wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 13:02:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,405 Commits 12 Branches 184 Tags
ffb3dfd6ec4b0d272d1dbd042ff6f3d674a75beb
Commit Graph

3844 Commits

Author SHA1 Message Date
toddouska
b33ce2207d Merge pull request #2608 from SparkiDev/use_heap 
When disabled memory, ensure all heap and types are used
 2019-11-20 16:18:07 -08:00
toddouska
a2d036dcba Merge pull request #2601 from SparkiDev/certs_exts_fix 
ProcessPeerCerts allocating memory for exts with OPENSSL_EXTRA properly
 2019-11-20 16:17:28 -08:00
toddouska
88fb7efb8c Merge pull request #2602 from SparkiDev/certs_exts_free 
ProcessPeerCerts jump to error handling instead of returning
 2019-11-20 09:25:48 -08:00
toddouska
2a7fb69523 Merge pull request #2604 from SparkiDev/disabled_curve_fix 
TLS supported curve extension - validate support fix
 2019-11-20 09:17:50 -08:00
Sean Parkinson
d441cee6fb When disabled memory, ensure all heap and types are used 2019-11-20 17:06:42 +10:00
Sean Parkinson
917e5b0405 TLS 1.3 client detects non-TLS 1.3 cipher suite in ServerHello 2019-11-20 12:22:00 +10:00
Sean Parkinson
c7f7d1b193 TLS supported curve extension - validate support fix 
Check curve name is in range before checking for disabled
 2019-11-20 09:38:06 +10:00
toddouska
5c4da3e6fa Merge pull request #2598 from dgarske/max_file_sz 
Improvements to file size checks
 2019-11-19 11:59:21 -08:00
toddouska
5de27443d0 Merge pull request #2596 from dgarske/mqx_fio_cleanup 
Support for MQX 5.0 and cleanup of the MQX includes
 2019-11-19 11:49:03 -08:00
David Garske
9a4614f6e1 Fix for possible uninitialized memSz in bio.c 2019-11-19 05:35:22 -08:00
Sean Parkinson
1b8f136d29 ProcessPeerCerts jump to error handling instead of returning 2019-11-19 13:17:29 +10:00
Sean Parkinson
f08dfb4afc ProcessPeerCerts allocating memory for exts with OPENSSL_EXTRA properly 2019-11-19 13:03:20 +10:00
toddouska
e6292eca9c Merge pull request #2597 from ejohnstown/octeon-global 
Sync OCTEON Sniffer
 2019-11-18 17:06:30 -08:00
toddouska
c6dac64438 Merge pull request #2594 from ejohnstown/maintenance-BLAKE2 
Maintenance BLAKE2
 2019-11-18 17:05:01 -08:00
toddouska
b646b7258b Merge pull request #2585 from dgarske/webrtc_m79 
Support for Google WebRTC (ref m79)
 2019-11-18 15:33:49 -08:00
toddouska
90f7a96721 Merge pull request #2593 from ejohnstown/maintenance-DH 
Maintenance: DH
 2019-11-18 15:18:16 -08:00
toddouska
6ffd931db1 Merge pull request #2564 from SparkiDev/tlsext_list_fix 
Modify linked list traversal - fix for compiler bug
 2019-11-18 15:04:26 -08:00
David Garske
48d0b53074 Fix for wolfSSL_cmp_peer_cert_to_file compiler warning with size_t vs long. 2019-11-18 14:01:16 -08:00
David Garske
ca5549ae91 Improvements for XFTELL return code and MAX_WOLFSSL_FILE_SIZE checking. 
Fixes #2527
 2019-11-18 13:49:06 -08:00
John Safranek
8347d00bf2 Maintenance BLAKE2 
1. Remove the BLAKE2 HMAC from wolfSSL and its testing.
 2019-11-18 13:31:15 -08:00
David Garske
1542482cd5 Cleanup of the MQX file headers for STDIO. Cleanup of fio.h and nio.h includes to use wc_port.h. ZD 9453. 2019-11-18 12:14:34 -08:00
David Garske
95b83272dd Implementation for SSL_CTX_add1_chain_cert. 2019-11-18 10:19:48 -08:00
John Safranek
3cd5a97473 Maintenance 
1. When getting the DH public key, initialize the P, G, and Pub pointers
to NULL, then set that we own the DH parameters flag. This allows
FreeSSL to correctly clean up the DH key.
 2019-11-14 14:42:58 -08:00
John Safranek
2ace532e45 Sync OCTEON fix 
1. The sniffer's global device ID wasn't tagged as global.
2. Make sure the sniffer's global device ID is used.
 2019-11-14 14:21:44 -08:00
David Garske
af142b307b Support for WebRTC (ref m79): 
* Fixed `set1_curves_list` API's to use `const char*` for names.
* Fixed `ossl_typ.h` to include `ssl.h` compatibility.
* Added `SSL_CTX_up_ref`.
* Added `wolfSSL_set1_curves_list`
* Added `TLS_method` and `DTLS_method`
* Added `SSL_CIPHER_standard_name`.
* Added `X509_STORE_CTX_get0_cert`
* Added `SSL_CTX_set_cert_verify_callback`.
* Enabled "either" side support when `--enable-opensslall` is used.
* Changed `SSL_CIPHER_get_rfc_name` to use `wolfSSL_CIPHER_get_name` instead of stub.
 2019-11-13 12:34:33 -08:00
toddouska
99292158e4 Merge pull request #2573 from JacobBarthelmeh/staticmemory 
handle case to avoid memcpy when staticmemory IO pool gives same buffer
 2019-11-13 11:29:13 -08:00
toddouska
46bc8e092a Merge pull request #2582 from ejohnstown/abi-current 
ABI
 2019-11-13 11:24:45 -08:00
David Garske
d8e40dea3f Fixes from peer review: 
* Reduced codesize when building with `OPENSSL_EXTRA_X509_SMALL`.
* Additional argument checks in `wolfSSL_ASN1_BIT_STRING_set_bit`, `wolfSSL_ASN1_STRING_to_UTF8`, `wolfSSL_RSA_meth_new`, `wolfSSL_RSA_meth_set`.
* Fix for compiler warnings in asn.c using strncmp to duplicate string. "specified bound depends on the length of the source argument"
 2019-11-11 15:39:23 -08:00
David Garske
d17748b1ad Fix for EC_GROUP_order_bits and added unit test. 2019-11-11 14:58:23 -08:00
David Garske
2bae1d27a1 wolfSSL Compatibility support for OpenVPN 
* Adds compatibility API's for:
	* `sk_ASN1_OBJECT_free`
	* `sk_ASN1_OBJECT_num`
	* `sk_ASN1_OBJECT_value`
	* `sk_X509_OBJECT_num`
	* `sk_X509_OBJECT_value`
	* `sk_X509_OBJECT_delete`
	* `sk_X509_NAME_find`
	* `sk_X509_INFO_free`
	* `BIO_get_len`
	* `BIO_set_ssl`
	* `BIO_should_retry` (stub)
	* `X509_OBJECT_free`
	* `X509_NAME_get_index_by_OBJ`
	* `X509_INFO_free`
	* `X509_STORE_get0_objects`
	* `X509_check_purpose` (stub)
	* `PEM_read_bio_X509_CRL`
	* `PEM_X509_INFO_read_bio`
	* `ASN1_BIT_STRING_new`
	* `ASN1_BIT_STRING_free`
	* `ASN1_BIT_STRING_get_bit`
	* `ASN1_BIT_STRING_set_bit`
	* `DES_check_key_parity`
	* `EC_GROUP_order_bits`
	* `EC_get_builtin_curves`
	* `EVP_CIPHER_CTX_cipher`
	* `EVP_PKEY_get0_EC_KEY`
	* `EVP_PKEY_get0_RSA`
	* `EVP_PKEY_get0_DSA` (stub)
	* `HMAC_CTX_new`
	* `HMAC_CTX_free`
	* `HMAC_CTX_reset`
	* `HMAC_size`
	* `OBJ_txt2obj`
	* `RSA_meth_new`
	* `RSA_meth_free`
	* `RSA_meth_set_pub_enc`
	* `RSA_meth_set_pub_dec`
	* `RSA_meth_set_priv_enc`
	* `RSA_meth_set_priv_dec`
	* `RSA_meth_set_init`
	* `RSA_meth_set_finish`
	* `RSA_meth_set0_app_data`
	* `RSA_get_method_data`
	* `RSA_set_method`
	* `RSA_get0_key`
	* `RSA_set0_key`
	* `RSA_flags`
	* `RSA_set_flags`
	* `RSA_bits`
	* `SSL_CTX_set_ciphersuites`
	* `SSL_CTX_set_security_level` (stub)
	* `SSL_export_keying_material` (stub)
	* `DSA_bits` (stub)
* Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505.
* Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`.
* Cleanup of "sk" compatibility.
 2019-11-11 14:58:23 -08:00
John Safranek
5a21cec030 wolfSSL ABI 
Add ABI tags to the functions wolfSSL_Cleanup() to match wolfSSL_Init(),
wolfSSL_X509_free to match wolfSSL_load_certificate_file() which
allocates memory.
 2019-11-11 10:16:58 -08:00
toddouska
8246e02756 Merge pull request #2502 from cariepointer/gcm-tls10-fix 
Return error with AES-GCM and negotiated versions < TLSv1.2
 2019-11-08 15:06:54 -08:00
John Safranek
c6fa49d4b4 wolfSSL ABI 
Add the ABI tag to the prescribed list of functions in the header and source files.
 2019-11-08 15:06:18 -08:00
Jacob Barthelmeh
fd3e4abb46 handle case to avoid memcpy when staticmemory IO pool gives same buffer 2019-11-07 11:36:20 -07:00
toddouska
b2270a068f Merge pull request #2566 from SparkiDev/malloc_unused_fix 
Fix unused parameter when XMALLOC doesn't use params
 2019-11-06 13:08:48 -08:00
toddouska
15d4da1e14 Merge pull request #2562 from JacobBarthelmeh/staticmemory 
fix for memory management on edge case with staticmemory
 2019-11-06 13:04:33 -08:00
tmael
969488434a Merge pull request #2544 from JacobBarthelmeh/SanityChecks 
add null checks (QSH and CRYPTOCELL)
 2019-11-06 12:18:00 -08:00
JacobBarthelmeh
cd7001904a Merge pull request #2561 from ejohnstown/x509-loss 
X.509 and Secure Renegotiation
 2019-11-06 10:53:18 -07:00
Sean Parkinson
d4ca48a513 Fix unused parameter when XMALLOC doesn't use params 2019-11-06 15:46:19 +10:00
Sean Parkinson
d2c4798459 Modify linked list traversal - fix for compiler bug 
KeyShare and PreSharedKey traverse linked list using a handle.
Customer reported their compiler couldn't handle the assignment, so,
using a temporary.
 2019-11-06 08:57:33 +10:00
Jacob Barthelmeh
890eb415b1 fix for memory management on edge case with staticmemory 2019-11-05 15:13:26 -07:00
David Garske
e48cf88a70 Merge pull request #2556 from embhorn/arm-test-fix 
Fix for ARM platforms
 2019-11-05 12:25:56 -08:00
John Safranek
72e1afbe99 X.509 and Secure Renegotiation 
1. When retaining the handshake resources for a session using resumption, do not delete the peer's certificate. If keeping peer certificates is enabled, the certificate needs to exist so it may be examined.
2. Free the saved peer certificate when receiving a peer certificate during a renegotiation.
 2019-11-05 11:03:34 -08:00
Chris Conlon
e429558166 use wc_RsaPSS_CheckPadding() for selftest build instead of extended 2019-11-05 10:48:36 -07:00
toddouska
e2b7bee9c8 Merge pull request #2533 from cariepointer/apache_bio_want_read 
Apache: Return WANT_READ in wolfSSLReceive if BIO retry and read flags are set
 2019-11-04 16:52:28 -08:00
toddouska
b723acf0f6 Merge pull request #2534 from SparkiDev/pss_1024_sha512_tls12 
Pass the length of the RSA key in bits to PSS padding check in TLS
 2019-11-04 11:42:55 -08:00
toddouska
f4afa4bc87 Merge pull request #2540 from SparkiDev/etm_rehand 
Fix Encrypt-Then-MAC when rehandshaking
 2019-11-04 11:41:44 -08:00
Eric Blankenhorn
16899b55b2 Fix for ARM platforms 2019-11-04 11:54:36 -06:00
toddouska
9e852b3867 Merge pull request #2539 from dgarske/mutex_ref 
Fixes for cases where mutex was not being free'd
 2019-10-31 13:10:04 -07:00
toddouska
626e0efd99 Merge pull request #2530 from SparkiDev/pkcs11_tls_client 
Use the public key type as private key type with PKCS #11
 2019-10-31 13:06:32 -07:00