feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Commit Graph

  • 80aa431689 Fixes multiple Jenkins warnings/failures. First is PickHashSigAlgo is required for client builds or if certs are enabled. Fixed scan-build warning with OCSP not recognized ForceZero as cleaning memory and using possible garbage value. Also cleaned up the OCSP functions to use struct buffer* instead of void* for clarity with a little forward declaration. David Garske 2016-03-10 09:38:11 -08:00
  • 1435a6ce92 Merge pull request #341 from JacobBarthelmeh/master toddouska 2016-03-10 09:36:25 -08:00
  • 0a1871e77c Merge pull request #337 from dgarske/WarnDoubleFree Kaleb Joseph Himes 2016-03-09 16:28:18 -08:00
  • 6e1c5b3801 disable CERT_EXT policies check when SEP is used instead Jacob Barthelmeh 2016-03-09 17:22:38 -07:00
  • 49b547db08 make QSH debug compile for C89 Jacob Barthelmeh 2016-03-08 15:20:45 -07:00
  • ceafb25f49 Merge pull request #338 from dgarske/DerBufferRefactor2 toddouska 2016-03-09 12:36:22 -08:00
  • 2f060dd860 Merge pull request #312 from dgarske/LeanTls toddouska 2016-03-09 10:13:00 -08:00
  • f17dfa5b03 Moved the x509 XFREE to outside the FreeX509 function. Internally FreeX509 is only used in two places. One is for the ssl->peerCert, which is not dynamic anyways. The second is in the ExternalFreeX509 where it calls FreeX509 if its dynamic and will XFREE there. David Garske 2016-03-09 09:15:00 -08:00
  • c863300805 Fixed scan-build error with possibly using a NULL pointer. David Garske 2016-03-08 09:34:56 -08:00
  • 0f93b86b61 Fixes for PK_CALLBACKS and sniffer after DerBuffer refactor #2. David Garske 2016-03-08 08:45:30 -08:00
  • ce9f14f713 Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a result of additional functionality. Removed InitDer. Changed all DerBuffers to use pointer and pass pointer to DerBuffer* to AllocDer and FreeDer. Result is more efficient code and reduced WOLFSSL object size. AllocDer uses first part of the allocated buffer for the actual DerBuffer. David Garske 2016-03-07 17:02:12 -08:00
  • daa1cd634e Fixes scan-build warning with "--enable-opensslextra --disable-memory". Problem was different #if defines on the InitX509 and FreeX509, which caused the static analyzer to think the "x509->dynamicMemory" was always true. David Garske 2016-03-07 15:01:07 -08:00
  • 0ed26ad262 Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option. David Garske 2016-02-26 15:30:11 +01:00
  • 2891939098 Remove NO_CERT and NO_CODING. Enable building of the client with leantls. David Garske 2016-02-22 10:11:41 +01:00
  • 8e8ee45828 LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System). David Garske 2016-02-12 14:30:26 -08:00
  • 375d85fe9a Merge pull request #336 from dgarske/ASNCertPolicyExtFix JacobBarthelmeh 2016-03-08 08:59:24 -07:00
  • b549c81337 Fix the WOLFSSL_SEP (--enable-sep) build scenario where extCertPoliciesNb is not available. David Garske 2016-03-07 14:49:24 -08:00
  • 05fb648747 Remove white-space. David Garske 2016-03-07 14:33:22 -08:00
  • 9b79d8643e Added checks for total length and the cert policy OID len to make sure they don't exceed buffer. David Garske 2016-03-07 14:20:37 -08:00
  • dee3645c4e Fixed bug with ASN.1 X509V3 Certificate Policy extension parsing. Bug had to do with parsing when OID contains multiple items such as example 2 below. The wolfssl.com server key now contains a URL in the certificate policy "https://secure.comodo.com/CPS0", which wasn't being parsed over correctly. Also cleanup to use loop instead of duplicate code. David Garske 2016-03-07 13:40:25 -08:00
  • 98a72a3f9d Merge pull request #334 from JacobBarthelmeh/master dgarske 2016-03-03 15:53:52 -08:00
  • 8ca1c3935d Merge pull request #322 from ejohnstown/dtls-handshake dgarske 2016-03-03 14:33:31 -08:00
  • c98c457b9b update wolfssl-ntru vs project and fix warnings Jacob Barthelmeh 2016-03-03 14:35:39 -07:00
  • b9ecd9474c Merge pull request #330 from kaleb-himes/CID-66007-coverity dgarske 2016-03-02 18:22:07 -08:00
  • 112cf1f0c9 fix example client help print out Jacob Barthelmeh 2016-03-02 16:51:57 -07:00
  • 7a599c1309 Account for not used case kaleb-himes 2016-03-02 16:31:58 -07:00
  • a0f1e1e3ea Merge pull request #331 from kaleb-himes/CID-66006-coverity dgarske 2016-03-02 15:23:58 -08:00
  • aab44eb26b adjest example server PSK plus flag Jacob Barthelmeh 2016-03-02 15:43:17 -07:00
  • 267dc48d95 fixs after testing : hash table, using NO_SKID, sanity check, and freeing dCert Jacob Barthelmeh 2016-03-02 15:23:50 -07:00
  • d969e2ba11 automated test for trusted peer certs Jacob Barthelmeh 2016-03-01 16:35:32 -07:00
  • 85215cc174 clean up braces left over from local declaration of ready kaleb-himes 2016-03-02 11:39:34 -07:00
  • 05d2cec7c1 addition to api tests and refactor location of trusted peer cert check Jacob Barthelmeh 2016-02-29 11:02:18 -07:00
  • 01cd43c319 Seperate declaration and assignment per c99 standards kaleb-himes 2016-03-02 11:31:08 -07:00
  • 7df22ee210 Trusted peer certificate use Jacob Barthelmeh 2016-02-24 15:51:29 -07:00
  • 1f4ddb20df Move assignment to after the null check kaleb-himes 2016-03-01 17:00:27 -07:00
  • d15dac04b8 remove unnecessary NULL assignment kaleb-himes 2016-03-01 16:33:47 -07:00
  • d473452769 avoid dereference of null pointer if args is null kaleb-himes 2016-03-01 16:21:03 -07:00
  • 7c63ac4f6a Merge pull request #329 from dgarske/BuildErrDerBuf Kaleb Joseph Himes 2016-02-26 08:44:30 -08:00
  • 79ef8e232b Fixes build error with new DerBuffer with ASN, ECC and RSA disabled. David Garske 2016-02-26 15:39:30 +01:00
  • 0c45a7a028 Merge pull request #317 from dgarske/DerBufferRefactor toddouska 2016-02-25 09:35:50 -08:00
  • a46fd6612b Changed CopyDecodedToX509 AllocDer error code handing to return MEMORY_E, since that is an explicitly handled case. Also resolves the issue with "warning: Value stored to 'ret' is never read". David Garske 2016-02-25 14:35:54 +01:00
  • f549f71912 Merge pull request #325 from kaleb-himes/CID-66016-coverity dgarske 2016-02-25 08:45:06 +01:00
  • f0b1d2fd9d Merge pull request #324 from JacobBarthelmeh/master dgarske 2016-02-25 08:40:37 +01:00
  • aa7eae3294 Merge pull request #320 from moisesguimaraes/fix-ocsp-dependency-check John Safranek 2016-02-24 16:21:51 -08:00
  • 16dac5597f prevent buffer overflows if sigSz > MAX_ENCODED_SIG_SZ kaleb-himes 2016-02-24 16:08:54 -07:00
  • fb9697bda6 adds check for missing rsa and ecc at the same time Moisés Guimarães 2016-02-24 18:57:16 -03:00
  • 4858a65984 Always execute wc_InitRsaKey if we are always going to execute wc_FreeRsaKey kaleb-himes 2016-02-24 14:42:07 -07:00
  • 6ee3c0ae59 argument peer can be NULL when macro INADDR_ANY is NULL Jacob Barthelmeh 2016-02-24 13:55:44 -07:00
  • 1824a494d1 adds missing ENABLED_OCSP test Moisés Guimarães 2016-02-24 16:45:07 -03:00
  • 35b48250ad Merge pull request #321 from dgarske/FixCryptBenchEdCurve25519 toddouska 2016-02-24 11:19:30 -08:00
  • 12bb050ec9 Merge pull request #323 from JacobBarthelmeh/master toddouska 2016-02-24 09:34:37 -08:00
  • 1227db4e44 Fixed issue with not properly returning memory error in CopyDecodedToX509 after DER refactor. David Garske 2016-02-24 07:04:03 +01:00
  • dcfec3d2fa check for RSA and ECC before testing RSA signed ECC cert Jacob Barthelmeh 2016-02-23 17:03:52 -07:00
  • 143b9fda1b adds build dependency check for OCSP Moisés Guimarães 2016-02-23 15:19:04 -03:00
  • a92d2d582f Revert "fixes ocsp dependency check on asn during configure." Moisés Guimarães 2016-02-23 14:13:52 -03:00
  • 69e00a3f97 allow dtls timeout to be 0 in the recvfrom callback, set to 0 if the handshake is done John Safranek 2016-02-22 21:13:05 -08:00
  • f621f81fa2 1. Some DTLS code was missing an ifdef. 2. If receiving a handshake message that's already been processed, retransmit the previous message flight. John Safranek 2016-02-22 14:08:35 -08:00
  • 8dbef9b14b Merge pull request #318 from dgarske/BuildErrorNoFileSysWCerts toddouska 2016-02-22 12:12:24 -08:00
  • 731e13ecf2 Fixes issue with building crypt benchmark with only ED/Curve25519 enabled with static rng missing. David Garske 2016-02-22 16:46:13 +01:00
  • f6fafe6738 for DTLS, retain the handshake resources until peer sends application data record John Safranek 2016-02-21 21:52:38 -08:00
  • 46ade8f03f fixes ocsp dependency check on asn during configure. Moisés Guimarães 2016-02-21 20:54:45 -03:00
  • 953a3bd01d Fixes build error with NO_FILESYSTEM and !NO_CERTS where the wolfssl/test.h load_buffer() function is passing non-existent enum value. Was renamed from CYASSL_ to WOLFSSL_. David Garske 2016-02-19 13:52:06 -08:00
  • 3fe5ee1a7c Refactor of the DER buffer handling. Added new DerBuffer struct that includes the type and heap ptr. Added new InitDer, AllocDer and FreeDer functions. Cleanup of some missing "heap" args on XMALLOC/XFREE. In FreeDer uses ForceZero if type is private key. David Garske 2016-02-18 22:42:15 -08:00
  • b72c83e191 Merge pull request #315 from kaleb-himes/fix-no-sha dgarske 2016-02-16 13:08:59 -08:00
  • c1ef4d4521 Merge pull request #313 from kaleb-himes/master toddouska 2016-02-16 11:05:55 -08:00
  • 24d93c90cd update for configure option --disable-sha kaleb-himes 2016-02-16 12:03:37 -07:00
  • 46b34c19d0 wolfssl.com and google.com now differ in pre-reqs for external test kaleb-himes 2016-02-15 13:30:11 -07:00
  • 3d8f91d418 Merge pull request #302 from dgarske/EccOnlyNoSignVerify toddouska 2016-02-15 12:13:43 -08:00
  • d7d2a6f565 Merge pull request #307 from JacobBarthelmeh/PSK toddouska 2016-02-12 15:27:18 -08:00
  • 7de352a0e9 Merge pull request #311 from dgarske/FixSkipObjectIdWarn JacobBarthelmeh 2016-02-12 15:04:04 -07:00
  • 951fe0a927 Merge pull request #310 from dgarske/CustRngGenBlock toddouska 2016-02-12 13:51:06 -08:00
  • a969dd8efd Fixed "error: unused function 'StoreRsaKey'" with NO_ASN_TIME and RSA enabled. David Garske 2016-02-12 13:19:58 -08:00
  • aeaac15682 Fixed compile errors in signature.c if ECC on but ECC sign/verify disabled. Added new NO_ASN_TIME option to reduce ASN size for space constrained or missing RTC. Added check to make sure ASN is enabled if ECC sign/verify is enabled. David Garske 2016-02-12 13:16:39 -08:00
  • 8073024ee7 fix formatting of .conf file so ephemeral port is used Jacob Barthelmeh 2016-02-12 13:41:30 -07:00
  • f328c6bdf7 Fixes warning with SkipObjectId defined but not used. David Garske 2016-02-12 12:34:22 -08:00
  • 08c663a4ac Added new CUSTOM_RAND_GENERATE_BLOCK option that allows override and disabling of the HASHDRBG for customers who have a HW RNG they would like to use instead. David Garske 2016-02-12 11:59:51 -08:00
  • 4872f2bc33 Added the following ECC optional config defines: HAVE_ECC_SIGN, HAVE_ECC_VERIFY, HAVE_ECC_DHE, HAVE_ECC_KEY_IMPORT and HAVE_ECC_KEY_EXPORT. Still working through issues with using ECC sign/verify with ASN disabled. Added documentation to top of ecc.c for all the ECC define options. David Garske 2016-02-12 11:07:50 -08:00
  • 8f5cd98857 Added tvos target to the xcode project Tiago Duarte 2016-02-12 10:23:23 +01:00
  • 3e860107f3 remove extra cert and key, plus add new test Jacob Barthelmeh 2016-02-11 13:49:07 -07:00
  • 1197f88c4f add psk.test script for testing Jacob Barthelmeh 2016-02-11 00:12:48 -07:00
  • 09f631238e Merge pull request #306 from kaleb-himes/master toddouska 2016-02-10 16:47:17 -08:00
  • 49a5ea18e8 Merge pull request #303 from ejohnstown/sniffer-check dgarske 2016-02-10 13:19:59 -08:00
  • b0a51a22a1 Merge pull request #304 from cconlon/testh-fix dgarske 2016-02-10 13:19:28 -08:00
  • a83ff6aada Updated the configure.ac comments about big int being used for ECC and DH. Moved the checks for ecc/asn and psk/asn until after cryptonly value is set and fixed so those checks work for normal build and are excluded for crypt only builds. David Garske 2016-02-10 13:03:53 -08:00
  • 9defe9b42b fix warning of unused variable and adjust debug statements Jacob Barthelmeh 2016-02-10 13:15:06 -07:00
  • ffe7b38409 correct logic to allow for static RSA if ECC and no Curves kaleb-himes 2016-02-10 13:28:31 -07:00
  • 69fc400d28 add new certs to EXTRA_DIST Jacob Barthelmeh 2016-02-10 11:47:16 -07:00
  • 2f74706367 allow use of RSA signed ECC key certs Jacob Barthelmeh 2016-02-10 11:02:09 -07:00
  • ff7a9d9f78 option for fail on no peer cert except PSK suites Jacob Barthelmeh 2016-02-08 14:52:56 -07:00
  • 3293857834 check build_addr() arguments for NULL before memset Chris Conlon 2016-02-10 10:35:48 -07:00
  • 8d0d5a3f90 Fixes so ECC only build works. Fixes so ECC enabled with ASN disabled works and will prevent ECC sign/verify. David Garske 2016-02-10 08:53:09 -08:00
  • 9a5938432b Merge pull request #301 from kaleb-himes/master dgarske 2016-02-10 08:42:28 -08:00
  • bf4d6454b1 if connection to google.com and using ECC need supported curves kaleb-himes 2016-02-09 17:06:06 -07:00
  • ccffee1617 When loading a named key, check that the save buffer mallocs. It calls a library function that checks the pointer, but an application of the library shouldn't depend on side effects. This fixes #300. John Safranek 2016-02-09 15:17:05 -08:00
  • 62a2efdacc Merge pull request #298 from kaleb-himes/master Kaleb Joseph Himes 2016-02-09 09:54:55 -08:00
  • f30ef33d8b Merge pull request #295 from JacobBarthelmeh/master toddouska 2016-02-09 09:40:13 -08:00
  • 66aa1da829 Merge pull request #299 from dgarske/MinGWFixes toddouska 2016-02-09 09:32:18 -08:00
  • 2e88785358 Merge pull request #282 from dgarske/WinUserSettings Kaleb Joseph Himes 2016-02-09 09:27:32 -08:00
  • 014740eda0 Merge pull request #289 from dgarske/SigHashFixes toddouska 2016-02-09 09:23:18 -08:00
  • 2af9fb91b3 Use += approach to detect "done" in example client for external tests. Cleaner and code is smaller to accomplish same thing. David Garske 2016-02-08 19:54:22 -08:00