wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 02:52:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,819 Commits 12 Branches 184 Tags
ac3eb470f9e17ecb03f9c100d375b13509fd22eb
Commit Graph

2910 Commits

Author SHA1 Message Date
connerwolfssl
13b7dad0fa documentation clean up, added check for asn generalized time 2018-06-27 10:22:47 -07:00
toddouska
5d767aa004 Merge pull request #1641 from ejohnstown/rename-inline 
Rename INLINE
 2018-06-27 09:34:41 -07:00
toddouska
1b2876679b Merge pull request #1631 from ejohnstown/wolfio-select 
wolfIO Select Update
 2018-06-26 19:27:20 -07:00
John Safranek
586874b997 Rename INLINE 
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
 2018-06-26 15:17:46 -07:00
toddouska
d9b5948947 Merge pull request #1605 from dgarske/asyncfsanitize 
Fixes for async to resolve runtime fsanitize issues
 2018-06-26 14:27:07 -07:00
John Safranek
9d7bcf8ec7 wolfIO Select Update 
1. In wolfIO_Select(), separate out the fd lists into separate read and write lists.
2. Check the read and write fds lists to see if the connect() succeeded or failed.
3. Windows doesn't use the nfds parameter to Select. Initialize it to zero and reset it to the right value when building for not-Windows.
4. Remove the warning disable for Windows.

GCC 8.1 checks that "restrict" pointer parameters don't point to the same thing and will error if they do.
 2018-06-22 10:49:57 -07:00
John Safranek
e6c7952f50 Merge master into fipsv2. Resolved a conflict in api.c. 2018-06-22 09:52:26 -07:00
David Garske
1cb5bbf8ea Fixes for some async issues. Fixes an async issue with BuildMessage. Fixes for PKCS7 tests to not use async since it is not supported. 2018-06-22 09:30:25 -07:00
David Garske
623f1b58ac Fix for min IV size check. Cleanup of the max IV to use new enum MAX_IV_SZ. 2018-06-22 09:30:25 -07:00
David Garske
64ba151c35 Experimental fixes for async to resolve runtime fsanitize issues with invalid memory access due to attempting realloc on non NUMA type. Tested with ./configure --with-intelqa=../QAT1.6 --enable-asynccrypt CC="clang -fsanitize=address" --enable-debug --disable-shared --enable-trackmemory CFLAGS="-DWOLFSSL_DEBUG_MEMORY -DWOLFSSL_DEBUG_MEMORY_PRINT" && make and sudo ./tests/unit.test. 2018-06-22 09:30:25 -07:00
toddouska
9d86d323ef Merge pull request #1628 from JacobBarthelmeh/Fuzzer 
sanity check on hashing size
 2018-06-20 17:46:38 -07:00
Jacob Barthelmeh
bf63003237 sanity check before reading word16 from buffer 2018-06-20 16:48:40 -06:00
Jacob Barthelmeh
2f43d5eece update size to be used with fuzzing 2018-06-20 15:29:05 -06:00
Jacob Barthelmeh
61655ef56d comment on sz value and sanity check before fuzzing 2018-06-20 09:21:56 -06:00
Jacob Barthelmeh
38f916a798 sanity check on hashing size 2018-06-18 15:50:44 -06:00
Jacob Barthelmeh
c98aca32c4 static analysis report fixes 2018-06-15 17:00:45 -06:00
Jacob Barthelmeh
a1295b3148 memory management with test cases 2018-06-15 15:43:42 -06:00
toddouska
0d0aa74444 Merge pull request #1623 from dgarske/fix_atecc508a 
Fixes for build with `WOLFSSL_ATECC508A` defined
 2018-06-15 11:06:33 -07:00
toddouska
55945acd55 Merge pull request #1622 from cconlon/cavp-selftest-fix 
fix CAVP self test build with newer raw hash functions
 2018-06-15 11:02:15 -07:00
Jacob Barthelmeh
c03c10e1d4 move location of wolfSSL_d2i_RSA_PublicKey to fix x509 small build 2018-06-14 14:38:15 -06:00
toddouska
139a08a98e Merge pull request #1621 from SparkiDev/tls13_no_cs 
Allow NO_WOLFSSL_CLIENT/SERVER to compile and pass tests
 2018-06-14 09:08:13 -07:00
David Garske
5b2bb44bc8 Fixes for build with WOLFSSL_ATECC508A defined. 2018-06-13 20:10:01 -07:00
toddouska
15348d4936 Merge pull request #1612 from dgarske/fixmatchdomainname 
Fixes for `MatchDomainName` to properly detect failures
 2018-06-13 13:13:52 -07:00
Chris Conlon
1db5d6ebd6 fix CAVP self test build with newer raw hash functions 2018-06-13 09:55:16 -06:00
Sean Parkinson
a03c15e598 Allow NO_WOLFSSL_CLIENT/SERVER to compile and pass tests 2018-06-13 11:42:16 +10:00
David Garske
1f16b36402 Fixes for MatchDomainName to properly detect failures: 
* Fix `MatchDomainName` to also check for remaining len on success check.
* Enhanced `DNS_entry` to include actual ASN.1 length and use it thoughout (was using XSTRLEN).

Added additional tests for matching on domain name:
* Check for bad common name with embedded null (CN=localhost\0h, Alt=None) - Note: Trouble creating cert with this criteria
* Check for bad alternate name with embedded null (CN=www.nomatch.com, Alt=localhost\0h)
* Check for bad common name (CN=www.nomatch.com, Alt=None)
* Check for bad alternate name (CN=www.nomatch.com, Alt=www.nomatch.com)
* Check for good wildcard common name (CN=*localhost, Alt=None)
* Check for good wildcard alternate name (CN=www.nomatch.com, Alt=*localhost)
 2018-06-12 14:15:34 -07:00
John Safranek
5e516cc2e0 Merge branch 'master' into fipsv2 2018-06-12 10:10:50 -07:00
David Garske
292e9535ae Fix for wolfSSL_ERR_clear_error to call wc_ClearErrorNodes when its available (mismatched macros), which was incorrectly causing test_wolfSSL_ERR_put_error to fail. Added test_wolfSSL_PEM_PrivateKey test for ECC based key. Refactored the RNG test to only run the reseed test if TEST_RESEED_INTERVAL is defined. This is the test that was causing the tests/api.c to take so long to complete. Will add this macro to the enable options test. 2018-06-12 09:38:18 -07:00
David Garske
e1890a4b0e Added some bad argument checks on compatibility functions BIO_new_mem_buf and PEM_read_bio_PrivateKey. 2018-06-12 09:38:18 -07:00
David Garske
ad0a10441d Fixes for building with openssl compatibility enabled and no TLS client/server. 
Resolves issues building with:
`./configure --enable-opensslextra --disable-rsa --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`
`./configure --enable-opensslextra --disable-ecc --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`

Ticket 3872
 2018-06-12 09:38:18 -07:00
toddouska
cb8351c027 Merge pull request #1607 from SparkiDev/tls13_interop_ver 
Return TLS 1.3 draft version in ServerHello
 2018-06-12 08:30:48 -07:00
toddouska
766323e90f Merge pull request #1613 from SparkiDev/tls13_post_auth 
Fix post authentication for TLS 1.3
 2018-06-12 08:29:38 -07:00
toddouska
3b74dbf86a Merge pull request #1609 from SparkiDev/tls13_time 
Don't include sys/time.h explicitly in tls13.c
 2018-06-12 08:27:43 -07:00
toddouska
49b82456eb Merge pull request #1618 from cconlon/opensslcompat 
Align return values for EVP_DigestUpdate/Final for OpenSSL Compatibility
 2018-06-12 08:25:18 -07:00
toddouska
29410ada1e Merge pull request #1595 from SparkiDev/tls13_cipher_down 
Fix for downgrading from TLS 1.3 due to old cipher suite
 2018-06-12 08:24:26 -07:00
toddouska
f2a20c4232 Merge pull request #1573 from SparkiDev/tls_pad_vfy 
Constant time padding and HMAC verification in TLS
 2018-06-12 08:22:32 -07:00
Sean Parkinson
b7caab938e Fix post authentication for TLS 1.3 2018-06-12 09:49:23 +10:00
Chris Conlon
a472325f89 return WOLFSSL_FAILURE on error from EVP_DigestUpdate() and EVP_DigestFinal() 2018-06-11 14:27:08 -06:00
David Garske
e99fc3026d Fixed issue with MatchDomainName. Fixes issue #1606. This is a valid and confirmed bug report in v3.15.0. Applies to ./configure --enable-sni case with wolfSSL_CTX_UseSNI where common name has wildcards. Pushing fix for visibility now and will add test case. 2018-06-08 10:09:53 -07:00
toddouska
bea0e6142a Merge pull request #1608 from dgarske/maxcerfix 
Resolves issue with reassembling large certificates
 2018-06-08 08:25:14 -07:00
Sean Parkinson
587f4ae79e Don't include sys/time.h explicitly in tls13.c 2018-06-08 09:00:12 +10:00
David Garske
00ddeb07d8 Resolves issue with reassembling large certificates. The ProcessPeerCerts function was using the wrong max size check for certs. Built and test with ./configure CFLAGS="-DMAX_CERTIFICATE_SZ=20000". 2018-06-07 15:56:37 -07:00
Sean Parkinson
020b69aba0 Return TLS 1.3 draft version in ServerHello 2018-06-07 22:01:42 +10:00
John Safranek
7e9a32fffd FIPS Revalidation 
Merge branch 'master' into fipsv2. Using a merge instead of a rebase to retain commit IDs and tags.
 2018-06-06 12:43:15 -07:00
Sean Parkinson
fcd2234841 Fix for downgrading from TLS 1.3 due to old cipher suite 
TLS 1.3 specification doesn't allow downgrading based on cipher suite.
 2018-06-04 12:42:41 +10:00
Takashi Kojo
3ff8c45aa8 FILE to XFILE 2018-06-01 09:30:20 +09:00
John Safranek
8a61b7303a Remove execute bit from a few files. 2018-05-31 10:14:47 -07:00
David Garske
a2fdc6262d Merge pull request #1586 from ejohnstown/suite-info 
Rerefactor Cipher Suite List
 2018-05-30 07:54:13 -07:00
Go Hosohara
b84f111d51 rebase with master branch and fix some code. 2018-05-30 17:15:07 +09:00
Go Hosohara
8cd357aa3a d2i_PKCS12_fp 2018-05-30 12:10:41 +09:00