Commit Graph

3927 Commits

Author SHA1 Message Date
toddouska 78fa84be00 Merge pull request #2649 from SparkiDev/rsa_pubonly
Fix RSA public key only builds
2019-12-27 12:55:34 -08:00
toddouska dd28f26c44 Merge pull request #2699 from JacobBarthelmeh/Testing
big endian changes
2019-12-27 12:52:30 -08:00
Eric Blankenhorn b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
JacobBarthelmeh ca59bc2d16 big endian changes 2019-12-23 12:33:59 -07:00
David Garske 2aa8fa2de6 Merge pull request #2688 from kaleb-himes/GH2552
use const to declare array rather than variable sz - VS doesn't like …
2019-12-19 08:52:30 -08:00
kaleb-himes 95c0c1f2a5 use const to declare array rather than variable sz - VS doesn't like this 2019-12-18 16:08:26 -08:00
toddouska 6922d7031c Merge pull request #2685 from embhorn/coverity_fixes
Coverity fixes
2019-12-18 14:06:48 -08:00
toddouska 531fedfbb4 Merge pull request #2687 from ejohnstown/dtls-cap
DTLS Handshake Message Cap
2019-12-18 13:50:52 -08:00
David Garske c054293926 Merge pull request #2684 from JacobBarthelmeh/build-tests
fix for g++ build warning
2019-12-18 12:09:29 -08:00
Eric Blankenhorn 52893877d7 Fixes from review 2019-12-18 13:25:25 -06:00
toddouska 5a04ee0d8b Merge pull request #2640 from dgarske/alt_chain
Fixes for Alternate chain processing
2019-12-18 09:38:45 -08:00
Jacob Barthelmeh b5f645ea00 fix for g++ build warning 2019-12-18 10:01:52 -07:00
David Garske b126802c36 Clarify logic for skipping call to AddCA. 2019-12-18 06:04:26 -08:00
John Safranek ef6938d2bc DTLS Handshake Message CAP
Cap the incoming DTLS handshake messages size the same way we do for
TLS. If handshake messages claim to be larger than the largest allowed
certificate message, we error out.
2019-12-17 16:55:58 -08:00
toddouska f81ce71c25 Merge pull request #2660 from JacobBarthelmeh/Compatibility-Layer
add --disable-errorqueue option
2019-12-17 16:37:02 -08:00
toddouska 06e5e81b1b Merge pull request #2663 from embhorn/zd5050
Clarify wolfSSL_shutdown error on subsequent calls
2019-12-17 14:59:35 -08:00
Eric Blankenhorn 0bb8ae8564 Fixes for new defects in wolfCryot and wolfSSL (excluding test code) 2019-12-13 17:17:13 -06:00
David Garske f2115b2c2b Merge pull request #2652 from ejohnstown/maintenance-error
Maintenance: Error Strings
2019-12-13 15:03:32 -08:00
John Safranek e7af2d2ba9 Fixed a couple initialization issues scan-build indicated. 2019-12-12 16:50:37 -08:00
Eric Blankenhorn 51d5abd63f Clarify wolfSSL_shutdown error on subsequent calls 2019-12-12 13:16:52 -06:00
Jacob Barthelmeh 2e5258fe15 add --disable-errorqueue option 2019-12-11 11:19:58 -07:00
kaleb-himes 2b66a9f1ec Address reviewed items 2019-12-09 14:44:59 -07:00
kaleb-himes 072fe8fd6d More complete fix for removing NO_SKID condition as default with CRL enabled 2019-12-07 03:39:57 -07:00
John Safranek 19a4371d48 Maintenance: Error Strings
1. One of the error string was >80 bytes long. Shortened it.
2. The function that copies an error string to an output array needs to
ensure the string is still null terminated.
3. Added a check to the wolfCrypt test to see that error strings aren't
>= 80 bytes long.
2019-12-06 09:53:39 -08:00
Sean Parkinson 2528121925 Fix RSA public key only builds
Client side only and no client auth
2019-12-06 20:42:27 +10:00
toddouska 7ec448ac0c Merge pull request #2617 from embhorn/zd9553
Fix for vasprintf with AIX
2019-12-05 16:15:24 -08:00
toddouska 312d5c98b3 Merge pull request #2535 from julek-wolfssl/nginx-1.15
Nginx 1.15.0 & 1.16.1
2019-12-05 14:40:45 -08:00
toddouska a13ebf5258 Merge pull request #2543 from embhorn/zd5706
Update DoVerifyCallback to check verify param hostName and ipasc
2019-12-05 14:38:47 -08:00
David Garske 9b437384de Allow AddCA for root CA's over the wire that do not have the extended key usage cert_sign set. 2019-12-04 14:14:37 -08:00
David Garske b01c558adb Fix to not send alert until after the verify cert callback and alternate chain logic has been evaluated. 2019-12-04 12:41:23 -08:00
David Garske acd4bc3305 Added logging for SendAlert call. 2019-12-04 11:02:22 -08:00
David Garske 3646051434 Fix for alternate chain logic where presented peer's CA could be marked as trusted.
When building with `WOLFSSL_ALT_CERT_CHAINS` a peer's presented CA could be incorrectly added to the certificate manager, marking it as trusted.

Began in PR #1934
ZD 9626
2019-12-04 06:56:36 -08:00
Eric Blankenhorn 1026c4359d Cast XMALLOC 2019-11-27 14:47:48 -06:00
Tesfa Mael acdfc514b3 Use memset initialize 2019-11-27 11:09:57 -08:00
Eric Blankenhorn 806db8096c Replace use of vasprintf 2019-11-27 11:00:28 -06:00
Juliusz Sosinowicz b06cee333c Add error on EOF 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 0f4a002f4f Formatting 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 9be1b4cfd8 Remove tabs 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 944d5e1045 Don't count null char in better way 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 7c1a1dfd1f Variable declaration at start of scope 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 308c5f3370 Fix implicit cast 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 5f39e12b21 Fix leak in SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 8dde06bbca Fix compile errors 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz dd07344499 SSL_SESSION_dup 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 3c9d191a5b Don't propogate ASN_NO_PEM_HEADER from wolfSSL_load_client_CA_file 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 1962159d89 more NGINX defines 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz b71758895e Add support for SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 9fbc167d0c Declare at start of scope 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz d9ab0c4bcb Check bounds 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz f0abd4ea82 WIP 2019-11-27 17:45:49 +01:00