mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,426 Commits 5 Branches 162 Tags 807 MiB
0048c20fe5
Commit Graph

662 Commits

Author SHA1 Message Date
John Safranek
a695599667 bug fix in default ocsp lookup function 2013-01-03 17:58:45 -08:00
John Safranek
ac227910f1 modify OCSP to use a replacable callback to perform the OCSP transaction 2013-01-03 17:19:56 -08:00
toddouska
53e4c2ed72 fix pvs studio warnings 2013-01-02 11:39:12 -08:00
toddouska
0c363a17f1 init blake2 2012-12-31 13:10:47 -08:00
toddouska
acb3e446ab typo 2012-12-29 13:33:13 -08:00
toddouska
27a7cf609b only do Init once per compression rounds 2012-12-29 13:30:23 -08:00
toddouska
3d88d8851a sslv3 may have bad padding, can't verify 2012-12-29 13:11:31 -08:00
toddouska
640a0cb0e3 fix stream hmac check on multi data 2012-12-28 18:55:18 -08:00
toddouska
4c453d4d69 have server side reply unexpected_message for hello_request 2012-12-28 14:36:19 -08:00
toddouska
f073f49ead make sure handshake complete before sending encrypted alert 2012-12-28 14:29:15 -08:00
toddouska
6d3728fe61 fix ripemd compression round 2012-12-28 14:19:28 -08:00
toddouska
23ff36075b check RSA explicit size 2012-12-28 12:28:25 -08:00
toddouska
09ea7169d7 use exisiting dummy data for compression round 2012-12-28 11:48:30 -08:00
John Safranek
7ac6a21af5 updated comment for aead in SanityCheckCipherText() 2012-12-27 19:51:06 -08:00
toddouska
561906cffd Merge branch 'master' of github.com:cyassl/cyassl 2012-12-27 16:36:48 -08:00
toddouska
f0bc61a5d3 add more robust pad/verify checks 2012-12-27 16:35:43 -08:00
John Safranek
e70838e984 Merge branch 'ecc' 2012-12-27 11:41:20 -08:00
John Safranek
581f91b984 Merge branch 'master' of github.com:cyassl/cyassl 2012-12-27 11:40:17 -08:00
Chris Conlon
60f4919ee6 add STM32 to README 2012-12-27 10:16:08 -07:00
Chris Conlon
254d53bb18 add CYASSL_STM32F2 define, LwIP errno.h 2012-12-27 10:06:29 -07:00
John Safranek
cf114b92df made the ecc keys in the CYASSL struct dynamic 2012-12-26 16:39:19 -08:00
John Safranek
6913a46331 Merge branch 'master' of github.com:cyassl/cyassl 2012-12-26 10:40:28 -08:00
toddouska
59419bef89 non block type ciphertext sanity checks 2012-12-26 10:11:15 -08:00
John Safranek
5bc976ee0f free ecc keys at the end of handshaking 2012-12-26 09:49:53 -08:00
toddouska
9c58f70e29 add ciphertext size sanity checks 2012-12-24 15:40:09 -08:00
John Safranek
831c760edc Merge branch 'ocsp' 
Fixes some bugs in the ocsp code, and adds a new option to skip nonces.
 2012-12-20 16:26:49 -08:00
John Safranek
51787db76b changed ocsp lookup to use dynamic mem for request rather than stack 2012-12-19 18:09:05 -08:00
John Safranek
4e657debfc added the ability to disable OCSP nonces 2012-12-19 10:18:11 -08:00
John Safranek
b36bc55197 Merge branch 'ocsp' 2012-12-17 22:23:31 -08:00
John Safranek
359e86adf6 1. When OCSP and CRL enabled, checks CRL if unable to contact OCSP responder 
and OCSP was enabled.
2. Fixed a couple string typos.
3. Only check OCSP if cert successfully parsed.
 2012-12-17 22:19:20 -08:00
toddouska
b25061844c remove hmac array initializers to 0 when non full because of reported compiler weirdness from user 2012-12-14 16:47:03 -08:00
toddouska
0e67cd17d6 clang opensslExtra fix 2012-12-12 20:04:10 -08:00
toddouska
726d686b07 fix clang scan-build problems 2012-12-12 18:03:32 -08:00
John Safranek
977ff51ad5 Merge branch 'master' of github.com:cyassl/cyassl 2012-12-12 09:42:21 -08:00
John Safranek
ac1890922b removed unused variable from lookup cert 2012-12-12 08:53:51 -08:00
toddouska
7e8438b7b4 fix pvs studio warnings 2012-12-11 11:33:49 -08:00
John Safranek
e925fbdbd6 check correct pointer before freeing when done looking up cert 2012-12-07 15:49:43 -08:00
toddouska
5ecca5a89d user no longer has to call CyaSSL_Init 2012-12-06 09:26:59 -08:00
toddouska
067f10ae8e add enable-valgrind 2012-12-04 21:28:18 -08:00
John Safranek
8c97675979 Lean PSK trimming 
1. leave out memory and io callback functions, expect user supplied
2. leave out cert and DTLS related functions
3. SHA-1 compile option to use slower, rolled-up transform
 2012-11-30 15:45:43 -08:00
toddouska
6e4d33eb00 move ProtocolVersion struct members directly into RecordLayerHeader 2012-11-28 16:34:41 -08:00
toddouska
6280aa9c91 make sure converted errors are handled by string output 2012-11-28 11:54:25 -08:00
John Safranek
77bf77dfd7 Merge branch 'master' of github.com:cyassl/cyassl 2012-11-27 22:19:01 -08:00
John Safranek
66a3ce2ec1 added SHA-256 based RNG when setting NO_RC4 compile flag 2012-11-27 22:17:25 -08:00
toddouska
4af555b502 unused no_session_cache fix 2012-11-27 15:39:40 -08:00
toddouska
faa7283ff3 fix crl resource leaks 2012-11-27 11:36:36 -08:00
John Safranek
f8f7f69f48 compile option to leave out MD5 and SSL code 2012-11-26 18:40:43 -08:00
John Safranek
78c1d592cc Merge branch 'master' of github.com:cyassl/cyassl 2012-11-20 14:54:59 -08:00
John Safranek
a89398fdbc added the cipher suites PSK-NULL-SHA256 and PSK-AES128-CBC-SHA256 2012-11-20 14:52:17 -08:00
toddouska
da386691a1 allow no end of line on last line of PEMs 2012-11-20 12:45:24 -08:00
toddouska
d4035e5f62 add freebsd crl-monitor support 2012-11-16 13:25:45 -08:00
toddouska
dd259b12c7 add CyaSSL_peek() 2012-11-16 12:16:00 -08:00
toddouska
5d912d4c2b shadow crl-monitor linux fix 2012-11-16 10:54:36 -08:00
toddouska
9ac2eaa3d6 fix ipv6 unused warning, add os check for crl monitor 2012-11-16 10:47:13 -08:00
toddouska
5767db4cb5 minor warnings fixes 2012-11-13 18:32:13 -08:00
Chris Conlon
54a7740cfe substitue posix.h for errno.h in MQX build 2012-11-12 14:25:59 -07:00
toddouska
53c14bdf1f fix XMALLOC_USER typos 2012-11-07 17:10:34 -08:00
John Safranek
b8c9247769 for lean-psk build: remove big int math, MD4, error strings 2012-11-02 16:49:31 -07:00
John Safranek
5e48dcbeeb fixed build warning with Fortress build 2012-11-01 15:59:13 -07:00
John Safranek
9aa8b71525 Merge branch 'nocerts' 2012-11-01 15:47:02 -07:00
John Safranek
90e6a4dd8c linux build warnings fix 2012-11-01 15:27:05 -07:00
John Safranek
134c6b8b1b cleaning warnings in OCSP build 2012-11-01 15:03:29 -07:00
toddouska
ae905d70c4 crl warning fixes 2012-11-01 14:14:40 -07:00
John Safranek
85e8f1988a leanpsk build removes cert code, moved ctaocrypt error strings to own file 2012-11-01 12:36:47 -07:00
toddouska
0e2c236e77 fix x64 windows warnings, make sure word is 64bit 2012-11-01 12:21:47 -07:00
Chris Conlon
f6304ae37a add support for Freescale MQX 2012-11-01 11:23:42 -06:00
toddouska
a4220120ba remove memset for setcokopt uninit 2012-10-31 15:43:08 -07:00
toddouska
6348f3f2c7 fix valgrind uninit warning on dtls setsockopt 2012-10-31 13:26:03 -07:00
toddouska
01138a5c53 fix stack-check warnings for newer versions but fastmath still has some so take away warning for now 2012-10-30 17:35:12 -07:00
John Safranek
174618ebfb added build option for leanPSK 2012-10-29 15:39:42 -07:00
toddouska
35b4f08049 add CyaSSL_send()/recv() with flags parameter 2012-10-26 15:09:58 -07:00
toddouska
d4d5243f4d add user ability to set IO read/write flags 2012-10-25 14:17:11 -07:00
toddouska
01ae0696af shorten64 fixes for key-gen/cert-gen 2012-10-25 12:31:11 -07:00
toddouska
0bbbea20be switch sniffer buffers to dynamic, reduce holding memory if large number of sessions cached 2012-10-24 17:37:57 -07:00
toddouska
3e7619c785 make sure sniffer frees handhsake resources early 2012-10-24 14:51:04 -07:00
toddouska
f969bc3645 if sniffer sees ACK for missing packet(s) set to error, can't recover 2012-10-24 13:33:11 -07:00
John Safranek
ba2a7f2627 Merge branch 'master' of github.com:cyassl/cyassl 2012-10-24 11:27:05 -07:00
John Safranek
936d0ff7a9 fixed off-by-one dtls cookie size check. fixed some warnings when disabling features 2012-10-24 11:05:50 -07:00
toddouska
2885d66b17 remove fatal sniffer error sessions right away 2012-10-23 16:32:47 -07:00
toddouska
4d719897a5 Merge branch 'master' of github.com:cyassl/cyassl 2012-10-22 17:29:19 -07:00
toddouska
aef97af361 make rabbit optional with configure option 2012-10-22 17:28:46 -07:00
John Safranek
5a421c04e7 Merge branch 'master' of github.com:cyassl/cyassl 2012-10-22 14:50:02 -07:00
John Safranek
d78770c1e5 change null cipher to allow different buffers 2012-10-22 14:48:27 -07:00
toddouska
cb08eb672e Merge branch 'master' of https://github.com/BrianAker/cyassl 2012-10-22 10:56:53 -07:00
John Safranek
a92b639155 add optional null cipher support for RSA 2012-10-19 20:52:22 -07:00
Brian Aker
b883cc55a4 Fix rules around pthread usage to fix clang warning. 2012-10-19 20:09:17 -07:00
toddouska
a5d7a3ea8f fix opensslExtra with psk server example, add psk to commit tests 2012-10-19 12:54:15 -07:00
toddouska
c974d77213 add shorten 64 to 32 warnings back on with fixes 2012-10-19 12:44:23 -07:00
John Safranek
346a52a58c add optional null cipher support for PSK 2012-10-19 10:37:21 -07:00
John Safranek
e673b1852a fixed windows build warnings 2012-10-09 16:13:05 -07:00
toddouska
4a739f6bc7 sniffer handshake state fix for sanity checks 2012-10-05 13:39:11 -07:00
toddouska
57e7e28d6d Merge branch 'master' of github.com:cyassl/cyassl 2012-10-03 17:10:05 -07:00
toddouska
9ca07d1f4d dtls may have different first handshake message 2012-10-03 17:09:45 -07:00
John Safranek
0d80343073 Merge branch 'master' of github.com:cyassl/cyassl 2012-10-03 16:53:55 -07:00
toddouska
257d10a69f sanity check for out of order handshake messages 2012-10-03 16:44:08 -07:00
toddouska
66c95b0c15 DoAppData sanity check for handshake complete 2012-10-03 16:36:00 -07:00
John Safranek
397fbb743f Merge branch 'master' of github.com:cyassl/cyassl 2012-10-03 15:33:23 -07:00
John Safranek
95a30e3f0a windows bug fix on dtls retry 2012-10-03 15:29:28 -07:00
toddouska
e970cdfbc0 init cipher specs, check client key exchange state b4 process 2012-10-03 11:57:20 -07:00
John Safranek
9bbca6acfb Merge branch 'master' of github.com:cyassl/cyassl 2012-10-02 14:42:06 -07:00
John Safranek
6d1e485ef4 DTLS to use recvfrom and sendto in embed recv and send callbacks. Added support for storing dtls peer address. 2012-10-02 09:15:50 -07:00
toddouska
36eeab927b fix sniffer assert comparison on newer gcc 2012-10-01 13:16:37 -07:00
toddouska
e0413df92a add key setup flag for malicious or misbehaving handshake messages with new memory system 2012-10-01 11:32:05 -07:00
toddouska
e5c04e70a7 make sure existing nonblocking users still work 2012-09-28 15:10:35 -07:00
toddouska
dd421ebb7d cleaner sniffer mem fix 2012-09-28 11:04:20 -07:00
toddouska
30bec6c193 fix sniffer out of memory potential problem 2012-09-28 10:58:33 -07:00
John Safranek
dfb84dff37 added accessors for CYASSL members for use in send/recv callbacks 2012-09-25 15:51:56 -07:00
John Safranek
cd0226924a Merge branch 'master' of github.com:cyassl/cyassl 2012-09-21 16:37:34 -07:00
John Safranek
9643e58dad fixed bug for Windows build 2012-09-21 16:36:48 -07:00
toddouska
4e19c234f4 fix new warnings on linux64 2012-09-21 13:29:04 -07:00
John Safranek
c3aedc940f improved dtls retry on connect 2012-09-21 09:36:01 -07:00
John Safranek
08a3423f43 changed error return code for dtls functions to NOT_COMPILED_IN 2012-09-19 09:09:27 -07:00
John Safranek
059db7f69c check the return code of DtlsPoolSave() 2012-09-18 16:00:30 -07:00
John Safranek
d1068d25d1 fixed another compile warning 2012-09-18 12:05:16 -07:00
John Safranek
68cb6044cb Merge branch 'master' of github.com:cyassl/cyassl 2012-09-18 11:41:25 -07:00
John Safranek
989d7f4aad fixed windows build warning 2012-09-18 11:11:45 -07:00
toddouska
f6c5bf032d update sniffer more memory changes 2012-09-18 09:08:40 -07:00
John Safranek
d1baa9f541 Merge branch 'master' of github.com:cyassl/cyassl 2012-09-18 08:46:11 -07:00
toddouska
53ccbddd01 allow meta PEM data at end of file too 2012-09-17 17:25:38 -07:00
John Safranek
88bba146ae fixed bug with handshake defragmentation and ordering 2012-09-17 11:32:36 -07:00
John Safranek
40eb5b3cc5 DTLS resend allocates only enough buffer when needed 2012-09-17 09:52:20 -07:00
John Safranek
40972868ce fix merge conflicts 2012-09-14 21:19:06 -07:00
John Safranek
7899252104 dtls handshake improvement 2012-09-14 19:30:50 -07:00
John Safranek
56ee2eaba8 added dtls message retry 2012-09-14 09:35:34 -07:00
John Safranek
97ca8439a4 Merge branch 'master' of github.com:cyassl/cyassl 2012-09-07 08:30:03 -07:00
John Safranek
407397e8be adding DTLS retry timeout, added CYASSL pointer to recv/send callbacks 2012-09-06 22:41:55 -07:00
toddouska
8c32a5a2ed make RNG in ssl dynamic, release after hs if stream or < tls1.1 2012-09-05 16:18:29 -07:00
toddouska
9ddf43268d use dynamic memory for ssl ciphers, only use what needed 2012-09-05 12:30:51 -07:00
toddouska
c47afaf84f make suites object dynamic, only use during handshake 2012-09-05 10:17:48 -07:00
toddouska
56960ef1cc cyassl object size debug output 2012-09-05 09:02:51 -07:00
toddouska
43a0a21fb6 add GetOjbectSize for CYASSL* 2012-09-05 08:26:08 -07:00
toddouska
982526ed13 go straight to p_hash in TLS 1.2 to remove PRF stack use 2012-09-04 16:34:26 -07:00
toddouska
0ee22d8f94 don't use SSL Master Secret stack space in TLS mode 2012-09-04 16:03:45 -07:00
toddouska
6943229f87 reduce client key exchange stack use in non NTRU mode 2012-09-04 15:56:52 -07:00
toddouska
b1e603ae6b opensslextra clang static fixes 2012-09-04 15:47:40 -07:00
toddouska
1ba8aff525 don't allow corrupted change cipher (fix by antoxa), don't allow multiple decryptions of corrupted messages 2012-09-04 11:37:47 -07:00
toddouska
2bee126062 clang scan-build fixes 2012-09-04 10:48:26 -07:00
John Safranek
820d934ae8 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-28 09:37:02 -07:00
John Safranek
c9625789cd allow early DTLS datagrams, but drop late ones. 2012-08-28 08:55:31 -07:00
toddouska
30a264eb65 make sure mp_init return always checked 2012-08-27 11:30:22 -07:00
John Safranek
98bc1f8c46 fix build warning 2012-08-23 16:28:24 -07:00
John Safranek
561a7fc35d drop out of order dtls packets 2012-08-23 15:50:56 -07:00
John Safranek
f6cca6049f Merge branch 'master' of github.com:cyassl/cyassl 2012-08-22 16:16:49 -07:00
John Safranek
79c14dc825 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-22 15:36:07 -07:00
John Safranek
31d036178e fix DTLS cookies and session resumption 2012-08-22 14:06:08 -07:00
toddouska
87762e9012 SafeRTOS client test fixes 2012-08-22 11:07:40 -07:00
John Safranek
c20eb88d3d Merge branch 'master' of github.com:cyassl/cyassl 2012-08-17 14:21:17 -07:00
toddouska
690938ffd4 lsr fs macros 2012-08-17 13:45:31 -07:00
toddouska
925ddb6626 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-15 17:00:34 -07:00
toddouska
05692e1d6a IAR fixes, SafeRTOS port, better LWIP support 2012-08-15 17:00:11 -07:00
John Safranek
c42792e0f1 fix compiler warnings 2012-08-14 13:51:56 -07:00
Chris Conlon
198e48fa94 minor RTIP adjustments 2012-08-14 13:10:27 -06:00
John Safranek
9d912970c8 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-13 17:33:20 -07:00
Chris Conlon
7ec04c16b6 EBSnet RTIP support 2012-08-13 17:10:05 -06:00
John Safranek
c08debf236 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-13 16:04:41 -07:00
John Safranek
bfd510b919 cleaned up the cookie generator for Windows and IPv4 only 2012-08-13 15:05:28 -07:00
toddouska
4c66c4c3b5 use XBADFILE for init in bad state 2012-08-13 10:59:34 -07:00
toddouska
220bd66a63 allow XFILE to work with non pointer types 2012-08-13 10:53:47 -07:00
John Safranek
1c2a3eddc1 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-10 14:15:31 -07:00
toddouska
d5fdb74d9a fix small build proper 2012-08-10 12:40:22 -07:00
John Safranek
70552ef8e1 added DTLS handshake message defragmentation 2012-08-10 10:24:31 -07:00
John Safranek
11df1d25d4 fixed the dtls handshake header handling 2012-08-09 13:27:30 -07:00
John Safranek
93c89ccc35 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-09 11:02:27 -07:00
John Safranek
6722022201 splitting off dtls handshake header to be handled differently 2012-08-09 11:02:21 -07:00
toddouska
80326fa1fa pub EmbedGenerateCookie around dtls for now 2012-08-08 17:21:03 -07:00
toddouska
18c3679444 fix DLTS cookieSz init problem 2012-08-08 16:56:19 -07:00
toddouska
17a92e76d3 add aesgcm openssl, and fix requires to use our local enum for aesgcm 2012-08-08 15:37:00 -07:00
toddouska
08ff33894f add ECDH static cipher suite tests including RSA signed ECDH, clean up code with haveECDSA -> haveECDSAsig 2012-08-08 15:09:26 -07:00
John Safranek
3747246133 added the generation, verification, and client usage of DTLS handshake cookies 2012-08-08 10:38:12 -07:00
Chris Conlon
afa27f0021 FreeRTOS threads support, windows simulator support 2012-08-02 09:54:41 -06:00
John Safranek
b8b5e7b873 Merge branch 'master' of github.com:cyassl/cyassl 2012-07-31 18:42:44 -07:00
toddouska
a5af2e3d51 add altname retrieval from peer cert 2012-07-31 17:45:48 -07:00
John Safranek
ab570a2130 aes-gcm wrap two new aes-gcm code bits with ifdef option 2012-07-31 16:26:17 -07:00
John Safranek
368afbb815 Merge branch 'master' of github.com:cyassl/cyassl 2012-07-31 10:11:21 -07:00
John Safranek
9b8c5fb40e aes-gcm: modified to use sequence number rather that a random explicit IV 2012-07-31 09:32:29 -07:00
toddouska
85889f7fb9 add md2 signature hash support 2012-07-27 14:01:02 -07:00
toddouska
e2eb1b78cc Merge branch 'master' of github.com:cyassl/cyassl 2012-07-27 12:32:42 -07:00
toddouska
6e84ab1271 add max chain depth unique error, increase depth to 6 2012-07-27 12:32:22 -07:00
John Safranek
3cd231bdfc Merge branch 'master' of github.com:cyassl/cyassl 2012-07-24 15:04:16 -07:00
John Safranek
cf7e8baa19 moved aes-gcm cipher suites around in the list to follow the existing suites 2012-07-23 15:15:40 -07:00
toddouska
aa164e5266 make compression more standard, no size prefix, default zlib comp, check verify before overwrite w/ decomp... still needs FIN and ALERT processing 2012-07-23 13:47:30 -07:00
John Safranek
489fbf17fe Merge branch 'master' of github.com:cyassl/cyassl 2012-07-19 17:22:16 -07:00
John Safranek
cb178856a8 added 64-bit (default), 32-bit version, and 8-bit table based AES-GCM for faster operation. Selection made at configure. 2012-07-19 14:44:08 -07:00
toddouska
6f2b1b90a9 move check_priv for libdrizzle 2012-07-17 15:55:20 -07:00
toddouska
d408f01863 add mystrnstr for buffer searching of PEM with no null terminator 2012-07-17 12:01:37 -07:00
John Safranek
ac79d3b145 replaced magic numbers with named constants, renamed some constants 2012-07-17 10:00:45 -07:00
toddouska
c9a4e9d56b fix DHE client side leak 2012-07-13 16:54:31 -07:00
toddouska
4ffb3bbaae make sure ssl init does all inits before erroring out 2012-07-13 12:31:15 -07:00
John Safranek
aaad893804 fixed merge conflict 2012-07-12 08:39:57 -07:00
toddouska
1f0a32a7e3 use internal enum for cipher requires, move external enums back to starting at zero 2012-07-11 17:00:16 -07:00
John Safranek
bdacd5e8c4 cleaned up lots-o-warnings build 2012-07-09 10:33:05 -07:00
John Safranek
1ac6db9d1d added basic hello extension support for TLSv1.2, renumbered the algorithm enumerations to match RFC 2012-07-09 10:02:34 -07:00
John Safranek
fe64523480 backed out an earlier change pending more research 2012-07-02 12:36:28 -07:00
John Safranek
eb302b91b0 Merge branch 'master' of github.com:cyassl/cyassl 2012-06-30 16:29:10 -07:00
John Safranek
b1e39f66a3 fixed a cipher suite name typo, changed the selection of the ECDH-RSA ciphers in InitSuites() 2012-06-30 15:50:25 -07:00
toddouska
638c095737 better error output for temp keys or compression on sniffer 2012-06-29 10:59:48 -07:00
John Safranek
5dc0303dee cipher suite setup oversight fixes 2012-06-28 23:09:13 -07:00
John Safranek
2ce28d0328 clean up from lots-o-warnings build 2012-06-28 15:13:41 -07:00
toddouska
22cb11f304 add hello_request and session_ticket handling to sniffer 2012-06-28 13:37:19 -07:00
John Safranek
6cdd8f46fa needed a bigger handshake hash array for SHA-384 cipher suites 2012-06-28 09:06:24 -07:00
John Safranek
00cda6ab72 tied SHA-384 into TLSv1.2 as appropriate 2012-06-27 14:41:16 -07:00
John Safranek
4e3d7f494b AES-GCM: fixed the encryption/decryption bug 2012-06-26 15:51:40 -07:00
John Safranek
3a9a195683 Initial draft of AES GCM cipher suites. Missing SHA-384 support. 2012-06-26 09:30:48 -07:00
John Safranek
918ea3a074 added the library framework for handling aes-gcm in TLS 2012-06-18 15:57:37 -07:00
toddouska
31bf833239 have separate --enable-crl-monitor 2012-06-05 11:31:00 -07:00
John Safranek
59e4c346f0 Merge branch 'master' of github.com:cyassl/cyassl 2012-06-05 10:38:46 -07:00
John Safranek
8f30850840 CRL fix label in debug output 2012-06-05 10:35:30 -07:00
toddouska
3d91a55b88 tls sanity check 2012-06-01 15:37:51 -07:00
toddouska
ba2d7f590e internal sanity checks on memcmp 2012-06-01 15:25:46 -07:00
toddouska
8a52cd3780 byte warning casts 2012-06-01 14:37:39 -07:00
John Safranek
6120f03173 ocsp response date checking 2012-06-01 11:57:03 -07:00
John Safranek
ca7bf0d01e Merge branch 'master' of github.com:cyassl/cyassl 2012-05-31 17:29:41 -07:00
John Safranek
6d76b2f247 dynamic allocation of OCSP responses, response signature check 2012-05-31 17:29:32 -07:00
toddouska
fbc5c8d6dc add SSL set version, different from ctx version 2012-05-31 15:24:25 -07:00
toddouska
a1157da304 move HAVE_OCSP to top of source for different build envs 2012-05-30 14:40:25 -07:00
toddouska
458302f9fe warning cast 2012-05-30 10:03:05 -07:00
toddouska
f528f5a7d3 add CertManager Verify with Buffer 2012-05-29 12:04:48 -07:00
John Safranek
4b8bb6cdfe fixed merge conflicts 2012-05-29 09:19:53 -07:00
John Safranek
9818fe4f55 changed DN hashing to cover the whole DER encoding per OCSP-RFC, OCSP changes towards dynamic storage of responses 2012-05-29 09:11:37 -07:00
toddouska
a1bb4e3f93 gcc-lots-o-warnings fixes 2012-05-25 13:09:27 -07:00
toddouska
6a62623c64 verify suite validity before server picks 2012-05-25 12:18:18 -07:00
toddouska
7332b4843c remove hard tabs, bad sublime setting 2012-05-24 20:10:38 -07:00
toddouska
3f35c86520 crl signature check, be sure to load CAs first 2012-05-24 15:49:38 -07:00
John Safranek
0a31dc3a37 renumbered new error codes and dynamic data types 2012-05-24 14:36:40 -07:00
John Safranek
e8e575fd58 public OCSP functions are available, just return errors when OCSP not compiled in 2012-05-24 14:12:28 -07:00
toddouska
baddc07300 check next crl date status 2012-05-24 14:07:59 -07:00
toddouska
73ddd32539 add crl checkall processing 2012-05-24 12:45:10 -07:00
toddouska
db7773aa54 linux crl dir monitoring fixes 2012-05-23 16:55:26 -07:00
toddouska
2b48f248c4 crl dir monitoring for linux and mac 2012-05-22 17:25:15 -07:00
John Safranek
97042d8661 OCSP use URL from cert as appropriate 2012-05-22 15:54:27 -07:00
John Safranek
708f38ac8d added OCSP error codes 2012-05-22 15:52:08 -07:00
John Safranek
09e24d5469 OCSP set option bug fix 2012-05-22 15:38:12 -07:00
John Safranek
2ed143bee0 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-20 14:53:07 -07:00
toddouska
ba6d956d02 fix sniffer resumption for new sessionId flag in 2.2.0 2012-05-19 14:37:26 -07:00
John Safranek
387d9400b9 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-18 17:06:09 -07:00
toddouska
ddb5c3a2aa crl potential memory leak fix 2012-05-18 16:01:21 -07:00
John Safranek
8bf2d13f89 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-18 15:33:54 -07:00
toddouska
88b46d58d7 small warning fix 2012-05-18 12:10:04 -07:00
toddouska
7e322558ef windows build fixes 2012-05-18 11:48:38 -07:00
toddouska
fd70122378 add external der CRL checker 2012-05-18 11:03:44 -07:00
toddouska
26153ffad6 add crl monitor flag, handle no revoked case 2012-05-18 10:52:32 -07:00
John Safranek
a3e94f335b fixed merge conflict 2012-05-18 10:25:16 -07:00
John Safranek
a697a60bfd fixed a bounds check error 2012-05-18 10:06:06 -07:00
toddouska
5bc728b882 fix lots o warnings 2012-05-17 17:44:54 -07:00
toddouska
4b8ab62bd1 don't retrieve or cache null sessions 2012-05-17 10:55:42 -07:00
toddouska
146e7ff1f4 c++ build fixes 2012-05-17 10:05:24 -07:00
Chris Conlon
b9773673f7 minor typo fix in PSK build 2012-05-17 10:20:51 -06:00
toddouska
ac92d30955 fix else braces 2012-05-17 07:55:25 -07:00
toddouska
08d9e57bf6 add crl missing url callback 2012-05-16 17:35:51 -07:00
toddouska
3ec2b9dbbc crl stage 2 2012-05-16 17:04:56 -07:00
toddouska
32095795f2 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-11 12:22:23 -07:00
toddouska
6210ff78aa init crl 2012-05-11 12:22:16 -07:00
toddouska
7b2d62f4f7 don't compare session id if server rejects 2012-05-11 12:21:17 -07:00
John Safranek
59e0181c8d checked the bytes written to the OCSP socket 2012-05-08 19:12:35 -07:00
John Safranek
ea2585963f flattens the serial number 2012-05-08 19:02:25 -07:00
John Safranek
4feeeeda55 OCSP request creation almost complete, added ocsp revoke error code 2012-05-08 18:32:57 -07:00
John Safranek
833552ebac OCSP tweak to clean warnings from build 2012-05-08 14:05:26 -07:00
John Safranek
344b60eb92 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-07 20:16:21 -07:00
toddouska
a97dbb8a14 global rng added to RAND_bytes 2012-05-07 19:36:19 -07:00
toddouska
968dfc4cf7 fortress ssh build fixes 2012-05-07 18:19:48 -07:00
John Safranek
d7d898697a updated OCSP, processes response 2012-05-07 17:19:52 -07:00
John Safranek
5aad32eb28 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-07 17:02:47 -07:00
toddouska
2a817adfcc ssh non ecc 2012-05-07 16:35:23 -07:00
John Safranek
7d1d277535 OCSP: opening socket, starting to build request 2012-05-05 23:38:28 -07:00
John Safranek
f9985f5399 merge fix 2012-05-05 14:49:17 -07:00
toddouska
4278a4ac99 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-03 18:07:46 -07:00
toddouska
4fe81df45c basic extneral cert manager added 2012-05-03 18:07:31 -07:00
Chris Conlon
37e994f4a2 exclude CyaSSL_connect_cert when using NO_CYASSL_CLIENT 2012-05-03 14:48:45 -06:00
toddouska
686a7395b1 fix potential ecc memory leak in ServerKeyExchange 2012-05-03 10:04:18 -07:00
toddouska
97e6a637e6 rest of ECDH suites 2012-05-03 09:57:17 -07:00
toddouska
a54f51d886 first static ECDH suite 2012-05-03 08:18:59 -07:00
John Safranek
7ee09ea23c Merge branch 'master' of github.com:cyassl/cyassl 2012-05-02 21:59:54 -07:00
toddouska
2a5db9371c BN help 2012-05-02 15:11:20 -07:00
John Safranek
669fbf2a14 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-02 14:45:37 -07:00
John Safranek
9c5bcca1ab updates to OCSP 2012-05-02 14:45:30 -07:00
toddouska
1c2b84d3dd ecc client certs 2012-05-02 10:30:15 -07:00
toddouska
f49b106aef ssh2 2012-05-01 16:12:12 -07:00
toddouska
dd431dbeff merge conflict 2012-04-26 15:01:00 -07:00
toddouska
0f5b0ff8c3 sha384 plus merge changes 2012-04-26 14:58:29 -07:00
John Safranek
c0783e4ec4 added configure option and a stub source file for OCSP 2012-04-13 09:39:19 -07:00
toddouska
607fcb2f3d allow peer cert get even on fatal verify 2012-04-09 11:56:28 -07:00
toddouska
b9e6d44bf7 don't reinit mutexes 2012-04-04 16:19:42 -07:00
John Safranek
d3efce71c9 allows one to set the cyassl ex_data to null 2012-03-23 14:39:37 -07:00
toddouska
36529ad873 DevStudio 10 patches 2012-03-23 10:42:07 -07:00
toddouska
41361df2dc update chi square values for new session cache sizes 2012-03-22 12:38:25 -07:00
John Safranek
fc2f329acb added: ex data for CYASSL object, cert cmp function, verify callback call in success case 2012-03-16 10:50:04 -07:00
John Safranek
d7ef83d1b3 Added new session cache size. Added options for Fortress build. 2012-03-12 10:31:45 -07:00
toddouska
815f3b8f75 terminate user psk hint at ssl even if validated at ctx 2012-02-29 10:06:27 -08:00
toddouska
f92df4b4ce fix long user provided path with strncpy 2012-02-29 09:57:03 -08:00
toddouska
6b77c8967a don't allow user override on peer cert ASN_PARSE_E 2012-02-20 12:07:40 -08:00
toddouska
ec85d47a73 allow changing session timeout for ctx and ssl 2012-02-14 17:46:04 -08:00
toddouska
f8e610493c add ability to set Temp EC-DHE key size in octets for ctx or ssl, 20 - 66 allowed for 160bit - 521bit 2012-02-14 12:46:32 -08:00
toddouska
84614da13e increase copyright date 2012 2012-02-13 11:54:10 -08:00
toddouska
20c8fab779 fix ecc cleanup bug with opensslExtra no fastmath 2012-02-13 11:36:07 -08:00
toddouska
03cf62fd07 allow dir path to be defined out NO_CYASSL_DIR, allow file or path on load_verify 2012-02-09 13:21:41 -08:00
toddouska
bce2508878 add path handling (basic) for load_verify_locations() 2012-02-08 18:07:20 -08:00
toddouska
9b5ab7c914 respond to negotiation attempt with alert warning no_renegotiation to try graceful continue if possible 2012-02-01 17:18:40 -08:00
toddouska
ee46bcce4a allow ca cache addition callback 2012-01-26 12:43:48 -08:00
toddouska
bb53240fdf add CyaSSL_X509_get_der(cert) with EXTRA 2012-01-25 14:13:05 -08:00
toddouska
b32bc2ce9f add ability to group handshake messages on send with xxx_set_group_messages() 2012-01-24 13:19:03 -08:00