wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 20:39:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,194 Commits 12 Branches 184 Tags
205088d1bcffbdc4e763e7712e430610a3f69b78
Commit Graph

3053 Commits

Author SHA1 Message Date
David Garske
205088d1bc Merge pull request #1787 from ejohnstown/patches 
Patches for various build errors
 2018-08-24 14:46:28 -07:00
John Safranek
86ce22c32e Merge pull request #1785 from embhorn/zd4225 
Fix for old certs not discarded when server does not resume session
 2018-08-24 13:22:06 -07:00
David Garske
1005ca0703 Merge pull request #1786 from kaleb-himes/USER-HEAP-WITH-CM 
Unloading from CM, and using custom heap, ensure XFREE has acces…
 2018-08-24 11:56:48 -07:00
John Safranek
4eb0d32fa8 Patches 
1. Define Timeval in callbacks.h if the file sys/time.h is missing.
2. When picking the correct strtok() function, take into account MINGW64.
3. In the example server, changed the call to SSL_accept_ex() as it doesn't exist. Using wolfSSL_accept_ex(). Only a problem when setting WOLFSSL_CALLBACKS.
4. PickHashSigAlgo() is missing a ; when WOLFSSL_CALLBACKS is set.
 2018-08-24 11:46:02 -07:00
toddouska
7f324d2c3b Merge pull request #1781 from JacobBarthelmeh/Compatibility-Layer 
fix for IV of DES_ncbc function
 2018-08-24 10:16:21 -07:00
kaleb-himes
b7b99a2e92 Unloading from CM, and using custom heap, ensure XFREE has access to custom heap 2018-08-24 10:07:10 -06:00
Eric Blankenhorn
498d8e6c15 Fix for old certs not discarded when server does not resume session 2018-08-24 07:53:35 -05:00
David Garske
c7dde6c682 Merge pull request #1656 from danielinux/contiki-port 
Contiki port
 2018-08-23 12:31:56 -07:00
toddouska
554d40a62e Merge pull request #1777 from dgarske/async_fixes 
Build fixes for async
 2018-08-23 08:23:20 -07:00
toddouska
0d171e591b Merge pull request #1776 from SparkiDev/inline_cmpl_fix 
Fix for clang builds with configs not using inline funcs
 2018-08-23 08:22:39 -07:00
Jacob Barthelmeh
f23eb37ade fix for IV of DES_ncbc function 2018-08-23 09:03:09 -06:00
Daniele Lacamera
bdb5d3c191 Improved support for contiki/uIP. 2018-08-22 09:15:10 +02:00
Daniele Lacamera
7bd16a2582 Fixed after second review 2018-08-22 09:15:10 +02:00
Daniele Lacamera
b74869a61a Moved contiki + uIP support in the library 2018-08-22 09:15:10 +02:00
David Garske
9ae4ef2d5c Build fixes for --enable-async --enable-all --with-intelqa. Resolves conflict for stat variable name. Fix for DH with async. Fix for async devSize. 2018-08-21 19:51:13 -07:00
Sean Parkinson
31bd844d6f Fix for clang builds with configs not using inline funcs 2018-08-22 11:16:57 +10:00
Sean Parkinson
fff5cff273 Fix for no certificates and calling DoVerifyCallback. 2018-08-22 10:57:19 +10:00
toddouska
776fd51720 Merge pull request #1768 from SparkiDev/tls13_final 
Use final TLS 1.3 version value by default.
 2018-08-21 12:29:51 -07:00
toddouska
e635e49635 Merge pull request #1772 from SparkiDev/tls13_point_ext 
Send EC poiint format extension if downgradable from TLS 1.3
 2018-08-21 12:27:10 -07:00
Sean Parkinson
1ab17ac827 More changes to minimize dynamic memory usage. 
Change define to WOLFSSL_MEMORY_LOG.
Fix for ED25519 server certificate - single cert to allow comparison
with ECC dynamic memory usage.
Free memory earlier to reduce maximum memory usage in a connection.
Make MAX_ENCODED_SIG_SZ only as big as necessary.
Change memory allocation type in sha256 from RNG to DIGEST.
If we know the key type use it in decoding private key
 2018-08-21 14:41:01 +10:00
Sean Parkinson
103a0d351b Send EC poiint format extension if downgradable from TLS 1.3 2018-08-21 10:11:12 +10:00
Sean Parkinson
506c858ed6 Add memory usage tracking and logging 
Add WOLFSSL_MEMORY_TRACKING to report allocations and frees with the
type.
Fix places where memory can be freed earlier.
 2018-08-21 08:54:57 +10:00
Sean Parkinson
20950ffde8 Remove TODOs around TLS 1.3 draft version. 2018-08-21 08:41:50 +10:00
toddouska
555714afa3 Merge pull request #1764 from SparkiDev/tls13_psk_cb 
Separate PSK callback for TLS 1.3
 2018-08-20 09:17:01 -07:00
toddouska
c8814a7ee1 Merge pull request #1769 from SparkiDev/tls13_dh 
TLS 1.3: Always left-pad DH secret to length of prime
 2018-08-20 09:13:50 -07:00
Sean Parkinson
d104ae39e3 TLS 1.3: Always left-pad DH secret to length of prime 2018-08-20 14:20:50 +10:00
Sean Parkinson
3cdeccc36e Use final TLS 1.3 version value by default. 2018-08-20 14:17:38 +10:00
Sean Parkinson
f1222c3f9f Separate PSK callback for TLS 1.3 
It is highly recommended that the PSK be different for each protocol.
Example callback already returns a different key for TLS 1.3.
New callback includes the ciphersuite, as a string, to use with the key.
 2018-08-17 10:18:28 +10:00
Sean Parkinson
f487b0d96a Config option to disable AES-CBC 
AEAD only detection and removeal of code.
Also in single threaded builds, reference the ctx suites in ssl object
if it exists.
 2018-08-16 08:25:13 +10:00
toddouska
9ad059542a Merge pull request #1745 from dgarske/ecc_export_hex 
Added new ECC export API's to support export as hex string
 2018-08-14 14:19:23 -07:00
David Garske
f23915baa1 Fix for BIO ssl case, which is not supported (for the Boost.Asio project this isn't required either). 2018-08-14 12:44:31 -06:00
David Garske
ff7d2fefdc Fix for DH max size calc not including DH_Pub. 2018-08-14 12:22:18 -06:00
David Garske
7b83db0f65 Fix for PemToDer which was not properly handling extra new lines at end of file. 2018-08-14 12:22:18 -06:00
David Garske
eca64717be Fix for BIO_wpending to work correctly. 2018-08-14 12:22:18 -06:00
David Garske
17e102d914 Fixes for asio build options (so includes OPENSSL_EXTRA). Fix for bad named variable shutdown. Fix for the side size in Options struct to support WOLFSSL_SIDE_NEITHER (3). Fix to set the side on wolfSS_connect() or wolfSS_accept(). 2018-08-14 12:22:18 -06:00
David Garske
c073aee87c Added new ECC export API's to support export as hex string. New API's are wc_ecc_export_ex and wc_ecc_export_int. For hex string use ECC_TYPE_HEX_STR as encType arg. Refactor to reduce duplicate code. Build fixes for NO_ECC_KEY_EXPORT. 2018-08-14 12:05:22 -06:00
toddouska
d4f908c372 Merge pull request #1728 from JacobBarthelmeh/HardwareAcc 
Add build for AF_ALG
 2018-08-13 16:27:51 -07:00
Eric Blankenhorn
bb574d28b2 Support for more cert subject OIDs and raw subject access (#1734) 
* Add businessCategory OID
* Raw subject support methods
* Support for jurisdiction OIDs
* Wrap in WOLFSSL_CERT_EXT
* Adding tests
 2018-08-12 12:53:29 -07:00
David Garske
56974c099e Improved the logic for WOLFSSL_ALWAYS_VERIFY_CB to be more explicit and updated comments. 2018-08-06 11:40:35 -07:00
David Garske
c4ea50b956 Fix for issue with using CopyDecodedToX509 again for existing X509 and freeing the altNames in original. Fix was to use the ssl->peerCert directly for the index 0 cert. Improvement to make sure ex_data is always populated. Added NULL arg check on wolfSSL_get_peer_certificate. 2018-08-06 11:40:35 -07:00
David Garske
7d39a897dc Refactor of the verify callback to eliminate duplicate code and provide consistency with various build options. Documented build options and added code comments in new DoVerifyCallback function. Added documentation in test.h myVerify function for arguments and return code. Fix from commit da1ac36 which added current_cert to WOLFSSL_X509_STORE_CTX, but is only required for ASIO compatibility and is not used. 2018-08-06 11:40:35 -07:00
David Garske
30d6c0c1fc Merge pull request #1737 from ejohnstown/ocsp-free 
OCSP Free
 2018-08-06 09:08:01 -07:00
David Garske
738a121d61 Merge pull request #1740 from ejohnstown/null-check 
NULL Check
 2018-08-03 13:53:53 -07:00
toddouska
b88d60ecbb Merge pull request #1665 from ejohnstown/mr 
Prime Number Testing
 2018-08-03 12:50:27 -07:00
John Safranek
f6a8a2f5bd NULL Check 
When using the async option, the RSA key is checked on the first call to
DoTls13CertificateVerify() when the async state machine is set up. On
the subsequent call, the pointer to the key isn't checked again. Added a
check. (This was from a static analysis report.)
 2018-08-03 11:09:43 -07:00
David Garske
a43d4d16ba Merge pull request #1719 from MJSPollard/OpenSSLAllFix 
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
 2018-08-02 15:20:27 -07:00
JacobBarthelmeh
782ea74fbf Merge pull request #1732 from kojo1/Ticket-4169-2 
Ticket 4169: eliminate ssl->CBIORecv/Send overwritten in SSL_set_bio
 2018-08-02 14:58:25 -06:00
Eric Blankenhorn
b248af6f84 Update from review 2018-08-02 10:59:07 -05:00
Takashi Kojo
fd75f35801 fix cbioFlag check 2018-08-02 10:18:09 +09:00
John Safranek
c87d6b27e2 OCSP Free 
Free the OCSP request when creating the response only if there is an error making the request.
 2018-08-01 15:34:43 -07:00