wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 07:22:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,508 Commits 12 Branches 184 Tags
bd8a612d6cd64bb482ea5470448019193987f262
Commit Graph

3898 Commits

Author SHA1 Message Date
toddouska
7ec448ac0c Merge pull request #2617 from embhorn/zd9553 
Fix for vasprintf with AIX
 2019-12-05 16:15:24 -08:00
toddouska
312d5c98b3 Merge pull request #2535 from julek-wolfssl/nginx-1.15 
Nginx 1.15.0 & 1.16.1
 2019-12-05 14:40:45 -08:00
toddouska
a13ebf5258 Merge pull request #2543 from embhorn/zd5706 
Update DoVerifyCallback to check verify param hostName and ipasc
 2019-12-05 14:38:47 -08:00
Eric Blankenhorn
1026c4359d Cast XMALLOC 2019-11-27 14:47:48 -06:00
Tesfa Mael
acdfc514b3 Use memset initialize 2019-11-27 11:09:57 -08:00
Eric Blankenhorn
806db8096c Replace use of vasprintf 2019-11-27 11:00:28 -06:00
Juliusz Sosinowicz
b06cee333c Add error on EOF 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
0f4a002f4f Formatting 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
9be1b4cfd8 Remove tabs 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
944d5e1045 Don't count null char in better way 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
7c1a1dfd1f Variable declaration at start of scope 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
308c5f3370 Fix implicit cast 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
5f39e12b21 Fix leak in SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
8dde06bbca Fix compile errors 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
dd07344499 SSL_SESSION_dup 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
3c9d191a5b Don't propogate ASN_NO_PEM_HEADER from wolfSSL_load_client_CA_file 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
1962159d89 more NGINX defines 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
b71758895e Add support for SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
9fbc167d0c Declare at start of scope 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
d9ab0c4bcb Check bounds 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz
f0abd4ea82 WIP 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
9064de1e75 Set proper WOLFSSL_ASN1_TIME in thisupd and nextupd in wolfSSL_OCSP_resp_find_status 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
31c0abd610 wolfSSL_X509_NAME_print_ex should not put the null terminator in the BIO 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz
a892f2a95a Changes for nginx 1.15 
- ssl.c: add to check to overwrite existing session ID if found
- evp.c: wolfSSL_EVP_DecryptFinal* was checking for wrong value
 2019-11-27 17:45:49 +01:00
Tesfa Mael
2e487a2463 Init uninitialised values 2019-11-27 07:46:33 -08:00
toddouska
7cb5fe5e2a Merge pull request #2620 from tmael/ALPN_input 
Fix alpn buffer overrun
 2019-11-26 15:31:56 -08:00
toddouska
57df5c10c9 Merge pull request #2619 from dgarske/async_mem 
Fix for Intel QuickAssist asynchronous build
 2019-11-26 15:29:04 -08:00
toddouska
95c9dc9fe8 Merge pull request #2614 from ejohnstown/maintenance-OCSP 
Maintenance: OCSP
 2019-11-26 15:19:27 -08:00
toddouska
9b7cd6bdfd Merge pull request #2613 from tmael/evp_aes_gcm 
Set default IV length for EVP aes gcm
 2019-11-26 15:18:27 -08:00
toddouska
5d41ef171c Merge pull request #2610 from ejohnstown/maintenance-DTLS 
Maintenance: DTLS
 2019-11-26 15:17:22 -08:00
toddouska
9ecafa7afe Merge pull request #2557 from tmael/cert_store_ls_x509 
Retrieve a stack of X509 certs
 2019-11-26 15:16:09 -08:00
Tesfa Mael
8bc3b7df35 Free x509 2019-11-22 14:31:59 -08:00
Tesfa Mael
cf127ec05f Fix buffer overrun 2019-11-22 10:33:17 -08:00
David Garske
be88bce36d Fix for issues with wolfSSL_OBJ_nid2sn and wc_OBJ_sn2nid and logic finding max item when WOLFSSL_CUSTOM_CURVES and ECC_CACHE_CURVE are defined. Improvements to wolfSSL_EC_get_builtin_curves to avoid using "min" as variable name and eliminate using a local static. 2019-11-22 10:09:10 -08:00
John Safranek
71943844d6 Maintenance: OCSP 
1. Add a couple more bounds checks to wolfIO_HttpProcessResponseBuf().
 2019-11-21 14:51:35 -08:00
Eric Blankenhorn
b57294eff7 Fix for vasprintf with AIX 2019-11-21 12:23:15 -06:00
Tesfa Mael
428d51e664 IV is set in the evp ctx level 2019-11-21 09:58:03 -08:00
John Safranek
6720bc3890 Maintenance: OCSP 
1. Add some minimum bounds checking on the HTTP responses as some can
end up being too short.
 2019-11-20 17:25:03 -08:00
Tesfa Mael
f95d5eebff Add FreeX509() to clean up when sk stack is empty 2019-11-20 17:02:13 -08:00
toddouska
b33ce2207d Merge pull request #2608 from SparkiDev/use_heap 
When disabled memory, ensure all heap and types are used
 2019-11-20 16:18:07 -08:00
toddouska
a2d036dcba Merge pull request #2601 from SparkiDev/certs_exts_fix 
ProcessPeerCerts allocating memory for exts with OPENSSL_EXTRA properly
 2019-11-20 16:17:28 -08:00
John Safranek
71690fc73a Maintenance: DTLS 
1. Updated the window scrolling. There was a couple off-by-one errors in
the DTLS window handling. They canceled each other out, but there was a
rare case where they would shift too much.
 2019-11-20 13:46:23 -08:00
John Safranek
188eb45433 Maintenance: DTLS 
Removed redundant sequence increment when sending the Server Hello message.
 2019-11-20 13:08:01 -08:00
John Safranek
19d8ef405c Maintenance: DTLS 
When encrypting with AES-GCM, AES-CCM, or PolyChacha, do not increment
the DTLS sequence number. The sequence number should only be incremented
in BuildMessage. This was done because the sequence number used to be
incremented after calculating the HMAC or after the encrypt for AEAD
ciphers. The HMAC has been separated from the sequence increment.
 2019-11-20 10:56:56 -08:00
toddouska
88fb7efb8c Merge pull request #2602 from SparkiDev/certs_exts_free 
ProcessPeerCerts jump to error handling instead of returning
 2019-11-20 09:25:48 -08:00
toddouska
2a7fb69523 Merge pull request #2604 from SparkiDev/disabled_curve_fix 
TLS supported curve extension - validate support fix
 2019-11-20 09:17:50 -08:00
Tesfa Mael
f1fbabbb60 Use default 96-bits IV length when unset 2019-11-20 09:09:12 -08:00
Sean Parkinson
d441cee6fb When disabled memory, ensure all heap and types are used 2019-11-20 17:06:42 +10:00
Sean Parkinson
917e5b0405 TLS 1.3 client detects non-TLS 1.3 cipher suite in ServerHello 2019-11-20 12:22:00 +10:00
Sean Parkinson
c7f7d1b193 TLS supported curve extension - validate support fix 
Check curve name is in range before checking for disabled
 2019-11-20 09:38:06 +10:00