wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 10:20:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,453 Commits 12 Branches 184 Tags
9be1b4cfd8a1914c98dcf03f74bd11787c77c4fd
Commit Graph

10453 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
9be1b4cfd8 Remove tabs 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
944d5e1045 Don't count null char in better way 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
7c1a1dfd1f Variable declaration at start of scope 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
308c5f3370 Fix implicit cast 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
5f39e12b21 Fix leak in SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
8dde06bbca Fix compile errors 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
dd07344499 SSL_SESSION_dup 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
3c9d191a5b Don't propogate ASN_NO_PEM_HEADER from wolfSSL_load_client_CA_file 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
1962159d89 more NGINX defines 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
b71758895e Add support for SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
b7913116c0 Remove redeclaration 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
9fbc167d0c Declare at start of scope 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
d9ab0c4bcb Check bounds 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
ea5ac675ed WIP 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
f0abd4ea82 WIP 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
9064de1e75 Set proper WOLFSSL_ASN1_TIME in thisupd and nextupd in wolfSSL_OCSP_resp_find_status 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
31c0abd610 wolfSSL_X509_NAME_print_ex should not put the null terminator in the BIO 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
de3c11d55c opensslall required 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
a892f2a95a Changes for nginx 1.15 
- ssl.c: add to check to overwrite existing session ID if found
- evp.c: wolfSSL_EVP_DecryptFinal* was checking for wrong value
 2019-11-27 17:45:49 +01:00
toddouska
1b63ab0e73 Merge pull request #2623 from SparkiDev/set_ser_rand 
Generating serial number - clear top bit
 2019-11-26 16:14:54 -08:00
toddouska
7cb5fe5e2a Merge pull request #2620 from tmael/ALPN_input 
Fix alpn buffer overrun
 2019-11-26 15:31:56 -08:00
toddouska
57df5c10c9 Merge pull request #2619 from dgarske/async_mem 
Fix for Intel QuickAssist asynchronous build
 2019-11-26 15:29:04 -08:00
toddouska
0d69950d07 Merge pull request #2615 from SparkiDev/mp_exptmod_neg_p 
Handle negative modulus with negative exponent in exptmod
 2019-11-26 15:20:54 -08:00
toddouska
95c9dc9fe8 Merge pull request #2614 from ejohnstown/maintenance-OCSP 
Maintenance: OCSP
 2019-11-26 15:19:27 -08:00
toddouska
9b7cd6bdfd Merge pull request #2613 from tmael/evp_aes_gcm 
Set default IV length for EVP aes gcm
 2019-11-26 15:18:27 -08:00
toddouska
5d41ef171c Merge pull request #2610 from ejohnstown/maintenance-DTLS 
Maintenance: DTLS
 2019-11-26 15:17:22 -08:00
toddouska
9ecafa7afe Merge pull request #2557 from tmael/cert_store_ls_x509 
Retrieve a stack of X509 certs
 2019-11-26 15:16:09 -08:00
Sean Parkinson
6325269236 Generating serial number - clear top bit 
If the top bit is set then the encoding routine will drop a byte of the
serial number.
Better to ensure number is positive, top bit clear, and use as much of
the serial number data as possible.
 2019-11-25 15:36:11 +10:00
Tesfa Mael
8bc3b7df35 Free x509 2019-11-22 14:31:59 -08:00
Tesfa Mael
cf127ec05f Fix buffer overrun 2019-11-22 10:33:17 -08:00
David Garske
be88bce36d Fix for issues with wolfSSL_OBJ_nid2sn and wc_OBJ_sn2nid and logic finding max item when WOLFSSL_CUSTOM_CURVES and ECC_CACHE_CURVE are defined. Improvements to wolfSSL_EC_get_builtin_curves to avoid using "min" as variable name and eliminate using a local static. 2019-11-22 10:09:10 -08:00
David Garske
ffb3dfd6ec Fixes for minor test.c build configuration issues. 2019-11-22 07:01:10 -08:00
David Garske
cdc50d7753 Revert header change in #2504 for asynchronous crypto quickassist_mem.h. 2019-11-22 05:59:57 -08:00
Sean Parkinson
50c4347748 More corner cases in tfm 
Handle zero base in fp_exptmod better().
Handle negatives in fp_gcd().
Return FP_OKAY when writing out 0 with mp_toradix().
 2019-11-22 09:56:02 +10:00
John Safranek
71943844d6 Maintenance: OCSP 
1. Add a couple more bounds checks to wolfIO_HttpProcessResponseBuf().
 2019-11-21 14:51:35 -08:00
John Safranek
edb07cf68e Merge pull request #2587 from guidovranken/ocsp-resp-decoder-bounds-fix 
Properly limit array access in OCSP response decoder
 2019-11-21 10:13:49 -08:00
Tesfa Mael
428d51e664 IV is set in the evp ctx level 2019-11-21 09:58:03 -08:00
toddouska
e883a2f696 Merge pull request #2611 from SparkiDev/sp_int_add_fix 
Fix sp_add to handle carries properly
 2019-11-21 08:59:09 -08:00
Sean Parkinson
f56a74b6b7 Handle negative modulus with negative exponent in exptmod 2019-11-21 14:55:13 +10:00
John Safranek
6720bc3890 Maintenance: OCSP 
1. Add some minimum bounds checking on the HTTP responses as some can
end up being too short.
 2019-11-20 17:25:03 -08:00
Tesfa Mael
f95d5eebff Add FreeX509() to clean up when sk stack is empty 2019-11-20 17:02:13 -08:00
Tesfa Mael
6c732725b0 Test evp aes gcm with default IV length 2019-11-20 16:37:15 -08:00
toddouska
b33ce2207d Merge pull request #2608 from SparkiDev/use_heap 
When disabled memory, ensure all heap and types are used
 2019-11-20 16:18:07 -08:00
toddouska
a2d036dcba Merge pull request #2601 from SparkiDev/certs_exts_fix 
ProcessPeerCerts allocating memory for exts with OPENSSL_EXTRA properly
 2019-11-20 16:17:28 -08:00
Sean Parkinson
a20db0b8ad Fix sp_add to handle carries properly 2019-11-21 09:47:17 +10:00
John Safranek
ce0136e968 Maintenance: Integers 
In TFM and Integer, rshb() shouldn't try to shift a value that is 0.
This leads to using a negative offset to a pointer, but isn't used.
 2019-11-20 13:55:57 -08:00
John Safranek
71690fc73a Maintenance: DTLS 
1. Updated the window scrolling. There was a couple off-by-one errors in
the DTLS window handling. They canceled each other out, but there was a
rare case where they would shift too much.
 2019-11-20 13:46:23 -08:00
John Safranek
188eb45433 Maintenance: DTLS 
Removed redundant sequence increment when sending the Server Hello message.
 2019-11-20 13:08:01 -08:00
John Safranek
19d8ef405c Maintenance: DTLS 
When encrypting with AES-GCM, AES-CCM, or PolyChacha, do not increment
the DTLS sequence number. The sequence number should only be incremented
in BuildMessage. This was done because the sequence number used to be
incremented after calculating the HMAC or after the encrypt for AEAD
ciphers. The HMAC has been separated from the sequence increment.
 2019-11-20 10:56:56 -08:00
toddouska
88fb7efb8c Merge pull request #2602 from SparkiDev/certs_exts_free 
ProcessPeerCerts jump to error handling instead of returning
 2019-11-20 09:25:48 -08:00