mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6,182 Commits 5 Branches 162 Tags
Commit Graph

2267 Commits

Author SHA1 Message Date
Jacob Barthelmeh
2086394a35 compatibility of get cipher list function and update cmake files 2017-05-18 14:36:34 -06:00
toddouska
4370a01778 Merge pull request #921 from dgarske/fix_crl 
Fix for CRL issue with XFREE using invalid arg for heap.
 2017-05-18 09:40:40 -07:00
Sean Parkinson
9fb6373cfb Get PSS going on server side 2017-05-18 15:36:01 +10:00
David Garske
c1f82ece7a Fix for CRL issue with XFREE using invalid arg for heap. 2017-05-17 16:39:35 -07:00
toddouska
2f15d57a6f Merge pull request #640 from jrblixt/unitTest_api_dev 
unit test md5, sha, sha256, sha384, sha512
 2017-05-17 09:17:32 -07:00
Sean Parkinson
63a6618feb Enable X25519 for Key Exchange in TLS 2017-05-17 08:58:12 +10:00
toddouska
4c451a6c61 Merge pull request #920 from dgarske/fix_sb_tls 
Fix for scan-build warning for possible use of uninitialized `eccKey`
 2017-05-16 12:56:50 -07:00
jrblixt
6acd5dafa7 Changes from Todd's code review. 2017-05-16 12:58:07 -06:00
David Garske
79b0311952 Fix for scan-build warning src/tls.c:4898:20: warning: The left operand of '!=' is a garbage value. 2017-05-16 08:50:06 -07:00
Sean Parkinson
e5fe1a3750 Unlock on memory allocation failure. 2017-05-16 09:41:17 +10:00
Sean Parkinson
1a08143946 Fixup for async on master 2017-05-15 10:10:28 +10:00
Sean Parkinson
1e2a6412d7 Find the CRL entry again after lock 2017-05-15 10:10:28 +10:00
Sean Parkinson
c7e57e9c6c Late CRL check - copy data before use 2017-05-15 10:04:42 +10:00
Sean Parkinson
c8e6c64e51 Fix warning when building for Windows 2017-05-15 10:04:42 +10:00
Sean Parkinson
4723b8470a Allow a CRL's signature to be verified on use 2017-05-15 10:04:42 +10:00
Sean Parkinson
4d77e80d04 Fix loading of CRLs and certs. 
Change function wolfSSL_X509_LOOKUP_load_file to load multiple CRLs and
certificates from a file.
Change CRL loading to have a flag to not verify CRL signature - only do
this when using wolfSSL_X509_LOOKUP_load_file() as the certificate is
not always available.
Add test case for loading multiple CRLs in one file without certificate.
 2017-05-15 10:04:42 +10:00
toddouska
3297280e62 Merge pull request #913 from JacobBarthelmeh/Compatibility-Layer 
allow re-using WOLFSSL structure after calling shutdown
 2017-05-12 16:50:14 -07:00
toddouska
dcd3a6a478 Merge pull request #907 from dgarske/fix_verifycb 
Fixes for verify callback override
 2017-05-12 16:45:55 -07:00
Jacob Barthelmeh
0374907acc allow re-using WOLFSSL structure after calling shutdown 2017-05-12 13:54:20 -06:00
jrblixt
606aca9916 Merge branch 'master' of https://github.com/jrblixt/wolfssl into unitTest_api_dev 2017-05-12 02:04:58 -06:00
David Garske
562db08c3d Implemented strict switch fall-through handling using new macro FALL_THROUGH. 2017-05-11 15:15:19 -07:00
David Garske
c0c98c8f64 Fixes to address build warnings for GCC 7. Used -Wimplicit-fallthrough=0 to suppress all switch fall-through warnings. 2017-05-11 15:12:16 -07:00
toddouska
ce42738198 Merge pull request #900 from dgarske/coverity_part3 
Coverity fixes for TLS 1.3, async, small stack and normal math.
 2017-05-11 13:05:53 -07:00
toddouska
5c652e398f Merge pull request #896 from dgarske/async_cleanups 
Fixes for async and smallstack
 2017-05-11 13:05:25 -07:00
David Garske
2efa7d5b8b Fix for verify callback override, peerVerifyRet code on success and ensuring DOMAIN_NAME_MISMATCH error gets passed down in ECDSAk case. Added unit test case to verify callback override works. Fixes issue #905 and issue #904. Fix for async build goto label typo. 2017-05-11 12:23:17 -07:00
Sean Parkinson
22ce2f183d Interop testing fixes 
Fix TLS13 cipher suite name to CHACHA20
Include SignatureAlgorithm in older versions of TLS when compiling for
TLS v1.3.
BIT STRING unused bits doesn't necessarily indicate last unused bit.
Fix ecc_dsa_sa_algo value.
 2017-05-11 10:42:09 +10:00
Sean Parkinson
ec6d8f48b8 Add PSS for TLS v1.3 2017-05-10 17:22:53 +10:00
Sean Parkinson
df3abee72c TLS v1.3 Interop changes 
Added Curve25519 for TLS v1.3 only. Curve25519 won't work with older
protocol versions.
Always send signature algorithm extension in TLS v1.3 for server
certificates. If only doing PSK doesn't need to be sent though.
 2017-05-10 15:16:27 +10:00
David Garske
8d4f8c6d80 Fixes for build with distro for BuildTls13HandshakeHmac arg change. 2017-05-09 10:09:43 -07:00
David Garske
c47826cc8f Additional TLS 1.3 return code checking. 2017-05-09 09:45:40 -07:00
David Garske
e8cf4b5ff0 Coverity fixes for TLS 1.3, async, small stack and normal math. 2017-05-09 09:13:21 -07:00
Sean Parkinson
46c4adcf4c TLS v1.3 interop fixes 2017-05-09 14:49:21 +10:00
David Garske
5726c23d81 Fix for scan-build warning with ret not being read in DoServerHello. 2017-05-06 14:00:24 -07:00
David Garske
8cd78edac1 Fixes for building with smallstack 2017-05-06 00:39:12 -04:00
David Garske
011178994b Fix typos with goto exit labels and heap. 2017-05-06 00:32:02 -04:00
David Garske
af0103bc94 Fix for Valgrind memory leak with the “ssl->hsHashes”. The DTLS wolfSSL_connect for “IsDtlsNotSctpMode” at line 8134 calls InitHandshakeHashes, but doesn’t free existing. Best overall solution is to make sure and free an existing on InitHandshakeHashes, since WOLFSSL is memset to 0. 2017-05-04 14:51:31 -07:00
Sean Parkinson
902f5cf53f Stack size enabled config fix 2017-05-04 14:51:31 -07:00
David Garske
570befb63f Fixes for using async. Combine duplicate DoCertificate and DoTls13Certificate code into ProcessPeerCerts. Cleanup of the XMALLOC/XFREE to use ssl->heap. 2017-05-04 14:51:31 -07:00
David Garske
253140f37e Fixes for TLS 1.3. Fix issue with wc_AesGcmDecrypt checking for authIn arg (allowed to be NULL). Fix for preMasterSz in TLSX_KeyShare_ProcessEcc. Fix for building with --disable-asn (NO_CERTS). Fix to remove client “-t” option from help, which no longer exists. Added new WOLFSSL_DEBUG_TLS option for new messages added. 2017-05-04 14:51:31 -07:00
David Garske
77f9126edf Rebase fixes for TLS 1.3. Getting a decrypt error with the TLS 1.3 test from the SendTls13CertificateVerify. 2017-05-04 14:51:31 -07:00
Sean Parkinson
2b1e9973ec Add TLS v1.3 as an option 2017-05-04 14:51:30 -07:00
Jacob Barthelmeh
7dd877554b build for windows visual studio with AES GCM 2017-05-04 14:14:12 -06:00
Jacob Barthelmeh
9b5340d3af sanity checks before copying copying peer certificate 2017-05-04 13:10:46 -06:00
toddouska
e771611c29 Merge pull request #891 from JacobBarthelmeh/Testing 
sanity check on input buffer index
 2017-05-03 12:13:43 -07:00
Jacob Barthelmeh
55538b5de0 sanity check on input buffer index 2017-05-03 10:21:03 -06:00
David Garske
338194be25 Fix for scan build warning for TLSX_SNI_GetRequest possible use of null pointer. 2017-05-03 07:33:13 -07:00
Jacob Barthelmeh
aa990ed1ce in error case close FILE 2017-05-02 14:54:27 -06:00
Jacob Barthelmeh
dbb67d8582 warnings for builds of haproxy, nginx, and leanpsk 2017-05-02 14:29:53 -06:00
toddouska
27aafd674a Merge pull request #886 from dgarske/fixes_coverity2 
Fixes for coverity scan (part 2)
 2017-05-02 08:53:03 -07:00
John Safranek
4135279f82 Merge pull request #843 from kaleb-himes/dtls-interop 
DTLS update per RFC 6347 Section 4.2.3
 2017-05-01 19:29:27 -07:00