wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 22:42:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,618 Commits 12 Branches 184 Tags
548c01ce5423d24e9bf50592d02219dc7acfb166
Commit Graph

2090 Commits

Author SHA1 Message Date
Sean Parkinson
e5fe1a3750 Unlock on memory allocation failure. 2017-05-16 09:41:17 +10:00
Sean Parkinson
1a08143946 Fixup for async on master 2017-05-15 10:10:28 +10:00
Sean Parkinson
1e2a6412d7 Find the CRL entry again after lock 2017-05-15 10:10:28 +10:00
Sean Parkinson
c7e57e9c6c Late CRL check - copy data before use 2017-05-15 10:04:42 +10:00
Sean Parkinson
c8e6c64e51 Fix warning when building for Windows 2017-05-15 10:04:42 +10:00
Sean Parkinson
4723b8470a Allow a CRL's signature to be verified on use 2017-05-15 10:04:42 +10:00
Sean Parkinson
4d77e80d04 Fix loading of CRLs and certs. 
Change function wolfSSL_X509_LOOKUP_load_file to load multiple CRLs and
certificates from a file.
Change CRL loading to have a flag to not verify CRL signature - only do
this when using wolfSSL_X509_LOOKUP_load_file() as the certificate is
not always available.
Add test case for loading multiple CRLs in one file without certificate.
 2017-05-15 10:04:42 +10:00
toddouska
3297280e62 Merge pull request #913 from JacobBarthelmeh/Compatibility-Layer 
allow re-using WOLFSSL structure after calling shutdown
 2017-05-12 16:50:14 -07:00
toddouska
dcd3a6a478 Merge pull request #907 from dgarske/fix_verifycb 
Fixes for verify callback override
 2017-05-12 16:45:55 -07:00
Jacob Barthelmeh
0374907acc allow re-using WOLFSSL structure after calling shutdown 2017-05-12 13:54:20 -06:00
David Garske
562db08c3d Implemented strict switch fall-through handling using new macro FALL_THROUGH. 2017-05-11 15:15:19 -07:00
David Garske
c0c98c8f64 Fixes to address build warnings for GCC 7. Used -Wimplicit-fallthrough=0 to suppress all switch fall-through warnings. 2017-05-11 15:12:16 -07:00
toddouska
ce42738198 Merge pull request #900 from dgarske/coverity_part3 
Coverity fixes for TLS 1.3, async, small stack and normal math.
 2017-05-11 13:05:53 -07:00
toddouska
5c652e398f Merge pull request #896 from dgarske/async_cleanups 
Fixes for async and smallstack
 2017-05-11 13:05:25 -07:00
David Garske
2efa7d5b8b Fix for verify callback override, peerVerifyRet code on success and ensuring DOMAIN_NAME_MISMATCH error gets passed down in ECDSAk case. Added unit test case to verify callback override works. Fixes issue #905 and issue #904. Fix for async build goto label typo. 2017-05-11 12:23:17 -07:00
Sean Parkinson
22ce2f183d Interop testing fixes 
Fix TLS13 cipher suite name to CHACHA20
Include SignatureAlgorithm in older versions of TLS when compiling for
TLS v1.3.
BIT STRING unused bits doesn't necessarily indicate last unused bit.
Fix ecc_dsa_sa_algo value.
 2017-05-11 10:42:09 +10:00
Sean Parkinson
ec6d8f48b8 Add PSS for TLS v1.3 2017-05-10 17:22:53 +10:00
Sean Parkinson
df3abee72c TLS v1.3 Interop changes 
Added Curve25519 for TLS v1.3 only. Curve25519 won't work with older
protocol versions.
Always send signature algorithm extension in TLS v1.3 for server
certificates. If only doing PSK doesn't need to be sent though.
 2017-05-10 15:16:27 +10:00
David Garske
8d4f8c6d80 Fixes for build with distro for BuildTls13HandshakeHmac arg change. 2017-05-09 10:09:43 -07:00
David Garske
c47826cc8f Additional TLS 1.3 return code checking. 2017-05-09 09:45:40 -07:00
David Garske
e8cf4b5ff0 Coverity fixes for TLS 1.3, async, small stack and normal math. 2017-05-09 09:13:21 -07:00
Sean Parkinson
46c4adcf4c TLS v1.3 interop fixes 2017-05-09 14:49:21 +10:00
David Garske
5726c23d81 Fix for scan-build warning with ret not being read in DoServerHello. 2017-05-06 14:00:24 -07:00
David Garske
8cd78edac1 Fixes for building with smallstack 2017-05-06 00:39:12 -04:00
David Garske
011178994b Fix typos with goto exit labels and heap. 2017-05-06 00:32:02 -04:00
David Garske
af0103bc94 Fix for Valgrind memory leak with the “ssl->hsHashes”. The DTLS wolfSSL_connect for “IsDtlsNotSctpMode” at line 8134 calls InitHandshakeHashes, but doesn’t free existing. Best overall solution is to make sure and free an existing on InitHandshakeHashes, since WOLFSSL is memset to 0. 2017-05-04 14:51:31 -07:00
Sean Parkinson
902f5cf53f Stack size enabled config fix 2017-05-04 14:51:31 -07:00
David Garske
570befb63f Fixes for using async. Combine duplicate DoCertificate and DoTls13Certificate code into ProcessPeerCerts. Cleanup of the XMALLOC/XFREE to use ssl->heap. 2017-05-04 14:51:31 -07:00
David Garske
253140f37e Fixes for TLS 1.3. Fix issue with wc_AesGcmDecrypt checking for authIn arg (allowed to be NULL). Fix for preMasterSz in TLSX_KeyShare_ProcessEcc. Fix for building with --disable-asn (NO_CERTS). Fix to remove client “-t” option from help, which no longer exists. Added new WOLFSSL_DEBUG_TLS option for new messages added. 2017-05-04 14:51:31 -07:00
David Garske
77f9126edf Rebase fixes for TLS 1.3. Getting a decrypt error with the TLS 1.3 test from the SendTls13CertificateVerify. 2017-05-04 14:51:31 -07:00
Sean Parkinson
2b1e9973ec Add TLS v1.3 as an option 2017-05-04 14:51:30 -07:00
Jacob Barthelmeh
7dd877554b build for windows visual studio with AES GCM 2017-05-04 14:14:12 -06:00
Jacob Barthelmeh
9b5340d3af sanity checks before copying copying peer certificate 2017-05-04 13:10:46 -06:00
toddouska
e771611c29 Merge pull request #891 from JacobBarthelmeh/Testing 
sanity check on input buffer index
 2017-05-03 12:13:43 -07:00
Jacob Barthelmeh
55538b5de0 sanity check on input buffer index 2017-05-03 10:21:03 -06:00
David Garske
338194be25 Fix for scan build warning for TLSX_SNI_GetRequest possible use of null pointer. 2017-05-03 07:33:13 -07:00
Jacob Barthelmeh
aa990ed1ce in error case close FILE 2017-05-02 14:54:27 -06:00
Jacob Barthelmeh
dbb67d8582 warnings for builds of haproxy, nginx, and leanpsk 2017-05-02 14:29:53 -06:00
toddouska
27aafd674a Merge pull request #886 from dgarske/fixes_coverity2 
Fixes for coverity scan (part 2)
 2017-05-02 08:53:03 -07:00
John Safranek
4135279f82 Merge pull request #843 from kaleb-himes/dtls-interop 
DTLS update per RFC 6347 Section 4.2.3
 2017-05-01 19:29:27 -07:00
toddouska
f61380da21 Merge pull request #870 from kaleb-himes/PSK-UPDATE 
Update PSK identity length per RFC 4279 - section 5.3
 2017-05-01 19:04:32 -07:00
David Garske
3647e50c17 Fixes for the GrowInputBuffer and GrowOutputBuffer changes to only use align when WOLFSSL_GENERAL_ALIGNMENT > 0. 2017-05-01 18:48:54 -07:00
David Garske
9491027c85 Fixes for coverity scan (part 2). 2017-05-01 16:34:24 -07:00
toddouska
1a0b408658 Merge pull request #883 from dgarske/fixes_coverity 
Fixes for coverity scan
 2017-05-01 16:30:04 -07:00
David Garske
f19cf4cb34 Fix the client PSK callback to always null terminate after callback. Remove the +1 on the test.h examples for PSK callbacks. 2017-05-01 12:10:05 -07:00
John Safranek
7a1776e931 Merge pull request #881 from cconlon/sniffer 
fix sniffer with AES-GCM, add scratch authTag buffer
 2017-05-01 11:51:01 -07:00
Jacob Barthelmeh
450ff55d83 fix warnings and errors with FreeBSD PowerPC 2017-04-28 17:57:48 -06:00
David Garske
db63fe83d4 Initial pass at fixes for coverity scan. 2017-04-28 14:59:45 -07:00
toddouska
4387e1f08e Merge pull request #855 from insane-adding-machines/master 
Added support for HAproxy load balancer
 2017-04-28 13:10:58 -07:00
David Garske
c92b497ea3 Fix async merge error which duplicated the wolfSSL_new RNG creation and caused a memory leak. Fix for build error with plainDigestSz not being initialized. 2017-04-28 10:11:17 -07:00