wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 02:39:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,735 Commits 12 Branches 184 Tags
46c4653f60caf666ee06c70947a10a164ff7da92
Commit Graph

1461 Commits

Author SHA1 Message Date
kaleb-himes
46c4653f60 Merge branch 'master' of https://github.com/wolfSSL/wolfssl 2015-12-16 11:37:07 -07:00
Nickolas Lapp
bf621f1832 Add in stub functions for opensslv1.0.1 w/ stunnel and lighttpd 2015-12-14 15:36:04 -07:00
John Safranek
a834c2acf6 improved DTLS handshake sequence numbering when retransmitting finished message 2015-12-11 18:41:09 -08:00
Jacob Barthelmeh
1c4b3016e6 set required tls1_2 for when using ChaCha20-Poly1305 suite 2015-12-10 11:45:27 -07:00
kaleb-himes
1d1af6410d OpenSSH added support for additional NID types. Update our compatibility layer 2015-12-08 07:27:43 -08:00
John Safranek
8756c31a01 Merge branch 'master' of github.com:wolfSSL/wolfssl 2015-12-07 12:43:01 -08:00
John Safranek
c7fdc9ba9e DTLS Hello Verify and Server Hello should use the sequence number of the Client Hello 2015-12-07 11:24:14 -08:00
toddouska
4a0c4fbf3f remove fprintf from ecdsa verify fail wrapper 2015-12-07 09:25:19 -08:00
David Garske
89a65b0aa0 Fixed compile error in signature.c with g++. Corrected comment. 2015-12-04 15:22:06 -08:00
toddouska
37bc497f21 fix merge conflict 2015-12-03 12:37:49 -08:00
toddouska
532d1da9c0 Merge pull request #206 from dgarske/FixExtraMalloc_wNotTLS12 
Fixed issue with "WOLFSSL_SMALL_STACK" and pre TLS 1.2 in "SendServer…
 2015-12-03 11:26:43 -08:00
toddouska
1c2a920b8f Merge pull request #203 from dgarske/SendServerHelloRNGCombine 
Combined "wc_RNG_GenerateBlock" calls in "SendServerHello".
 2015-12-03 11:16:00 -08:00
David Garske
b1d18d8455 Fixed issue with "WOLFSSL_SMALL_STACK" and pre TLS 1.2 in "SendServerKeyExchange" where "encodedSig" is allocated and not used. 2015-12-02 19:43:05 -08:00
toddouska
e08fa67a32 fix clang --disable-memory issues 2015-12-02 14:40:32 -08:00
John Safranek
5cf94166b2 silently drop epoch 0 messages when handshake completed 2015-12-01 14:59:32 -08:00
John Safranek
5687562e7b back out change to decryptedCur flag 2015-12-01 13:32:00 -08:00
John Safranek
a5f689168e fix call to IsEncryptionOn for session tickets 2015-12-01 09:18:21 -08:00
Jacob Barthelmeh
bb5de34e5c cast type on XMALLOC with ntru 2015-12-01 09:24:44 -07:00
David Garske
654e17379e Combined "wc_RNG_GenerateBlock" calls in "SendServerHello". 2015-11-30 19:29:20 -08:00
John Safranek
251d0364f8 check DTLS sequence number against window a little earlier 2015-11-30 17:16:47 -08:00
John Safranek
514aa331f8 wrapped checks for encryptionOn with a function to allow more complicated checks like for epoch 0 being unencrypted 2015-11-30 14:43:03 -08:00
Chris Conlon
d2a80ba1bc remove extra NULL check in SetTmpDH_buffer/file_wrapper, fix API tests 2015-11-30 10:25:55 -07:00
John Safranek
7f1b9a1e13 storing DTLS handshake messages takes into account overlapping data 2015-11-25 20:25:57 -08:00
John Safranek
e4894bfd0b add comments to clarify accept and connect state advancement due to sending fragments 2015-11-25 11:10:42 -08:00
Takashi Kojo
e4bed957b3 #1591: fixed macro control for MDK4 2015-11-24 11:26:08 +09:00
toddouska
91b7cddb7c better error checking on condition variable operations, cleanup 2015-11-23 15:13:36 -08:00
toddouska
32b2d7f9e4 have calling thread wait for crl monitor thread to setup for simpler cleanup 2015-11-23 14:15:12 -08:00
Chris Conlon
85373f7b6e move SetTmpDH buffer functions out of NO_FILESYSTEM 2015-11-20 13:30:22 -07:00
Nickolas Lapp
c3cdbf31bb Define SNI func condtionally. Declare var at top of func 2015-11-19 13:49:57 -07:00
toddouska
2698736aaf fix missing XMALLOC/FREE types 2015-11-19 10:20:28 -08:00
toddouska
5e80bf46bf Merge branch 'master' of github.com:wolfssl/wolfssl 2015-11-16 13:20:26 -08:00
toddouska
ca7956b50d update cavium nitrox port to wolfssl 2015-11-16 13:20:19 -08:00
toddouska
4e7935f5f5 Merge pull request #188 from dgarske/HashSignVerifyWrappers 
New hash and signature wrapper functions:
 2015-11-16 12:16:55 -08:00
Moisés Guimarães
cc684f8593 fixes OCSP nonce extension size estimation at client hello message; 2015-11-14 22:28:52 -03:00
Nickolas Lapp
66965759d5 Implement missing openssl API 2015-11-12 16:52:56 -07:00
toddouska
5c96be4d19 fix idea conversion warnings 2015-11-12 15:14:00 -08:00
David Garske
f692c8cefb New hash and signature wrapper functions: 
1. Added new hash wrapper function "wc_Hash". Hash functions support Md# and SHA# using "enum wc_HashType". Added new "wc_HashGetDigestSize" function to get hash size (returns 0 if not supported).
2. Added new signature wrapper functions "wc_SignatureGenerate" and "wc_SignatureVerify" to perform hash then sign/verify of bytes. Signature functions support ECC and RSA using "enum wc_SignatureType". Added new "wc_SignatureGetSize" function to get the signature size using the key (returns 0 if not supported).
 2015-11-12 09:36:14 -08:00
Nickolas Lapp
e49b12c7cc Make get_shutdown return correct results with stunnel 2015-11-11 11:43:38 -07:00
toddouska
6efd8e2db0 fix unused PemToDer() vars depending on build options 2015-11-09 14:58:20 -08:00
toddouska
5c9089651a fix github issue #174 , disable des3 with (else if) logic broken 2015-11-03 12:03:35 -08:00
toddouska
54a0a3370a fix wolfSSL_Init to only call new wolfCrypt_Init() once 2015-11-02 12:35:43 -08:00
toddouska
a1d1155b0c add missing error strings 2015-11-02 12:18:12 -08:00
Moisés Guimarães
21d70636dc Merge branch csr into 'master' 2015-11-02 15:51:01 -03:00
toddouska
542b59d90a Merge pull request #150 from JacobBarthelmeh/master 
Intel RSA IPP plug in
 2015-10-27 16:57:32 -07:00
Moisés Guimarães
8dc154ff71 adds support for TLS downgrading against buggy TLS servers. 
reference: RFC 5246 - TLS 1.2 - Appendix E.1:

   Note: some server implementations are known to implement version
   negotiation incorrectly.  For example, there are buggy TLS 1.0
   servers that simply close the connection when the client offers a
   version newer than TLS 1.0.  Also, it is known that some servers will
   refuse the connection if any TLS extensions are included in
   ClientHello.  Interoperability with such buggy servers is a complex
   topic beyond the scope of this document, and may require multiple
   connection attempts by the client.

   Earlier versions of the TLS specification were not fully clear on
   what the record layer version number (TLSPlaintext.version) should
   contain when sending ClientHello (i.e., before it is known which
   version of the protocol will be employed).  Thus, TLS servers
   compliant with this specification MUST accept any value {03,XX} as
   the record layer version number for ClientHello.

   TLS clients that wish to negotiate with older servers MAY send any
   value {03,XX} as the record layer version number.  Typical values
   would be {03,00}, the lowest version number supported by the client,
   and the value of ClientHello.client_version.  No single value will
   guarantee interoperability with all old servers, but this is a
   complex topic beyond the scope of this document.
 2015-10-27 16:10:23 -03:00
John Safranek
a42308e28a Add function ssl_FreeDecodeBuffer() to release the sniffer allocated data buffer and reset the pointer. 2015-10-26 12:01:21 -07:00
John Safranek
b05332c417 Merge branch 'master' of github.com:wolfSSL/wolfssl 2015-10-26 10:17:46 -07:00
toddouska
ab68f38236 have allocate extra byte in case user wants to null terminate returned plaintext 2015-10-23 16:38:59 -07:00
toddouska
d53b6a9132 handle sniffer realloc failure w/o leak 2015-10-23 16:19:26 -07:00
toddouska
c90d0d9607 Merge branch 'sniffer' 2015-10-23 14:10:51 -07:00