wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:cyassl/cyassl

Browse Source
This commit is contained in:
John Safranek
2013-12-12 11:06:21 -08:00
parent 26a26fa19d 5909f5c2c0
commit 9d6182d279
7 changed files with 47 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
configure.ac
View File

@@ -311,14 +311,14 @@ fi
# SNIFFER # SNIFFER
AC_ARG_ENABLE([sniffer], AC_ARG_ENABLE([sniffer],
[AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[
ENABLED_SNIFFER=yes ENABLED_SNIFFER=yes
AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
],[ ENABLED_SNIFFER=no ]) ]) ],[ AC_MSG_ERROR([cannot enable sniffer without having libpcap available.]) ]) ])
],[ ],[
ENABLED_SNIFFER=no ENABLED_SNIFFER=no
]) ])
AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])

2
ctaocrypt/src/asn.c
View File

@@ -2646,6 +2646,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
CYASSL_MSG("Verify Signautre has unsupported type"); CYASSL_MSG("Verify Signautre has unsupported type");
return 0; return 0;
} }
(void)typeH; /* some builds won't read */
switch (keyOID) { switch (keyOID) {
#ifndef NO_RSA #ifndef NO_RSA
@@ -3339,6 +3340,7 @@ static void DecodeCertExtensions(DecodedCert* cert)
} }
idx += length; idx += length;
} }
(void)critical;
CYASSL_LEAVE("DecodeCertExtensions", 0); CYASSL_LEAVE("DecodeCertExtensions", 0);
return; return;

2
cyassl/ssl.h
View File

@@ -823,9 +823,9 @@ CYASSL_API CYASSL_X509*
#ifndef NO_FILESYSTEM #ifndef NO_FILESYSTEM
CYASSL_API CYASSL_X509* CYASSL_API CYASSL_X509*
CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file); CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
#endif
CYASSL_API CYASSL_X509* CYASSL_API CYASSL_X509*
CyaSSL_X509_load_certificate_file(const char* fname, int format); CyaSSL_X509_load_certificate_file(const char* fname, int format);
#endif
#ifdef CYASSL_SEP #ifdef CYASSL_SEP
CYASSL_API unsigned char* CYASSL_API unsigned char*

9
src/internal.c
View File

@@ -635,8 +635,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
if (suites->setSuites) if (suites->setSuites)
return; /* trust user settings, don't override */ return; /* trust user settings, don't override */
if (side == CYASSL_SERVER_END && haveStaticECC) if (side == CYASSL_SERVER_END && haveStaticECC) {
haveRSA = 0; /* can't do RSA with ECDSA key */ haveRSA = 0; /* can't do RSA with ECDSA key */
(void)haveRSA; /* some builds won't read */
}
if (side == CYASSL_SERVER_END && haveECDSAsig) { if (side == CYASSL_SERVER_END && haveECDSAsig) {
haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */ haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */
@@ -8118,7 +8120,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
ecc_key myKey; ecc_key myKey;
ecc_key* peerKey = &myKey; ecc_key* peerKey = NULL;
word32 size = sizeof(encSecret); word32 size = sizeof(encSecret);
if (ssl->specs.static_ecdh) { if (ssl->specs.static_ecdh) {
@@ -8133,6 +8135,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
peerKey = ssl->peerEccKey; peerKey = ssl->peerEccKey;
} }
if (peerKey == NULL)
return NO_PEER_KEY;
ecc_init(&myKey); ecc_init(&myKey);
ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey); ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
if (ret != 0) if (ret != 0)

7
src/sniffer.c
View File

@@ -417,6 +417,13 @@ void ssl_FreeSniffer(void)
FreeMutex(&SessionMutex); FreeMutex(&SessionMutex);
FreeMutex(&ServerListMutex); FreeMutex(&ServerListMutex);
if (TraceFile) {
TraceOn = 0;
fclose(TraceFile);
TraceFile = NULL;
}
CyaSSL_Cleanup(); CyaSSL_Cleanup();
} }

7
src/ssl.c
View File

@@ -1730,6 +1730,7 @@ int CyaSSL_Init(void)
der.buffer = 0; der.buffer = 0;
(void)dynamicType; (void)dynamicType;
(void)rsaKey;
if (used) if (used)
*used = sz; /* used bytes default to sz, PEM chain may shorten*/ *used = sz; /* used bytes default to sz, PEM chain may shorten*/
@@ -1980,7 +1981,8 @@ int CyaSSL_Init(void)
} }
ecc_free(&key); ecc_free(&key);
eccKey = 1; eccKey = 1;
ctx->haveStaticECC = 1; if (ctx)
ctx->haveStaticECC = 1;
if (ssl) if (ssl)
ssl->options.haveStaticECC = 1; ssl->options.haveStaticECC = 1;
} }
@@ -7561,6 +7563,8 @@ CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len)
} }
#ifndef NO_FILESYSTEM
CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file) CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file)
{ {
CYASSL_X509* newX509 = NULL; CYASSL_X509* newX509 = NULL;
@@ -7684,6 +7688,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
return x509; return x509;
} }
#endif /* NO_FILESYSTEM */
#endif /* KEEP_PEER_CERT || SESSION_CERTS */ #endif /* KEEP_PEER_CERT || SESSION_CERTS */

24
sslSniffer/sslSnifferTest/snifftest.c
View File

@@ -69,18 +69,25 @@ enum {
}; };
pcap_t* pcap = 0; pcap_t* pcap = NULL;
pcap_if_t *alldevs; pcap_if_t* alldevs = NULL;
static void FreeAll(void)
{
if (pcap)
pcap_close(pcap);
if (alldevs)
pcap_freealldevs(alldevs);
#ifndef _WIN32
ssl_FreeSniffer();
#endif
}
static void sig_handler(const int sig) static void sig_handler(const int sig)
{ {
printf("SIGINT handled = %d.\n", sig); printf("SIGINT handled = %d.\n", sig);
if (pcap) FreeAll();
pcap_close(pcap);
pcap_freealldevs(alldevs);
#ifndef _WIN32
ssl_FreeSniffer();
#endif
if (sig) if (sig)
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
} }
@@ -286,6 +293,7 @@ int main(int argc, char** argv)
else if (saveFile) else if (saveFile)
break; /* we're done reading file */ break; /* we're done reading file */
} }
FreeAll();
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }