Commit graph

38 commits

Author SHA1 Message Date
Fabio Alessandrelli
8ffb7699af [mbedTLS] Enable TLS 1.3 support
Move library initialization to module registration functions.

Only set library debug threshold when verbose output is enabled.

TLSv1.3 functions seems to be a bit more verbose then expected, and
generate a lot of noise. Yet, some level of debugging without
recompiling the engine would be nice. We should discuss this upstream.
2024-09-26 17:37:38 +02:00
Fabio Alessandrelli
4ac1f9c08a [mbedTLS] Update to 3.6.1 2024-08-31 15:35:37 +02:00
Lyuma
40fa684c18 mbedTLS: Update to new LTS v3.6.0
Keep module compatibility with mbedtls 2.x (old LTS branch).

A patch has been added to allow compiling after removing all the `psa_*`
files from the library folder (will look into upstreaming it).

Note: mbedTLS 3.6 finally enabled TLSv1.3 by default, but it requires
some module changes, and to enable PSA crypto (new "standard" API
specification), so it might be best done in a separate commit/PR.
2024-04-10 21:19:22 +02:00
Rémi Verschelde
915ca4dd45
mbedtls: Update to upstream version 2.28.8 2024-04-04 18:05:30 +02:00
Rémi Verschelde
dec635119e
mbedtls: Update to upstream version 2.28.7 2024-01-30 14:09:13 +01:00
Rémi Verschelde
b9d008de3d
mbedtls: Backport Windows fix to use bcrypt for entropy
We had a slightly older version of it for UWP, as the wincrypt API isn't allowed there.
We removed this with UWP in #81416, but since this was enabled inconditionally before,
this actually changed behavior for Windows compared to Godot 4.1 and earlier.

This change is also needed to properly supported Windows Store.
2023-10-27 10:25:50 +02:00
Fabio Alessandrelli
5333365593 mbedTLS: Update to version 2.18.5 2023-10-21 14:34:58 +02:00
Rémi Verschelde
8de6405288
UWP: Remove platform port, needs to be redone from scratch for 4.x
The UWP platform port was never ported to the Godot 4.0+ API,
and it's now accumulating bitrot as it doesn't compile, and thus
we no longer propagate platform changes in it.

So we finally remove to acknowledge this state. There's still some
interest in reviving the UWP port eventually, especially as support
for Direct3D 12 will soon be merged, but when that happens it will
be easiest to redo it from scratch.
2023-09-07 15:01:59 +02:00
Rémi Verschelde
1f6340bc46
mbedtls: Update to upstream version 2.28.4 2023-08-07 14:39:49 +02:00
Rémi Verschelde
1fde2092d0
mbedtls: Update to upstream version 2.28.3
Rediff patch from PR 1453, lstrlenW is no longer used upstream so
that part of the patch was dropped.
2023-04-18 10:38:24 +02:00
Rémi Verschelde
6e65244b6b
mbedtls: Update to upstream version 2.28.2 2022-12-21 12:05:54 +01:00
bruvzg
8dab4a2aa3
[Windows] Improve build environment detection, add support for Windows on ARM. 2022-08-27 16:10:53 +03:00
Fabio Alessandrelli
9403a68853 Bump mbedtls to version 2.18.1, update LICENSE.
Keep applying windows entropy patch.

Update thirdparty/README with correct version information.
2022-07-18 14:58:08 +02:00
Fabio Alessandrelli
e375cbd094 Bump mbedTLS version to 2.28.0 (new LTS).
Keep applying the windows entropy patch (UWP support).
Remove no longer needed padlock patch.
Update thirdparty README to reflect changes, and new source inclusion
criteria.
2021-12-21 13:26:02 +01:00
Fabio Alessandrelli
36d316876b Bump mbedtls to 2.16.12
Remove upstreamed patches.
Re-apply padlock and uwp patches.

NOTE: We could replace our padloack patch with mbedtls 3452.
2021-12-20 13:58:54 +01:00
Rémi Verschelde
52a535c030
mbedtls: Backport PR 4819 to fix certs parsing speed
Fixes engine startup time regression described here:
https://github.com/godotengine/godot/issues/43351#issuecomment-847466783
2021-10-25 17:59:47 +02:00
Rémi Verschelde
cd7b25588b
mbedtls: Update to upstream version 2.16.11 2021-07-20 12:32:46 +02:00
Fabio Alessandrelli
18bc1f2a8f Bump mbedtls to version 2.16.10. 2021-03-12 18:37:34 +01:00
Rémi Verschelde
2872006039
mbedtls: Update to upstream version 2.16.9 2020-12-18 21:43:21 +01:00
Fabio Alessandrelli
a905764e3d Update mbedTLS to version 2.16.8 (+ patch). 2020-09-07 15:47:38 +02:00
Fabio Alessandrelli
8ddf9fe4b0 Update to mbedtls 2.16.7 2020-07-02 15:53:50 +02:00
Rémi Verschelde
6b00357d53 mbedtls: Update to upstream version 2.16.6
Fixes https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-04
2020-04-21 10:37:14 +02:00
Rémi Verschelde
9a727714ee mbedtls: Re-apply upstream PR 1453 after #36823
For some weird reason 'git apply' does not error out when it does nothing,
so I missed that I did not apply the patch properly in #36823...

This broke the UWP 32-bit x86 build.
2020-03-09 16:03:27 +01:00
Rémi Verschelde
e435bed847 mbedtls: Update to upstream version 2.16.5
Fixes https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02

Drop patch to disable VIA padlock since we no longer use libwebsockets,
so there's no conflict anymore.
2020-03-05 16:12:50 +01:00
Rémi Verschelde
724487b3c1 mbedtls: Update to upstream version 2.16.4
Fixes CVE-2019-18222.

`include/mbedtls/version.h` was modified to include the forgotten
version bump to 2.16.4, fixed upstream by ARMmbed/mbedtls#2992.
2020-01-26 18:19:29 +01:00
Rémi Verschelde
a3d77be53b mbedtls: Update to upstream version 2.16.3 2019-11-12 08:56:18 +01:00
Rémi Verschelde
6321cc8da3 mbedtls: Update to upstream version 2.16.2 2019-07-11 08:32:07 +02:00
Fabio Alessandrelli
564d93ff10 CryptoCore class to access to base crypto utils.
Godot core needs MD5/SHA256/AES/Base64 which used to be provided by
separate libraries.
Since we bundle mbedtls in most cases, and we can easily only include
the needed sources if we so desire, let's use it.

To simplify library changes in the future, and better isolate header
dependencies all functions have been wrapped around inside a class in
`core/math/crypto_base.h`.

If the mbedtls module is disabled, we only bundle the needed source
files independently of the `builtin_mbedtls` option.
If the module is enabled, the `builtin_mbedtls` option works as usual.

Also remove some unused headers from StreamPeerMbedTLS which were
causing build issues.
2019-07-02 12:36:27 +02:00
Fabio Alessandrelli
a056e8dc77 Update mbedtls PR 1453 diff (UWP crypto fixes)
Also remove .orig file which should not have been committed in the first
place
2019-02-20 01:30:39 +01:00
Fabio Alessandrelli
2e495c73d6 Bump mbedTLS to version 2.16 (LTS version) 2019-02-20 01:30:32 +01:00
Rémi Verschelde
d8e1cd7a10 mbedtls: Update to upstream version 2.12.0
_WIN32_WINNT redefinition fix is no longer needed as it was merged
upstream. PR 1453 is still not merged, diff updated to current state.
2018-07-28 11:16:58 +02:00
Fabio Alessandrelli
888379e513 Bump mbedTLS to version 2.10.0 2018-06-07 18:50:44 +02:00
Fabio Alessandrelli
d97c45ad2e MbedTLS PR 1453 (fix UWP build)
The patch seems to be ready for merge upstream
2018-04-03 20:13:55 +02:00
Fabio Alessandrelli
7e776f5b2e Small patch to change mbedtls _WIN32_WINNT 2018-04-03 20:13:12 +02:00
Fabio Alessandrelli
febec68763 Update mbedTLS to version 2.8.0 2018-04-03 19:25:24 +02:00
Fabio Alessandrelli
dfef6f24d5 Small patch to change mbedtls _WIN32_WINNT
We are using 0x0601 as min anyway.
This avoids SOCKADDR_STORAGE error on uwp build
2018-02-20 17:50:08 +01:00
Fabio Alessandrelli
a929a5aea5 Import PR 730 from mbedTLS project
Fixes UWP build while we wait for it to get into next release.
2018-02-20 15:12:00 +01:00
Fabio Alessandrelli
b33d10ccdf Add mbedTLS lib. Version 2.7.0, license Apache 2.0 2018-02-14 01:26:23 +01:00