wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 01:52:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,355 Commits 12 Branches 184 Tags
cbe46f8d74f73a94b1844f0ef8f65e166ecbd4ac
Commit Graph

1982 Commits

Author SHA1 Message Date
David Garske
4e829bc0a5 Fix to assign default OID for TLS supported curves based on loaded extension order. 2017-03-30 13:54:24 -07:00
David Garske
75abeaecfc Updates for TKernel port (WOLFSSL_uTKERNEL2). Added support for InterNiche prconnect_pro using WOLFSSL_PRCONNECT_PRO. Cleanup the min/max functions. Add NO_STDIO_FGETS_REMAP to not include the fgets remap for WOLFSSL_uTKERNEL2. Fix TFM build warning. Added HAVE_POCO_LIB. Added wolfCrypt test temp cert path for WOLFSSL_uTKERNEL2 = /uda/. Added WOLFSSL_CURRTIME_REMAP for benchmark to allow different function name to be used for system which have a conflicting name. Add ability to use normal malloc/free with WOLFSSL_uTKERNEL2 using NO_TKERNEL_MEM_POOL. Added new XMALLOC_OVERRIDE to allow custom XMALLOC/XFREE/XREALLOC macros. Move CUSTOM_RAND_GENERATE up in RNG choices. Rename tls.c STK macros due to conflict. 2017-03-28 19:10:19 -07:00
toddouska
a7c131c0a1 fix vs warning 2017-03-24 11:19:01 -07:00
toddouska
86efbbbb1d simplify reset suites on cert/key changes to end of function 2017-03-24 10:40:42 -07:00
toddouska
4783fbfc4f better handling of TLS layer switching out CTX layer keys/certs 2017-03-24 10:19:01 -07:00
toddouska
3bb1723476 Merge pull request #768 from dgarske/crl_lookup 
Added support for inline CRL lookup when HAVE_CRL_IO is defined
 2017-03-17 12:18:45 -07:00
toddouska
ad57738cc6 Merge pull request #795 from JacobBarthelmeh/Testing 
bounds checking with adding string terminating character
 2017-03-17 12:07:55 -07:00
toddouska
36ecbfb1a8 fix NO_ASN_TIME build with --enable-wpas 2017-03-15 14:57:38 -07:00
Jacob Barthelmeh
0ef1b5d298 bounds checking with adding string terminating character 2017-03-15 13:40:41 -06:00
David Garske
4eb76e1d71 Fixes for building with IPV6. Added new WOLFSSL_IPV6 define to indicate IPV6 support. Fix to not include connect() and socket() calls unless HAVE_HTTP_CLIENT, HAVE_OCSP or HAVE_CRL_IO defined. Typo fixes. 2017-03-15 12:27:02 -07:00
David Garske
cf73a2244f Fix for stray brace in wolfIO_TcpConnect. Fix to typedef sockaddr_in6 only when TEST_IPV6 is defined. Moved XSOCKLENT into io.h. Added useful WOLFSSL_NO_SOCK, which can be used with WOLFSSL_USER_IO. 2017-03-15 12:26:40 -07:00
David Garske
d3a07858c0 Fixes based on peer review feedback. Fix to only include the non-blocking / select timeout functions when HAVE_IO_TIMEOUT is defined. Fix to only include TCP connect if HAVE_GETADDRINFO or HAVE_SOCKADDR defined. Cleanup of the “struct sockaddr*” to use typedef with HAVE_SOCKADDR. Moved helpful XINET_* and XHTONS/XNTOHS macros to io.h. 2017-03-15 12:26:18 -07:00
David Garske
628f740363 Added support for inline CRL lookup when HAVE_CRL_IO is defined (shares code with OCSP lookup in io.c). Added http chunk transfer encoding support. Added default connection timeout value (DEFAULT_TIMEOUT_SEC) and new wolfIO_SetTimeout() API with HAVE_IO_TIMEOUT. Added generic wolfIO_ API’s for connect, select, non-blocking, read and write. Added new define USE_WOLFSSL_IO to enable access to new wolfIO_* socket wrappers even when WOLFSSL_USER_IO is defined. Moved all API declarations for io.c into new io.h header. Added HAVE_HTTP_CLIENT to expose HTTP API’s. Moved SOCKET_T and SOCKET_ defines into io.h. Added WOLFIO_DEBUG define to display request/responses. 2017-03-15 12:26:18 -07:00
Sean Parkinson
97b98c5c44 Changes from review 
Add a free handshake resources API.
Rename to wolfSSL_KeepHandshakeResources().
Add APIs to indicate the client's preference order is to be used when
matching cipher suites.
 2017-03-15 09:09:25 +10:00
Sean Parkinson
ac713e62c5 Code review fixes 
Put back check for server end when setting DH.
Add option to keep resources rather than free after handshake.
 2017-03-15 09:09:25 +10:00
Sean Parkinson
122f648fd8 Only support client preference order as default for WPAS. 2017-03-15 09:09:02 +10:00
Sean Parkinson
fd3093f937 Protect code with #ifdefs 2017-03-15 09:09:02 +10:00
Sean Parkinson
e2930b0a43 Changes for WPA Supplicant 2017-03-15 09:09:02 +10:00
toddouska
4210ce0f67 Merge pull request #789 from SparkiDev/jenkins 
Fixes for extended configuration testing
 2017-03-14 10:00:39 -07:00
David Garske
e98a0465ae tenAsys INtime RTOS port. Porting complete for mutex semaphores, threading, file, socket and RNG. Added projects for libwolfssl and wolfExamples. The wolfExamples project includes examples for wolfCrypt Test/Benchmark and wolfSSL TLS client/server. Provided reference user_settings.h with comments and enable/disable gates. Added README.md with overview and instructions. Fixed issue building master with NO_WOLFSSL_DIR defined. Added check if old TLS is enabled that SHA and MD5 are enabled. Cleanup of the wolfCrypt test use of USE_CERT_BUFFERS with file system enabled. 2017-03-13 09:48:55 -07:00
Sean Parkinson
614231f71c Fixes for extended configuration testing 2017-03-13 11:33:39 +10:00
Sean Parkinson
80fe2a3524 Fix elliptic curve selection. 
Preference by:
1. the default for the curve strength (eccTempKeySz),
2. a curve at the curve strength (eccTempKeySz),
3. the default for next higher curve strength,
4. the first curve (client order) with the next highest curve strength
 2017-03-11 10:17:15 +10:00
toddouska
2bb14903f9 Merge pull request #698 from SparkiDev/nginx 
Get Nginx working with wolfSSL
 2017-03-09 10:23:20 -08:00
David Garske
a55ebb4c18 Fixes for building CRL with Windows. Refactor load_verify_buffer and LoadCRL to use new wc_ReadDir* functions. Added new directory/file API's: wc_ReadDirFirst(), wc_ReadDirNext(), wc_ReadDirClose(). Moved MAX_PATH and MAX_FILENAME_SZ to wc_port.h. Moved BAD_PATH_ERROR into error-crypt.h. The wc_ReadDir is only supported when NO_WOLFSSL_DIR and NO_FILESYSTEM are not defined. Add map to __FUNCTION__ macro in Windows with debug enabled (to resolve build error with VS and __func__ missing). Fix cast warning on response from EncodeOcspRequestExtensions. Fix for cast to call to BuildCertificateStatus. 2017-03-08 11:21:11 -08:00
Sean Parkinson
ae6fbb220f Pass the context to statusCb (needed in Nginx 1.10.3) 2017-03-06 10:58:25 +10:00
toddouska
ba1a8d7681 Merge pull request #765 from dgarske/scanbuild_fixes 
Fixes for scan-build warnings
 2017-03-03 15:58:10 -08:00
toddouska
0d3ef0b399 Merge pull request #776 from dgarske/fix_iis_signature_algorithms 
Fix issue with IIS servers and NO_OLD_TLS
 2017-03-03 12:51:22 -08:00
JacobBarthelmeh
6800ffe8fa Merge pull request #772 from toddouska/sr3-fix 
fix signer memory takeover on malformed data
 2017-03-03 10:21:01 -07:00
toddouska
eef3ec4a87 Merge pull request #763 from NickolasLapp/master 
Changes to bring wolfssl up to date with stunnel 5.40
 2017-03-03 09:00:11 -08:00
Sean Parkinson
0182d99efb Updates for nginx 1.10.3 
Don't return global error when: SOCKET_PEER_CLOSED_E or SOCKET_ERROR_E
Increase max ex_data items to 5
 2017-03-03 16:38:29 +10:00
David Garske
b5fe3ddbfa Fix to allow connection to IIS server which requires SHA1 hash algo to be present in signature_algos extension. Issue only exists when NO_OLD_TLS is defined. To enable SHA1 with TLS 1.2 define "WOLFSSL_ALLOW_TLS_SHA1”. 2017-03-02 18:18:05 -08:00
John Safranek
ec1d8c7090 Fixed where the client was using NULL instead of ssl->heap when allocating memory during SendClientKeyExchange(). Failing on an embedded static build. 2017-03-02 10:05:24 -08:00
David Garske
d903059e05 Fixes to allow signature_algorithms extension to send SHA1 (if enabled) and NO_OLD_TLS is defined. This resolves an issue connected to ISS servers. 2017-03-01 19:07:13 -08:00
toddouska
2d612da9f4 fix signer memory takeover on malformed data 2017-03-01 10:25:54 -08:00
Sean Parkinson
13e6217fd5 Changes from code review 2017-03-01 08:38:54 +10:00
Sean Parkinson
d4abeb56db Fixes required after logging changes to master. 2017-03-01 08:38:54 +10:00
Sean Parkinson
e6434f380b Get Nginx working with wolfSSL 2017-03-01 08:38:54 +10:00
Jacob Barthelmeh
26bd19bbd8 debug message fix 2017-02-23 17:15:44 -07:00
David Garske
9db6a27921 Fixes for scan-build warnings. Fix possible memory leak in wolfSSL_DH_new on failure. Add null checks in integer.c for destination to make sure “dp” grows when NULL (even though never happens in real-use). Added suppression of wc_port.c warning “Value stored to 'ret' is never read”. 2017-02-23 14:47:36 -08:00
toddouska
bdbb98ed20 Merge pull request #735 from dgarske/norm_math_speedup 
Normal math speed-up to not allocate on mp_int and defer until mp_grow
 2017-02-22 14:29:51 -08:00
John Safranek
d52f44108c Merge pull request #762 from moisesguimaraes/fix-ocsp-request 
Adds missing free(request) in CheckOcspRequest()
 2017-02-22 14:19:51 -08:00
Moisés Guimarães
8bbcdf977d adds missing free(request) in CheckOcspRequest() 2017-02-22 10:43:07 -08:00
Nickolas Lapp
2ef4525d4d Changes to bring wolfssl up to date with stunnel 5.40 2017-02-22 11:15:59 -07:00
dgarske
aeea24a5e3 Merge pull request #760 from toddouska/mcheck 
fix small stack malloc checks
 2017-02-21 14:33:44 -08:00
David Garske
9c7407d18c Added return codes to wc_InitDhKey, wc_InitDsaKey and mp_set. Added missing return code checks on mp_copy in ecc.c. Fixed build with DSA and no ECC where mp_set function def would be missing. 2017-02-21 14:03:21 -08:00
David Garske
da5825b94d Normal math speed-up to not allocate on mp_int and defer until mp_grow. Added memory tracker support to ./tests/unit.test. Fix memory leak with curve cache enabled, by adding to wolfSSL_Cleanup. 2017-02-21 13:59:38 -08:00
toddouska
e9c806a639 Merge pull request #743 from JacobBarthelmeh/master 
change pem_password_cb typedef for compatibility
 2017-02-21 13:23:05 -08:00
toddouska
fc85b8189c fix small stack malloc checks 2017-02-21 11:18:09 -08:00
David Garske
f0112c2f7d Fix for ProcessUserChain with WOLFSSL_SMALL_STACK defined causing stack corruption. 2017-02-21 10:38:44 -08:00
Jacob Barthelmeh
0cbc640aad memory managment in crl.c with crl monitor 2017-02-09 15:39:55 -07:00