 1,
-                                      NULL, NULL );
-         if( w_ret == 0 )
+     return 0;