mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,285 Commits 5 Branches 162 Tags 807 MiB
87eb94b7c4
Commit Graph

605 Commits

Author SHA1 Message Date
toddouska
87eb94b7c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f add NetX default IO context handling 2013-06-24 14:00:48 -07:00
John Safranek
0c34ecb451 OCSP Updates 
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
   when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
   Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
   response and obtain the complete OCSP response.
 2013-06-24 10:47:24 -07:00
John Safranek
17ab84eb07 Update call to DoAlert() 
When handling the alerts, the return code wasn't checked for error codes. A corrupted alert message could cause a control flow issue.
 2013-06-19 15:01:13 -07:00
Moisés Guimarães
25e910a0a9 max fragment length tests and fixes 2013-06-19 16:38:57 -03:00
Moisés Guimarães
5f3ee80407 added: 
- max fragment length extension;
 - CyaSSL_SNI_GetRequest() to get client's request at server side;
 - Automated tests for SNI;
 2013-06-19 15:45:06 -03:00
toddouska
d02af46256 windows build warning fixes 2013-06-17 12:26:21 -07:00
toddouska
8c70b11528 add newSession flag to SetServerID to do full handshake w/ new session 2013-06-14 15:29:18 -07:00
toddouska
7f7c595d10 differentiate between THREADX and RTP_SYS 2013-06-14 13:45:25 -07:00
toddouska
9559f09028 warning fixes 2013-06-13 12:13:46 -07:00
John Safranek
b40c2c0b1f Fixed issue with no_server/no_client optional compile losing two functions 2013-06-06 21:59:05 +02:00
Moisés Guimarães
f1d1898ddf Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH 
Added new function to SNI API: CyaSSL_SNI_Matched()
 2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH 2013-06-03 10:04:49 -03:00
John Safranek
ebd03368c7 for DTLS handshakes, put change cipher spec and finished messages in same datagram 2013-05-31 13:48:49 -07:00
Moisés Guimarães
79fad81c32 shrinking function names 2013-05-30 15:40:10 -03:00
Moisés Guimarães
5c665fe614 Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch) 
Exposed SNI Type at ssl.h
 2013-05-30 15:26:41 -03:00
Jasper Spaans
2b59554245 fix cipherSuite0 byte in sniffer, so ECC is recognised correctly. 2013-05-28 10:56:13 +02:00
John Safranek
9753e46721 minor OCSP update 
1. When doing the HTTP transaction, use recv() and send().
2. When a cert doesn't have an Auth Info extension, and not using
   an override server, it is considered good.
3. decode_url() should return -1 in case of error.
4. When decoding HTTP response, process all the headers, skipping all
   of those that are not-processed.
 2013-05-24 17:23:07 -07:00
Moisés Guimarães
2030bab8d8 fixed shift, cast and name for extensions semaphore. 2013-05-23 17:02:39 -03:00
John Safranek
4ed2cf4b6e Earlier DTLS transmit patch, moved local variable definition to top of block 2013-05-22 18:36:13 -07:00
John Safranek
acaa2c02bf Fixed unencrypted TLS alerts having extra data, ssn12 2013-05-21 18:21:22 -07:00
John Safranek
80225e58aa updated the formatting from the patch 2013-05-21 17:39:11 -07:00
John Safranek
c325436712 Merge branch 'master' of git://github.com/JonasNorling/cyassl into JonasNorling-master 2013-05-21 17:27:11 -07:00
John Safranek
abed4cf669 Fix DTLS server memory leak, ssn11 2013-05-21 16:21:49 -07:00
toddouska
d2003bb8b7 merge in sni 2013-05-21 14:37:50 -07:00
John Safranek
b347df8d9a DTLS rx size check, ssn10 
Allows for receiving datagrams larger than the MTU that are reassembled
by the IP stack.
 2013-05-21 13:52:22 -07:00
toddouska
fd5937b599 MDK-ARM updates 2013-05-20 17:56:27 -07:00
toddouska
10e6e7fbb5 check error_string_n size and truncate if too short 2013-05-20 10:36:06 -07:00
toddouska
8f5e98486f fix MPLAB X windows warnings 2013-05-17 11:13:47 -07:00
Chris Conlon
a4c6ed0dda add support for Microchip TCP/IP 6.0 beta 2013-05-17 10:59:18 -06:00
toddouska
dcf88daae7 fix KEIL warnings 2013-05-17 09:49:46 -07:00
Jonas Norling
2051ee49b7 Increment record layer sequence number when retransmitting DTLS packets (as per the RFC). Send the Finished message in the next epoch, but don't commit to using the next epoch until the other end indicates that the CCS message has been received. 
Tested against an OpenSSL server, this change makes it a bit happier.
 2013-05-17 16:47:55 +02:00
John Safranek
05f11c4bca DTLS Finished send duplication 
1. Only add the encrypted Finished message to DTLS retransmit pool.
2. Don't increment the epoch or sequence number when retransmitting.
 2013-05-15 10:31:42 -07:00
John Safranek
ac716c96d3 Output buffer size check when sending transmit pool. 
1. Added a call to CheckAvailableSize() when sending the DTLS transmit pool.
2. Rename CheckAvailableSize().
 2013-05-13 12:32:47 -07:00
Chris Conlon
2a741ba469 Merge branch 'master' of github.com:cyassl/cyassl 2013-05-10 17:34:32 -06:00
Chris Conlon
f5c3458795 fix typos 2013-05-10 17:31:50 -06:00
toddouska
61bf080290 fix serverhello extensions idx bug 2013-05-10 15:52:32 -07:00
toddouska
07407bbdaa rename sniffer bornOn to lastUsed to reflect new usage 2013-05-09 17:58:48 -07:00
toddouska
712b3dd17c remove some not compiled ins 2013-05-09 15:33:37 -07:00
toddouska
8f0b695249 fix leanpsk build with keep cert / session cert 2013-05-09 15:29:25 -07:00
toddouska
83b96d748e external API use SSL_FATAL_ERROR instead of -1 cases 2013-05-09 13:17:07 -07:00
toddouska
ca4b2b3f90 keep sniffer sessions alive as used, and prevent remove stale from removing active ones 2013-05-09 11:48:02 -07:00
Chris Conlon
f4c379cb96 minor typo fix 2013-05-09 11:23:07 -06:00
toddouska
47b468d14f add dtls recv timeout max user setting too 2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4 add user setting for dtls recv timeout init value 2013-05-07 16:14:26 -07:00
toddouska
9c9c59cec3 update sevrver session cert w/ old client hello too 2013-05-06 18:11:14 -07:00
John Safranek
9505f92bd1 restore session certs when resuming session 2013-05-06 17:25:50 -07:00
toddouska
018d1684c9 add camellia to sniffer 2013-05-06 15:37:58 -07:00
toddouska
fa35353e75 cleaup memsave cert cache 2013-05-02 12:23:49 -07:00
toddouska
a0c630b4ee add cert cache persistence 2013-05-02 11:34:26 -07:00