Commit Graph

60 Commits

Author SHA1 Message Date
Moisés Guimarães 8bbcdf977d adds missing free(request) in CheckOcspRequest() 2017-02-22 10:43:07 -08:00
toddouska ea96fa95b3 add new OCSP response validated debug message and remove redundant ret set 2017-01-28 11:11:25 -08:00
toddouska a10d464126 fix scan-build warning and simplify CheckOcspRequest validation 2017-01-27 17:07:31 -08:00
toddouska f44bbe9ba3 Better CheckOcspRequest error detection on retry 2017-01-27 15:42:00 -08:00
Nickolas Lapp 1792eba1a2 Rename *Mutex Functions with wc_ prefix. Expose these functions for
Stunnel. Various other changes to enable stunnel compling
2016-10-03 16:36:05 -06:00
Jacob Barthelmeh 7943f68f2a run allocation tool on ocsp and check for mallocs 2016-06-09 12:03:28 -06:00
Jacob Barthelmeh e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
Jacob Barthelmeh e1edadafe1 ocsp with static memory, remove unused function 2016-06-06 16:19:33 -06:00
Jacob Barthelmeh e60adfc9da better naming of macro and alter misc.c check 2016-03-29 13:42:40 -06:00
Jacob Barthelmeh 2665db73a4 check for compiling misc.c when not needed 2016-03-28 16:03:15 -06:00
Jacob Barthelmeh e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske 80aa431689 Fixes multiple Jenkins warnings/failures. First is PickHashSigAlgo is required for client builds or if certs are enabled. Fixed scan-build warning with OCSP not recognized ForceZero as cleaning memory and using possible garbage value. Also cleaned up the OCSP functions to use struct buffer* instead of void* for clarity with a little forward declaration. 2016-03-10 09:38:11 -08:00
toddouska 157486ce0d fix hint types for misuse of in_buffer and out_buffer 2015-12-29 16:13:09 -08:00
Moisés Guimarães ec9d23a9c3 Merge branch 'csr' 2015-12-28 19:38:04 -03:00
Moisés Guimarães 21d70636dc Merge branch csr into 'master' 2015-11-02 15:51:01 -03:00
toddouska 21cf0e437e add --enable-cryptonly build option 2015-09-10 16:24:25 -07:00
kaleb-himes c516c42c9a reduce footprint size removing compatibility layer where no longer needed 2015-02-17 14:20:10 -07:00
kaleb-himes a389620a29 Copyright (C) updates 2015-01-08 09:39:04 -07:00
Kaleb Himes 8212f5df46 src and compatability layer updates 2014-12-19 12:50:30 -07:00
Kaleb Himes c97db6ba6e src updated, CTaoCrypt -> wc_ 2014-12-19 11:27:01 -07:00
Kaleb Himes a073730c38 compatibility layer includes 2014-12-18 14:06:27 -07:00
Moisés Guimarães fb3e706d69 ocsp: refactoring CheckCertOCSP to reduce stack usage:
--- variable newStatus moved to the heap (sizeof(CertStatus) saved)
--- variable ocspRequest moved to the heap (sizeof(OcspRequest) saved)
--- variable ocspResponse moved to the heap (sizeof(OcspResponse) saved)
2014-07-21 22:52:05 -03:00
Chris Conlon be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
toddouska fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska 1fd6245600 fix all clang warnings except Wpadded (diagnostic), Wconversion which inludes Wsign-conversion (implicit conversions part of standard) 2014-03-03 13:27:52 -08:00
John Safranek 909b9258d6 Thread safe OCSP. 2014-01-31 16:59:13 -08:00
John Safranek d46c68ba10 Moved OCSP into the CertManager like the CRL. 2013-12-27 12:11:47 -08:00
John Safranek 14aa114854 Trimmed unused includes and defines from OCSP source. 2013-12-23 14:33:44 -08:00
John Safranek 0c34ecb451 OCSP Updates
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
   when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
   Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
   response and obtain the complete OCSP response.
2013-06-24 10:47:24 -07:00
John Safranek 9753e46721 minor OCSP update
1. When doing the HTTP transaction, use recv() and send().
2. When a cert doesn't have an Auth Info extension, and not using
   an override server, it is considered good.
3. decode_url() should return -1 in case of error.
4. When decoding HTTP response, process all the headers, skipping all
   of those that are not-processed.
2013-05-24 17:23:07 -07:00
toddouska 97e0ec073f make sure all lib proper *.c files have config.h then settings.h then checks for defines in case user using settings.h for lib config 2013-04-10 11:04:29 -07:00
toddouska b2b45d3f4a sb fixes for crl and ocsp 2013-02-20 15:26:22 -08:00
toddouska 44e0d7543c change copyright name with name change 2013-02-05 12:44:17 -08:00
toddouska f4f13371f9 update copyright date 2013-02-04 14:51:41 -08:00
John Safranek ac885c40f0 fix a memory leak when OCSP lookup fails 2013-01-04 13:13:20 -08:00
John Safranek ac227910f1 modify OCSP to use a replacable callback to perform the OCSP transaction 2013-01-03 17:19:56 -08:00
John Safranek 51787db76b changed ocsp lookup to use dynamic mem for request rather than stack 2012-12-19 18:09:05 -08:00
John Safranek 4e657debfc added the ability to disable OCSP nonces 2012-12-19 10:18:11 -08:00
John Safranek ac1890922b removed unused variable from lookup cert 2012-12-12 08:53:51 -08:00
John Safranek e925fbdbd6 check correct pointer before freeing when done looking up cert 2012-12-07 15:49:43 -08:00
John Safranek 90e6a4dd8c linux build warnings fix 2012-11-01 15:27:05 -07:00
John Safranek 134c6b8b1b cleaning warnings in OCSP build 2012-11-01 15:03:29 -07:00
Chris Conlon 7ec04c16b6 EBSnet RTIP support 2012-08-13 17:10:05 -06:00
John Safranek 6120f03173 ocsp response date checking 2012-06-01 11:57:03 -07:00
John Safranek ca7bf0d01e Merge branch 'master' of github.com:cyassl/cyassl 2012-05-31 17:29:41 -07:00
John Safranek 6d76b2f247 dynamic allocation of OCSP responses, response signature check 2012-05-31 17:29:32 -07:00
toddouska a1157da304 move HAVE_OCSP to top of source for different build envs 2012-05-30 14:40:25 -07:00
John Safranek 4b8bb6cdfe fixed merge conflicts 2012-05-29 09:19:53 -07:00
John Safranek 9818fe4f55 changed DN hashing to cover the whole DER encoding per OCSP-RFC, OCSP changes towards dynamic storage of responses 2012-05-29 09:11:37 -07:00
toddouska a1bb4e3f93 gcc-lots-o-warnings fixes 2012-05-25 13:09:27 -07:00