Merge branch 'master' of github.com:cyassl/cyassl

2013-12-12 11:06:21 -08:00
parent 26a26fa19d 5909f5c2c0
commit 9d6182d279
7 changed files with 47 additions and 20 deletions
--- a/configure.ac
+++ b/configure.ac
@@ -311,14 +311,14 @@ fi
 # SNIFFER
 AC_ARG_ENABLE([sniffer],
-              [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
+   [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
-               AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
+   AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
-                      ENABLED_SNIFFER=yes 
+       ENABLED_SNIFFER=yes 
-                      AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
+       AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
-                      ],[ ENABLED_SNIFFER=no ]) ])
+   ],[ AC_MSG_ERROR([cannot enable sniffer without having libpcap available.]) ]) ])
-               ],[
+   ],[
-                  ENABLED_SNIFFER=no
+       ENABLED_SNIFFER=no
-                  ])
+   ])
 AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])
--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@@ -2646,6 +2646,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
            CYASSL_MSG("Verify Signautre has unsupported type");
            return 0;
    }
    (void)typeH;  /* some builds won't read */
    switch (keyOID) {
    #ifndef NO_RSA
@@ -3339,6 +3340,7 @@ static void DecodeCertExtensions(DecodedCert* cert)
        }
        idx += length;
    }
    (void)critical;
    CYASSL_LEAVE("DecodeCertExtensions", 0);
    return;
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@@ -823,9 +823,9 @@ CYASSL_API CYASSL_X509*
 #ifndef NO_FILESYSTEM
 CYASSL_API CYASSL_X509*
    CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
 #endif
 CYASSL_API CYASSL_X509*
    CyaSSL_X509_load_certificate_file(const char* fname, int format);
 #endif
 #ifdef CYASSL_SEP
    CYASSL_API unsigned char*
--- a/src/internal.c
+++ b/src/internal.c
@@ -635,8 +635,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
    if (suites->setSuites)
        return;      /* trust user settings, don't override */
-    if (side == CYASSL_SERVER_END && haveStaticECC)
+    if (side == CYASSL_SERVER_END && haveStaticECC) {
        haveRSA = 0;   /* can't do RSA with ECDSA key */
        (void)haveRSA; /* some builds won't read */
    }
    if (side == CYASSL_SERVER_END && haveECDSAsig) {
        haveRSAsig = 0;     /* can't have RSA sig if signed by ECDSA */
@@ -8118,7 +8120,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
            case ecc_diffie_hellman_kea:
                {
                    ecc_key  myKey;
-                    ecc_key* peerKey = &myKey;
+                    ecc_key* peerKey = NULL;
                    word32   size = sizeof(encSecret);
                    if (ssl->specs.static_ecdh) {
@@ -8133,6 +8135,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
                        peerKey = ssl->peerEccKey;
                    }
                    if (peerKey == NULL)
                        return NO_PEER_KEY;
                    ecc_init(&myKey);
                    ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
                    if (ret != 0)
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -417,6 +417,13 @@ void ssl_FreeSniffer(void)
    FreeMutex(&SessionMutex);
    FreeMutex(&ServerListMutex);
    if (TraceFile) {
        TraceOn = 0;
        fclose(TraceFile);
        TraceFile = NULL;
    }
    CyaSSL_Cleanup();
 }
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1730,6 +1730,7 @@ int CyaSSL_Init(void)
        der.buffer    = 0;
        (void)dynamicType;
        (void)rsaKey;
        if (used)
            *used = sz;     /* used bytes default to sz, PEM chain may shorten*/
@@ -1980,7 +1981,8 @@ int CyaSSL_Init(void)
                }
                ecc_free(&key);
                eccKey = 1;
-                ctx->haveStaticECC = 1;
+                if (ctx)
                    ctx->haveStaticECC = 1;
                if (ssl)
                    ssl->options.haveStaticECC = 1;
            }
@@ -7561,6 +7563,8 @@ CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len)
 }
 #ifndef NO_FILESYSTEM
 CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file)
 {
    CYASSL_X509* newX509 = NULL;
@@ -7684,6 +7688,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
    return x509;
 }
 #endif /* NO_FILESYSTEM */
 #endif /* KEEP_PEER_CERT || SESSION_CERTS */
--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@@ -69,18 +69,25 @@ enum {
 };
-pcap_t* pcap = 0;
+pcap_t* pcap = NULL;
-pcap_if_t *alldevs;
+pcap_if_t* alldevs = NULL;
 static void FreeAll(void)
 {
    if (pcap)
        pcap_close(pcap);
    if (alldevs)
        pcap_freealldevs(alldevs);
 #ifndef _WIN32
    ssl_FreeSniffer();
 #endif
 }
 static void sig_handler(const int sig) 
 {
    printf("SIGINT handled = %d.\n", sig);
-    if (pcap)
+    FreeAll();
        pcap_close(pcap);
 	pcap_freealldevs(alldevs);
 #ifndef _WIN32
    ssl_FreeSniffer();
 #endif
    if (sig)
        exit(EXIT_SUCCESS);
 }
@@ -286,6 +293,7 @@ int main(int argc, char** argv)
        else if (saveFile)
            break;      /* we're done reading file */
    }
    FreeAll();
    return EXIT_SUCCESS;
 }