2021-06-24 19:31:26 +00:00
|
|
|
DESCRIPTION
|
|
|
|
|
|
|
|
|
|
Mbed TLS is a crypto library built by ARM that's been released
|
|
|
|
|
under a more permissive license than alternatives like OpenSSL
|
|
|
|
|
and is useful for interoperating with systems that require TLS
|
|
|
|
|
|
|
|
|
|
SOURCE
|
|
|
|
|
|
|
|
|
|
https://github.com/ARMmbed/mbedtls/archive/refs/tags/v2.26.0.tar.gz
|
|
|
|
|
|
|
|
|
|
LICENSE
|
|
|
|
|
|
|
|
|
|
Apache 2.o
|
|
|
|
|
|
|
|
|
|
LOCAL CHANGES
|
|
|
|
|
|
Make improvements
- Every unit test now passes on Apple Silicon. The final piece of this
puzzle was porting our POSIX threads cancelation support, since that
works differently on ARM64 XNU vs. AMD64. Our semaphore support on
Apple Silicon is also superior now compared to AMD64, thanks to the
grand central dispatch library which lets *NSYNC locks go faster.
- The Cosmopolitan runtime is now more stable, particularly on Windows.
To do this, thread local storage is mandatory at all runtime levels,
and the innermost packages of the C library is no longer being built
using ASAN. TLS is being bootstrapped with a 128-byte TIB during the
process startup phase, and then later on the runtime re-allocates it
either statically or dynamically to support code using _Thread_local.
fork() and execve() now do a better job cooperating with threads. We
can now check how much stack memory is left in the process or thread
when functions like kprintf() / execve() etc. call alloca(), so that
ENOMEM can be raised, reduce a buffer size, or just print a warning.
- POSIX signal emulation is now implemented the same way kernels do it
with pthread_kill() and raise(). Any thread can interrupt any other
thread, regardless of what it's doing. If it's blocked on read/write
then the killer thread will cancel its i/o operation so that EINTR can
be returned in the mark thread immediately. If it's doing a tight CPU
bound operation, then that's also interrupted by the signal delivery.
Signal delivery works now by suspending a thread and pushing context
data structures onto its stack, and redirecting its execution to a
trampoline function, which calls SetThreadContext(GetCurrentThread())
when it's done.
- We're now doing a better job managing locks and handles. On NetBSD we
now close semaphore file descriptors in forked children. Semaphores on
Windows can now be canceled immediately, which means mutexes/condition
variables will now go faster. Apple Silicon semaphores can be canceled
too. We're now using Apple's pthread_yield() funciton. Apple _nocancel
syscalls are now used on XNU when appropriate to ensure pthread_cancel
requests aren't lost. The MbedTLS library has been updated to support
POSIX thread cancelations. See tool/build/runitd.c for an example of
how it can be used for production multi-threaded tls servers. Handles
on Windows now leak less often across processes. All i/o operations on
Windows are now overlapped, which means file pointers can no longer be
inherited across dup() and fork() for the time being.
- We now spawn a thread on Windows to deliver SIGCHLD and wakeup wait4()
which means, for example, that posix_spawn() now goes 3x faster. POSIX
spawn is also now more correct. Like Musl, it's now able to report the
failure code of execve() via a pipe although our approach favors using
shared memory to do that on systems that have a true vfork() function.
- We now spawn a thread to deliver SIGALRM to threads when setitimer()
is used. This enables the most precise wakeups the OS makes possible.
- The Cosmopolitan runtime now uses less memory. On NetBSD for example,
it turned out the kernel would actually commit the PT_GNU_STACK size
which caused RSS to be 6mb for every process. Now it's down to ~4kb.
On Apple Silicon, we reduce the mandatory upstream thread size to the
smallest possible size to reduce the memory overhead of Cosmo threads.
The examples directory has a program called greenbean which can spawn
a web server on Linux with 10,000 worker threads and have the memory
usage of the process be ~77mb. The 1024 byte overhead of POSIX-style
thread-local storage is now optional; it won't be allocated until the
pthread_setspecific/getspecific functions are called. On Windows, the
threads that get spawned which are internal to the libc implementation
use reserve rather than commit memory, which shaves a few hundred kb.
- sigaltstack() is now supported on Windows, however it's currently not
able to be used to handle stack overflows, since crash signals are
still generated by WIN32. However the crash handler will still switch
to the alt stack, which is helpful in environments with tiny threads.
- Test binaries are now smaller. Many of the mandatory dependencies of
the test runner have been removed. This ensures many programs can do a
better job only linking the the thing they're testing. This caused the
test binaries for LIBC_FMT for example, to decrease from 200kb to 50kb
- long double is no longer used in the implementation details of libc,
except in the APIs that define it. The old code that used long double
for time (instead of struct timespec) has now been thoroughly removed.
- ShowCrashReports() is now much tinier in MODE=tiny. Instead of doing
backtraces itself, it'll just print a command you can run on the shell
using our new `cosmoaddr2line` program to view the backtrace.
- Crash report signal handling now works in a much better way. Instead
of terminating the process, it now relies on SA_RESETHAND so that the
default SIG_IGN behavior can terminate the process if necessary.
- Our pledge() functionality has now been fully ported to AARCH64 Linux.
2023-09-19 03:44:45 +00:00
|
|
|
- Support ECANCELED (similar to EINTR) needed by pthread_cancel()
|
|
|
|
|
|
2021-08-04 05:42:17 +00:00
|
|
|
- Strengthened server against DOS by removing expensive protections
|
|
|
|
|
for old Internet Explorer against Lucky Thirteen timing attacks.
|
|
|
|
|
|
2021-06-24 19:31:26 +00:00
|
|
|
- Reduce build+test latency from 15 seconds to 5 seconds.
|
|
|
|
|
|
|
|
|
|
- Features have been added that enable this library to produce SSL
|
|
|
|
|
certificates that can be used by Google Chrome. This required we
|
|
|
|
|
add featurces for editing Subject Alternative Names and Extended
|
|
|
|
|
Key Usage X.509 extension fields since upstream mbedtls can only
|
|
|
|
|
do that currently for Netscape Navigator.
|
|
|
|
|
|
|
|
|
|
- Local changes needed to be made to test_suite_ssl.datax due to it
|
|
|
|
|
not taking into consideration disabled features like DTLS.
|
|
|
|
|
|
|
|
|
|
- Local changes needed to be made to test_suite_x509parse.datax due
|
|
|
|
|
to the features we added for subject alternative name parsing.
|
|
|
|
|
|
|
|
|
|
- We've slimmed things down to meet our own specific local needs.
|
|
|
|
|
For example, we don't need the PSA code since we don't target ARM
|
|
|
|
|
hardware. We also don't need algorithms like camellia, blowfish,
|
|
|
|
|
ripemd, arc4, ecjpake, etc. We want security code that's simple,
|
|
|
|
|
readable, and easy to maintain. For example, the formally verified
|
|
|
|
|
eliptic curve diffie-helman code was 38 files and most of it was
|
|
|
|
|
dead code which could be consolidated into one < 1 kLOC file.
|
|
|
|
|
|
|
|
|
|
- The only breaking API change that's been made is to redefine int
|
|
|
|
|
arrays of things like long lists of ciphersuites to be uint8_t or
|
|
|
|
|
uint16_t instead when appropriate.
|
|
|
|
|
|
|
|
|
|
- Exported test code so it (a) doesn't have python as a build time
|
|
|
|
|
dependency, (b) doesn't print to stdout on success, (c) bundles
|
|
|
|
|
its dependencies inside a zip container so the tests are able to
|
|
|
|
|
run hermetically if the binary is scp'd to some machine, and (d)
|
|
|
|
|
doesn't have large amounts of duplicated generated code.
|
2021-07-05 21:03:50 +00:00
|
|
|
|
2021-07-12 06:17:47 +00:00
|
|
|
- Fix mbedtls_mpi_sub_abs() to not call malloc/free/memcpy since
|
|
|
|
|
it's called 11,124 times during as SSL handshake.
|
|
|
|
|
|
2021-07-19 21:55:20 +00:00
|
|
|
- Make P-256 and P-384 modulus goes 5x faster.
|
|
|
|
|
|
2021-07-05 21:03:50 +00:00
|
|
|
- Make chacha20 26% faster.
|
2021-07-06 14:07:18 +00:00
|
|
|
|
|
|
|
|
- Make base64 100x faster.
|
|
|
|
|
|
|
|
|
|
- Make gcm faster.
|