Merge branch 'master' of github.com:cyassl/cyassl

2013-12-12 11:06:21 -08:00 · 2013-12-12 11:06:21 -08:00 · 9d6182d279
commit 9d6182d279
parent 26a26fa19d 5909f5c2c0
7 changed files with 47 additions and 20 deletions
--- a/configure.ac
+++ b/configure.ac
@ -311,14 +311,14 @@ fi

 # SNIFFER
 AC_ARG_ENABLE([sniffer],
-              [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
-               AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
-                      ENABLED_SNIFFER=yes 
-                      AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
-                      ],[ ENABLED_SNIFFER=no ]) ])
-               ],[
-                  ENABLED_SNIFFER=no
-                  ])
+   [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[
+   AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ 
+       ENABLED_SNIFFER=yes 
+       AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
+   ],[ AC_MSG_ERROR([cannot enable sniffer without having libpcap available.]) ]) ])
+   ],[
+       ENABLED_SNIFFER=no
+   ])

 AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ])

--- a/ctaocrypt/src/asn.c
+++ b/ctaocrypt/src/asn.c
@ -2646,6 +2646,7 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
            CYASSL_MSG("Verify Signautre has unsupported type");
            return 0;
    }
+    (void)typeH;  /* some builds won't read */

    switch (keyOID) {
    #ifndef NO_RSA
@ -3339,6 +3340,7 @@ static void DecodeCertExtensions(DecodedCert* cert)
        }
        idx += length;
    }
+    (void)critical;

    CYASSL_LEAVE("DecodeCertExtensions", 0);
    return;
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@ -823,9 +823,9 @@ CYASSL_API CYASSL_X509*
 #ifndef NO_FILESYSTEM
 CYASSL_API CYASSL_X509*
    CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file);
-#endif
 CYASSL_API CYASSL_X509*
    CyaSSL_X509_load_certificate_file(const char* fname, int format);
+#endif

 #ifdef CYASSL_SEP
    CYASSL_API unsigned char*
--- a/src/internal.c
+++ b/src/internal.c
@ -635,8 +635,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
    if (suites->setSuites)
        return;      /* trust user settings, don't override */

-    if (side == CYASSL_SERVER_END && haveStaticECC)
+    if (side == CYASSL_SERVER_END && haveStaticECC) {
        haveRSA = 0;   /* can't do RSA with ECDSA key */
+        (void)haveRSA; /* some builds won't read */
+    }

    if (side == CYASSL_SERVER_END && haveECDSAsig) {
        haveRSAsig = 0;     /* can't have RSA sig if signed by ECDSA */
@ -8118,7 +8120,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
            case ecc_diffie_hellman_kea:
                {
                    ecc_key  myKey;
-                    ecc_key* peerKey = &myKey;
+                    ecc_key* peerKey = NULL;
                    word32   size = sizeof(encSecret);

                    if (ssl->specs.static_ecdh) {
@ -8133,6 +8135,9 @@ static void PickHashSigAlgo(CYASSL* ssl,
                        peerKey = ssl->peerEccKey;
                    }

+                    if (peerKey == NULL)
+                        return NO_PEER_KEY;
+
                    ecc_init(&myKey);
                    ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
                    if (ret != 0)
--- a/src/sniffer.c
+++ b/src/sniffer.c
@ -417,6 +417,13 @@ void ssl_FreeSniffer(void)

    FreeMutex(&SessionMutex);
    FreeMutex(&ServerListMutex);
+
+    if (TraceFile) {
+        TraceOn = 0;
+        fclose(TraceFile);
+        TraceFile = NULL;
+    }
+
    CyaSSL_Cleanup();
 }

--- a/src/ssl.c
+++ b/src/ssl.c
@ -1730,6 +1730,7 @@ int CyaSSL_Init(void)
        der.buffer    = 0;

        (void)dynamicType;
+        (void)rsaKey;

        if (used)
            *used = sz;     /* used bytes default to sz, PEM chain may shorten*/
@ -1980,7 +1981,8 @@ int CyaSSL_Init(void)
                }
                ecc_free(&key);
                eccKey = 1;
-                ctx->haveStaticECC = 1;
+                if (ctx)
+                    ctx->haveStaticECC = 1;
                if (ssl)
                    ssl->options.haveStaticECC = 1;
            }
@ -7561,6 +7563,8 @@ CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len)
 }


+#ifndef NO_FILESYSTEM
+
 CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file)
 {
    CYASSL_X509* newX509 = NULL;
@ -7684,6 +7688,7 @@ CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format)
    return x509;
 }

+#endif /* NO_FILESYSTEM */

 #endif /* KEEP_PEER_CERT || SESSION_CERTS */

--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@ -69,18 +69,25 @@ enum {
 };


-pcap_t* pcap = 0;
-pcap_if_t *alldevs;
+pcap_t* pcap = NULL;
+pcap_if_t* alldevs = NULL;
+
+
+static void FreeAll(void)
+{
+    if (pcap)
+        pcap_close(pcap);
+    if (alldevs)
+        pcap_freealldevs(alldevs);
+#ifndef _WIN32
+    ssl_FreeSniffer();
+#endif
+}

 static void sig_handler(const int sig) 
 {
    printf("SIGINT handled = %d.\n", sig);
-    if (pcap)
-        pcap_close(pcap);
-	pcap_freealldevs(alldevs);
-#ifndef _WIN32
-    ssl_FreeSniffer();
-#endif
+    FreeAll();
    if (sig)
        exit(EXIT_SUCCESS);
 }
@ -286,6 +293,7 @@ int main(int argc, char** argv)
        else if (saveFile)
            break;      /* we're done reading file */
    }
+    FreeAll();

    return EXIT_SUCCESS;
 }