Chris Conlon
1d67d9217e
initial PKCS#7 stubs, tie into ./configure
2014-01-10 15:17:03 -07:00
John Safranek
7b04b7ab84
DTLS IO and cookie callbacks are IPv4/IPv6 agnostic.
2013-12-30 10:39:12 -08:00
John Safranek
420ca9e6e3
Merge branch 'ocsp'
2013-12-27 16:14:47 -08:00
John Safranek
896b16a7df
Fixed off-by-one error in OCSP
2013-12-27 16:13:52 -08:00
John Safranek
d46c68ba10
Moved OCSP into the CertManager like the CRL.
2013-12-27 12:11:47 -08:00
Moisés Guimarães
3e24a446b9
fixing SNI_GetFromBuffer return code on success.
2013-12-24 15:34:17 -03:00
John Safranek
4ce2e59adf
For Atomic user:
...
1. Added a getter for the session's IV size.
2. The HMAC size getter should return 0 for AEAD ciphers
and the hash length for the others.
2013-12-23 22:32:08 -08:00
John Safranek
14aa114854
Trimmed unused includes and defines from OCSP source.
2013-12-23 14:33:44 -08:00
Chris Conlon
64912b37f6
adjust key buffer length when using ToTraditional() or ToTraditionalEnc()
2013-12-23 14:07:58 -07:00
toddouska
29c41da818
do size check on user password input
2013-12-23 12:24:03 -08:00
toddouska
3c706b4645
only set up tmp ctx if using password
2013-12-23 12:15:55 -08:00
toddouska
db71460bb8
add password functionality to CyaSSL_KeyPemToDer()
2013-12-23 12:07:20 -08:00
rofl0r
a36c18c27f
implement CyaSSL_ERR_reason_error_string
...
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
user to supply storage for them and copying them around.
2013-12-19 19:40:48 +01:00
John Safranek
fe4f10418f
OCSP lookups are IPv4/IPv6 agnostic.
2013-12-17 18:30:42 -08:00
Moisés Guimarães
ffd58e27ef
removing deprecated TRUNCATED_HMAC_SIZE
2013-12-12 21:05:31 -03:00
John Safranek
9d6182d279
Merge branch 'master' of github.com:cyassl/cyassl
2013-12-12 11:06:21 -08:00
John Safranek
26a26fa19d
1. Fixed a build warning.
...
2. Fixed an initialization bug when decoding old-style client hellos.
2013-12-12 10:45:19 -08:00
Chris Conlon
5909f5c2c0
Merge branch 'master' of github.com:cyassl/cyassl
2013-12-11 16:20:43 -08:00
Chris Conlon
8c7f5817ac
NO_FILESYSTEM fix for CyaSSL_X509_load_certificate_file
2013-12-11 16:19:09 -08:00
toddouska
ba95c33ed4
more clang warnings
2013-12-11 15:47:40 -08:00
toddouska
b41d09b1a2
fix newer clang warnings
2013-12-11 12:03:09 -08:00
toddouska
9e56ad262c
fix snifftest pcap frees on file mode, close TraceFile on ssl_Free
2013-12-10 16:17:43 -08:00
toddouska
3051c8e900
make sure Arrays elemets all set to 0
2013-12-09 18:21:43 -08:00
John Safranek
9fe165e8f8
1. Added a couple missing checks for NULL pointers in DTLS code.
...
2. Fixed compiler warning under Windows.
3. DTLS sliding window packet filter.
2013-12-03 15:11:00 -08:00
Moisés Guimarães
0c1e02ddd0
added truncated_hmac handing on SanityCheckCipherText, VerifyMac and BuildMessage
2013-12-02 16:19:52 -03:00
Moisés Guimarães
384cc9d3da
adding truncated_hmac to tlsx
2013-12-02 16:19:51 -03:00
Moisés Guimarães
f8b30b3379
changing variable names to build on Ubuntu.
2013-12-02 15:50:21 -03:00
toddouska
6294102760
fix wrong NO_DES flags for requirements
2013-11-27 11:59:23 -08:00
Moisés Guimarães
7dfb3c6b29
Fixing length adjustment on both while loops
...
added test for client hello without SNI extension
2013-11-25 21:05:40 -03:00
Moisés Guimarães
0f2f9b6982
added more tests with code refactoring.
2013-11-21 21:25:43 -03:00
Moisés Guimarães
ba18f8b03e
added new function to retrieve SNI from a buffer.
2013-11-21 21:25:42 -03:00
John Safranek
dda5413ae2
moved some #defines around to fix sessioncerts-only build
2013-11-21 10:48:45 -08:00
John Safranek
4377996d87
Saved original SKID and AKID from certificate for later use with X.509 functions.
2013-11-19 16:20:18 -08:00
John Safranek
0fd6aed9b6
Save more decoded data from certificate for later use with X.509 functions.
2013-11-19 14:44:55 -08:00
toddouska
a7bcca84c3
add ecdsa cert signing
2013-11-14 15:00:22 -08:00
John Safranek
8c20ff2d97
Merge branch 'master' of github.com:cyassl/cyassl
2013-11-11 11:31:35 -08:00
John Safranek
dabb8058c4
1. Updated README Note 2. The error code described for no signer
...
errors is -188. (The error code -155 is for the signature
confirmation failing.)
2. Fixed bug in copying the signature from a DecodedCert to a
CYASSL_X509 record.
2013-11-11 11:19:35 -08:00
Takashi Kojo
23cada35ba
Catch up master
2013-11-10 21:06:34 +09:00
Takashi Kojo
16bda74536
For MDK5 Pack
2013-11-07 10:29:01 +09:00
John Safranek
42f82ce9cc
Merge branch 'master' of github.com:cyassl/cyassl
2013-11-06 15:54:01 -08:00
John Safranek
20e6ac7104
Added public key type to PKEY copy
2013-11-06 14:16:21 -08:00
John Safranek
4dc30fcde5
Added X.509 accessor for signature.
2013-11-06 11:49:49 -08:00
Takashi Kojo
f26cf50ff2
Merge branch 'master' of https://github.com/cyassl/cyassl into MDK5
2013-11-06 10:22:21 +09:00
Chris Conlon
fb8c3e0c75
fix gcc warning with enable-ocsp
2013-11-04 15:36:08 -07:00
John Safranek
913e200cd0
X.509 Additions:
...
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
2013-11-04 11:02:17 -08:00
toddouska
12b074fbe9
add worst case estimate to ecc_sign_size()
2013-10-30 13:33:23 -07:00
toddouska
de6b9bc6be
fix sniffer with new decrypt/verify code
2013-10-28 17:18:41 -07:00
Takashi Kojo
33ccf62ff5
MDK5 support
2013-10-25 15:49:39 +09:00
toddouska
8c7715ee33
remove CBC naming from HC-128 suites
2013-10-24 12:10:09 -07:00
toddouska
f833674171
remove CBC from RABBIT suite naming
2013-10-24 11:52:21 -07:00
toddouska
4c04b6e714
add AES Blake2b 256 basic suites for speed tests
2013-10-24 11:30:51 -07:00
Takashi Kojo
2f98233825
For MDK5
2013-10-24 18:50:26 +09:00
Takashi Kojo
e4a3599a6b
cyassl/src file updates for MDK5
2013-10-24 16:52:17 +09:00
toddouska
c039b0106a
add HC-128 Blake2b 256 cipher suite for speed test
2013-10-23 17:13:54 -07:00
Chris Conlon
f45d0709b3
case insensitivity fix for domain name check
2013-10-18 15:17:19 -06:00
Chris Conlon
dba488ba70
add option to always call verify callback with CYASSL_ALWAYS_VERIFY_CB
2013-10-14 15:04:26 -06:00
toddouska
6c654bba3d
fix camellia memory leak
2013-10-10 16:50:35 -07:00
John Safranek
51c485f523
1. Added a couple missing checks for NULL pointers in DTLS code.
...
2. Fixed compiler warning under Windows.
2013-10-08 14:59:59 -07:00
John Safranek
33bcc76a07
Merge branch 'master' of github.com:cyassl/cyassl
2013-10-02 15:27:10 -07:00
Chris Conlon
17b220e9c7
add Freescale MQX time functionality
2013-09-24 20:12:48 -06:00
John Safranek
5e4ca53496
clean up Windows build issues with OCSP
2013-09-18 14:47:51 -07:00
John Safranek
c5f3eace7d
DTLS timeout init wasn't initializing the timeout until after the first timeout.
2013-09-11 14:28:01 -07:00
toddouska
44ba0af192
free fp ecc resources on cleanup
2013-09-06 17:08:57 -07:00
toddouska
a14af5f0b0
move mutex to port layer at crypto level
2013-09-06 16:38:27 -07:00
Moisés Guimarães
d7a08b1a76
centralizing MAX_DIGEST_SIZE definition in hmac.h
2013-09-06 15:53:46 -03:00
John Safranek
f2c75a9e87
ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values
2013-09-05 15:00:01 -07:00
toddouska
b9540bf579
check NULL to match docs
2013-08-29 08:25:14 -07:00
John Safranek
78b8da9949
Initialize the AEAD explicit IV to 0.
2013-08-27 10:44:04 -07:00
toddouska
e8fcf35098
add Rsa Public/Private client key exchange callbacks, examples
2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e
add Rsa Sign/Verify callbacks, client/server examples
2013-08-26 16:27:29 -07:00
toddouska
664c6de5d5
send blank cert on client if TLS instead of TLSv1.2, more accept this now and some even incorrectly require it
2013-08-26 12:34:39 -07:00
John Safranek
081a3a57d4
move variable declaration before function code
2013-08-23 10:26:42 -07:00
John Safranek
33a7a7f762
initialize return variable
2013-08-23 10:20:39 -07:00
John Safranek
0002ba4ee8
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72
cleanup build warnings
...
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
`process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
`CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
`Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
`CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
`AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2
add public key callbacks for ecc sign/verify, examples
2013-08-22 18:19:39 -07:00
toddouska
bc958f5798
C comments only
2013-08-22 10:35:46 -07:00
John Safranek
64ba0587a3
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-21 22:42:15 -07:00
John Safranek
957cf90118
Added function to read certificate from file into CYASSL_X509 buffer.
2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa
add useratomic DecryptVerify Callbacks, example
2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b
modified SEP X509 functions to behave like the NAME_oneline function
2013-08-20 16:47:38 -07:00
John Safranek
442886a207
Added x509 accessors for the SEP build certificate additions.
2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9
add atomic user macencrypt cb
2013-08-09 17:27:15 -07:00
toddouska
3378f8f25e
add DTLS cookie ctx geter
2013-08-06 15:06:33 -07:00
toddouska
5c5cee0789
use external CYASSL_MAX_ERROR_SZ for buffer size
2013-08-06 11:48:00 -07:00
John Safranek
831d9cf640
SEP Profile
...
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
a CYASSL_SESSION record.
2013-08-02 16:03:41 -07:00
toddouska
3b4ff94931
add paramter validation to SSL I/O calls
2013-08-02 12:12:51 -07:00
John Safranek
1357cdb0e4
SEP Profile
...
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
2013-07-28 17:11:22 -07:00
Moisés Guimarães
55401c13dd
Truncated HMAC first part (protocol). Extension processing will be coded later.
2013-07-23 15:42:43 -03:00
toddouska
14b100fee6
fix savecert with no_skid, gcc warnings
2013-07-22 14:30:35 -07:00
toddouska
37a9a7a457
add IOCb Ctx getters
2013-07-22 11:01:00 -07:00
toddouska
705aa0f453
fix user malloc define w/ opensslextra
2013-07-05 09:42:49 -07:00
John Safranek
226f018829
Fixed memory leak of http buffer in OCSP lookup.
2013-07-02 17:35:30 -07:00
Moisés Guimarães
593e466a44
limiting max_fragment API for client side only.
2013-07-01 10:13:43 -03:00
toddouska
307c71d9cb
add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake
2013-06-27 10:26:04 -07:00
John Safranek
773d0da1bc
Fixed issue with the DTLS EmbedReceiveFrom() callback using IPv6.
2013-06-26 17:40:21 -07:00
John Safranek
29b32e582a
DTLS IPv6 Hello Cookie Update
...
1. Add support for IPv6 addresses when calculating DTLS Cookie.
2. Simplify cookie calculation.
2013-06-26 16:32:01 -07:00
toddouska
60c2388ae7
fix potential NetX packet memory leak
2013-06-26 11:03:54 -07:00
toddouska
87eb94b7c4
Merge branch 'master' of github.com:cyassl/cyassl
2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f
add NetX default IO context handling
2013-06-24 14:00:48 -07:00
John Safranek
0c34ecb451
OCSP Updates
...
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
response and obtain the complete OCSP response.
2013-06-24 10:47:24 -07:00
John Safranek
17ab84eb07
Update call to DoAlert()
...
When handling the alerts, the return code wasn't checked for error codes. A corrupted alert message could cause a control flow issue.
2013-06-19 15:01:13 -07:00
Moisés Guimarães
25e910a0a9
max fragment length tests and fixes
2013-06-19 16:38:57 -03:00
Moisés Guimarães
5f3ee80407
added:
...
- max fragment length extension;
- CyaSSL_SNI_GetRequest() to get client's request at server side;
- Automated tests for SNI;
2013-06-19 15:45:06 -03:00
toddouska
d02af46256
windows build warning fixes
2013-06-17 12:26:21 -07:00
toddouska
8c70b11528
add newSession flag to SetServerID to do full handshake w/ new session
2013-06-14 15:29:18 -07:00
toddouska
7f7c595d10
differentiate between THREADX and RTP_SYS
2013-06-14 13:45:25 -07:00
toddouska
9559f09028
warning fixes
2013-06-13 12:13:46 -07:00
John Safranek
b40c2c0b1f
Fixed issue with no_server/no_client optional compile losing two functions
2013-06-06 21:59:05 +02:00
Moisés Guimarães
f1d1898ddf
Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH
...
Added new function to SNI API: CyaSSL_SNI_Matched()
2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee
changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH
2013-06-03 10:04:49 -03:00
John Safranek
ebd03368c7
for DTLS handshakes, put change cipher spec and finished messages in same datagram
2013-05-31 13:48:49 -07:00
Moisés Guimarães
79fad81c32
shrinking function names
2013-05-30 15:40:10 -03:00
Moisés Guimarães
5c665fe614
Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch)
...
Exposed SNI Type at ssl.h
2013-05-30 15:26:41 -03:00
Jasper Spaans
2b59554245
fix cipherSuite0 byte in sniffer, so ECC is recognised correctly.
2013-05-28 10:56:13 +02:00
John Safranek
9753e46721
minor OCSP update
...
1. When doing the HTTP transaction, use recv() and send().
2. When a cert doesn't have an Auth Info extension, and not using
an override server, it is considered good.
3. decode_url() should return -1 in case of error.
4. When decoding HTTP response, process all the headers, skipping all
of those that are not-processed.
2013-05-24 17:23:07 -07:00
Moisés Guimarães
2030bab8d8
fixed shift, cast and name for extensions semaphore.
2013-05-23 17:02:39 -03:00
John Safranek
4ed2cf4b6e
Earlier DTLS transmit patch, moved local variable definition to top of block
2013-05-22 18:36:13 -07:00
John Safranek
acaa2c02bf
Fixed unencrypted TLS alerts having extra data, ssn12
2013-05-21 18:21:22 -07:00
John Safranek
80225e58aa
updated the formatting from the patch
2013-05-21 17:39:11 -07:00
John Safranek
c325436712
Merge branch 'master' of git://github.com/JonasNorling/cyassl into JonasNorling-master
2013-05-21 17:27:11 -07:00
John Safranek
abed4cf669
Fix DTLS server memory leak, ssn11
2013-05-21 16:21:49 -07:00
toddouska
d2003bb8b7
merge in sni
2013-05-21 14:37:50 -07:00
John Safranek
b347df8d9a
DTLS rx size check, ssn10
...
Allows for receiving datagrams larger than the MTU that are reassembled
by the IP stack.
2013-05-21 13:52:22 -07:00
toddouska
fd5937b599
MDK-ARM updates
2013-05-20 17:56:27 -07:00
toddouska
10e6e7fbb5
check error_string_n size and truncate if too short
2013-05-20 10:36:06 -07:00
toddouska
8f5e98486f
fix MPLAB X windows warnings
2013-05-17 11:13:47 -07:00
Chris Conlon
a4c6ed0dda
add support for Microchip TCP/IP 6.0 beta
2013-05-17 10:59:18 -06:00
toddouska
dcf88daae7
fix KEIL warnings
2013-05-17 09:49:46 -07:00
Jonas Norling
2051ee49b7
Increment record layer sequence number when retransmitting DTLS packets (as per the RFC). Send the Finished message in the next epoch, but don't commit to using the next epoch until the other end indicates that the CCS message has been received.
...
Tested against an OpenSSL server, this change makes it a bit happier.
2013-05-17 16:47:55 +02:00
John Safranek
05f11c4bca
DTLS Finished send duplication
...
1. Only add the encrypted Finished message to DTLS retransmit pool.
2. Don't increment the epoch or sequence number when retransmitting.
2013-05-15 10:31:42 -07:00
John Safranek
ac716c96d3
Output buffer size check when sending transmit pool.
...
1. Added a call to CheckAvailableSize() when sending the DTLS transmit pool.
2. Rename CheckAvailableSize().
2013-05-13 12:32:47 -07:00
Chris Conlon
2a741ba469
Merge branch 'master' of github.com:cyassl/cyassl
2013-05-10 17:34:32 -06:00
Chris Conlon
f5c3458795
fix typos
2013-05-10 17:31:50 -06:00
toddouska
61bf080290
fix serverhello extensions idx bug
2013-05-10 15:52:32 -07:00
toddouska
07407bbdaa
rename sniffer bornOn to lastUsed to reflect new usage
2013-05-09 17:58:48 -07:00
toddouska
712b3dd17c
remove some not compiled ins
2013-05-09 15:33:37 -07:00
toddouska
8f0b695249
fix leanpsk build with keep cert / session cert
2013-05-09 15:29:25 -07:00
toddouska
83b96d748e
external API use SSL_FATAL_ERROR instead of -1 cases
2013-05-09 13:17:07 -07:00
toddouska
ca4b2b3f90
keep sniffer sessions alive as used, and prevent remove stale from removing active ones
2013-05-09 11:48:02 -07:00
Chris Conlon
f4c379cb96
minor typo fix
2013-05-09 11:23:07 -06:00
toddouska
47b468d14f
add dtls recv timeout max user setting too
2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4
add user setting for dtls recv timeout init value
2013-05-07 16:14:26 -07:00
toddouska
9c9c59cec3
update sevrver session cert w/ old client hello too
2013-05-06 18:11:14 -07:00
John Safranek
9505f92bd1
restore session certs when resuming session
2013-05-06 17:25:50 -07:00
toddouska
018d1684c9
add camellia to sniffer
2013-05-06 15:37:58 -07:00
toddouska
fa35353e75
cleaup memsave cert cache
2013-05-02 12:23:49 -07:00
toddouska
a0c630b4ee
add cert cache persistence
2013-05-02 11:34:26 -07:00
toddouska
5104f4ea7a
fix typos
2013-04-29 20:17:43 -07:00
toddouska
1e6119bb0d
always try most recent used session on row first for match
2013-04-29 20:08:21 -07:00
toddouska
8c1310e376
fix mem save/restore size with clientcache
2013-04-29 16:56:30 -07:00
toddouska
aebd926472
better endif ids
2013-04-29 14:52:28 -07:00
toddouska
8e64f9903d
fix typos
2013-04-29 14:48:03 -07:00
toddouska
5a1886656a
Merge branch 'master' of github.com:cyassl/cyassl
2013-04-29 14:23:22 -07:00
toddouska
5c4fdb30ad
add client session table lookup based on serverID, use CyaSSL_SetServerID to set/store with serverid
2013-04-29 14:22:32 -07:00
John Safranek
87048698e5
use subject key id and authentication key id to ID CA certs in the signers list instead of subject name hashes.
2013-04-29 12:08:16 -07:00
toddouska
411a096b2b
add memory versions of session cache save/restore
2013-04-25 17:23:58 -07:00
toddouska
05dd84598b
turn CA signer list into CA signer hash table, defaults CA_TABLE_SIZE to 11
2013-04-25 15:36:33 -07:00
toddouska
9dbf6a5e10
fix Signer hash size w/o SHA, fix GetCA caList b4 lock
2013-04-25 14:47:09 -07:00
toddouska
98b7ed9d47
more consistent SSL_SUCCESS for external SSL() returns
2013-04-25 11:36:38 -07:00
toddouska
942480e6ba
fix save cache file problem, version id, and match cache separarte error
2013-04-24 14:17:50 -07:00
toddouska
477129b53e
fix conversion warning
2013-04-24 13:35:28 -07:00
toddouska
158029752c
only reset session cache with lock
2013-04-24 11:20:54 -07:00
toddouska
956ac08cab
add persistent session cache, ssn9
2013-04-24 11:10:23 -07:00
toddouska
65913b0d6c
error out earlier in get_chain_X509
2013-04-23 13:21:00 -07:00
toddouska
bad1c32df2
add session cert conversion to x509, and free x509 for dynamic variety
2013-04-23 11:50:06 -07:00
toddouska
4491de3b77
add UnloadCAs ability for CTX or CertManager
2013-04-22 13:18:08 -07:00
toddouska
8c0ee8a6f7
make sure all external APIs at SSL level return SSL_SUCCESS instead of sometimes 0 from old CyaSSL API
2013-04-22 12:43:57 -07:00
toddouska
11d81b86de
change windows low res timer return
2013-04-22 10:52:38 -07:00
toddouska
d665e16bd8
add user ctx to verify callback with CyaSSL_SetCertCbCtx
2013-04-18 10:37:10 -07:00
toddouska
729fc1e603
add discardSessionCerts flag for verify callback
2013-04-18 09:11:35 -07:00
toddouska
e38b4d5868
free CyaSSL CTX count mutex
2013-04-17 13:25:02 -07:00
toddouska
dafcd8782a
add altnames check to domain match
2013-04-17 09:37:57 -07:00
toddouska
d50b388a33
add wildcard check to domain name match
2013-04-17 09:07:26 -07:00
John Safranek
fe13b4b6c6
moved and renamed the CBIO error codes so they are publically available
2013-04-16 12:32:55 -07:00
toddouska
7c003c5755
add sanity check on cleanup for possible no init
2013-04-12 17:07:00 -07:00
toddouska
97e0ec073f
make sure all lib proper *.c files have config.h then settings.h then checks for defines in case user using settings.h for lib config
2013-04-10 11:04:29 -07:00
toddouska
185331f007
fix shadow on decl
2013-04-10 10:24:33 -07:00
Chris Conlon
27d6c727e0
add MICROCHIP_TCPIP
2013-04-10 09:16:11 -06:00
John Safranek
e98193000a
KEEP_PEER_CERT includes the function CyaSSL_X509_get_subjectCN
2013-04-09 09:45:25 -07:00
John Safranek
b0dca8ea69
updated SHOW_SIZES, opionally adds sizes as available, added flag to example client to print sizes
2013-04-08 16:01:52 -07:00
John Safranek
9b0ffa0249
brought CYASSL_CALLBACK code up to current standard
2013-04-08 15:34:54 -07:00
John Safranek
786e4d9462
fixed leak of method when ctx malloc fails; implemented get_shutdown
2013-04-03 16:35:19 -07:00
John Safranek
217254b533
check CBIOCookie for NULL before trying to call it
2013-04-02 16:36:07 -07:00
toddouska
1224d3d907
Merge branch 'master' of github.com:cyassl/cyassl
2013-04-01 15:52:23 -07:00
toddouska
0005b4cbe4
move pthread flags/libs to autoconf defines so available to library proper and external tests/examples
2013-04-01 15:50:13 -07:00
John Safranek
e9bc868dbb
AES-GCM does not require SHA-384, but will use it if enabled in build; reorder some of the requirement checks to regroup some NO_RSA suite checks
2013-04-01 14:25:20 -07:00
John Safranek
9975d1d675
Merge branch 'master' of github.com:cyassl/cyassl
2013-04-01 13:39:09 -07:00
John Safranek
44352b5673
don't return closed alert if peer sends fatal alert; respond to closed alert with closed alert
2013-04-01 13:37:25 -07:00
toddouska
4b90474581
move CM VerifyBuffer out of no filesystem
2013-04-01 11:59:17 -07:00
John Safranek
a572967017
when checking for DTLS, only need to compare against major version
2013-03-28 13:28:12 -07:00
toddouska
f396de1191
add DTLS support for alignment
2013-03-27 16:58:27 -07:00
toddouska
82e3c00075
add CYASSL_GENERAL_ALIGNMENT detection and setting for TLS alignment attempt
2013-03-27 15:11:49 -07:00
toddouska
6d8246e98c
fix scan-build 272 warnings
2013-03-27 12:32:22 -07:00
toddouska
7d82bec7fc
do rabbit/hc128 alignment at crypto layer for non intel
2013-03-26 18:16:15 -07:00
toddouska
14b4bb3b0f
change rabbit and hc128 to return values for key and process, will add error rets for alignment issues
2013-03-26 14:42:09 -07:00
toddouska
f601b7bfda
move aesni cbc encrypt align check down to crypto layer
2013-03-26 14:13:01 -07:00
toddouska
6bc7ba1592
change AesCBC end/dec to return status, will add failure cases with align checks
2013-03-26 12:36:39 -07:00
toddouska
8e53c7a62e
fix inline type spot
2013-03-25 11:50:15 -07:00
toddouska
9d77ca744f
fix C++ cast problem on make_eap
2013-03-24 13:06:22 -07:00