a7c8903ca6
Add missing programs to Makefile
2015-06-29 19:14:04 +02:00
fa67ebaebb
Fix X.509 keysize check with multiple CAs
...
Assume we have two trusted CAs with the same name, the first uses ECDSA 256
bits, the second RSA 2048; cert is signed by the second. If we do the keysize
check before we checked the key types match, we'll raise the badkey flags when
checking the EC-256 CA and it will remain up even when we finally find the
correct CA. So, move the check for the key size after signature verification,
which implicitly checks the key type.
2015-06-27 14:41:38 +02:00
1c5b9fc19f
Avoid truncating peer cert info in ssl_server2
2015-06-27 14:38:51 +02:00
f659d2cd40
Tune up Windows snprintf() support
...
When we build with Visual Studio in debug mode, the invalid parameter handler
aborts the application (and offers to debug it) when n is 0. We want to
just return -1 instead (as calls with n == 0 are expected and happen in our
tests).
2015-06-26 17:45:00 +02:00
fc36708697
Use $(MAKE), not make
...
For the sake of systems where we want gmake.
2015-06-26 16:50:24 +02:00
633c6b6485
Run timing selftest on all platforms
...
Used to fail on our FreeBSD and Windows buildbots. Seems to be working at
least on my Darwin physical machine and on my Windows VM with MSYS2 now.
2015-06-26 16:17:30 +02:00
03db6b0da1
Cosmetics in test scripts
...
Some versions of "which" print on stderr.
2015-06-26 15:45:30 +02:00
4fd0b256a8
Fix dual use of buffer in test
...
x509_get_name() does not make defensive copies of strings in its input (which
is OK as usually the caller will have made a copy already), so we shouldn't
reuse its input buffer as an output while "parsed" is still alive.
2015-06-26 14:15:48 +02:00
4b00f08e20
Fix snprintf test
...
Our Windows implementation based on vsnprintf_s( ..., _TRUNCATE ) sometimes
writes *two* terminating NULLs. Allow for that, but obviously bytes past the
end of the buffer mustn't be touched.
2015-06-26 14:10:13 +02:00
9db2887672
Actually enable fixed snprintf on windows
2015-06-26 11:04:08 +02:00
e1d34d1707
cmake: add shortcut 'lib' for all libraries
...
Name chosen to match the existing make target.
2015-06-25 14:53:13 +02:00
574ae18088
Fix stupid typo that broke make SHARED=1
2015-06-25 14:30:51 +02:00
ea9556a76e
Fix mistaken changes in Makefile's clean target
...
I was a bit too trigger-happy with copy-pasting in a previous commit...
2015-06-25 14:19:25 +02:00
dc54ff8578
Improve documentation about SSL ticket encryption
2015-06-25 12:44:46 +02:00
a25ffc3b0f
Update Changelog for target split
2015-06-25 12:01:16 +02:00
147be4f315
Rm old variable from (c)make files
2015-06-25 11:57:13 +02:00
752c501126
One soversion per library
2015-06-25 11:56:17 +02:00
ace35999b0
Fix GNUism in bump_version.sh
2015-06-25 11:51:12 +02:00
f7c42d885c
Update visualc projects
2015-06-25 11:33:48 +02:00
6dc2651f02
Cosmetics
2015-06-25 10:59:57 +02:00
c84d0e1ec1
Use LD_LIBRARY_PATH to run test with SHARED=1
...
In my tests on Linux, LD_PRELOAD does not seem to work, but LD_LIBRARY_PATH
does.
2015-06-25 10:59:57 +02:00
9b06abe1d1
Add a shared build with make on Linux to all.sh
2015-06-25 10:59:57 +02:00
c7781addcb
Split library in CMake
2015-06-25 10:59:57 +02:00
ba2c8763b6
cmake: adjust libraries linking
2015-06-25 10:59:57 +02:00
c8293b20a9
cmake: no reason for test to depend on gcc/clang
2015-06-25 10:59:57 +02:00
216a1831de
Fix whitespace in CMakeLists.txt
...
- all spaces no tabs
- indent with 4 spaces everywhere
2015-06-25 10:59:57 +02:00
e058ea2ed8
More consistent toolchains in all.sh
2015-06-25 10:59:57 +02:00
cde2aba0af
Do no test net_usleep in timing_selftest
...
Timing belongs in libcrypto (due to havege depending on it)
while net.c was put in libtls (only test ssl servers use it)
2015-06-25 10:59:57 +02:00
53585eeb17
Remove test DHM params from certs.c
...
certs.c belongs to the X.509 library, while DHM belongs to the crypto lib.
2015-06-25 10:59:57 +02:00
21e1ac205e
Fix linking order with make
...
GNU ld cares about the order in which static libs are mentioned on the command
line: if A depends on B then A must com first.
2015-06-25 10:59:57 +02:00
0761733c1b
Fix potential NULL dereference
...
We document that either of recv or recv_timeout may be NULL, but for TLS we
always used recv... Thanks Coverity for catching that.
(Not remotely trigerrable: local configuration.)
Also made me notice net_recv_timeout didn't do its job properly.
2015-06-25 10:59:57 +02:00
dba460f2f3
Add SSL "assertion" to help static analysis
2015-06-25 10:59:57 +02:00
1cf7b30dc8
Rewrite test to make Coverity happier
...
With the default config, it noticed the accept_comp was always 0, so the rest
of the test was dead code.
2015-06-25 10:59:56 +02:00
db5d15e227
Minor tune-ups in CMake
2015-06-25 10:59:56 +02:00
5c59a4fea5
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
8d4a613cc5
Small Makefile improvements
...
- fix old build commands still using OFLAGS
- make everything work with --warn-undefined-variables, which can be useful
for debugging typos
2015-06-25 10:59:56 +02:00
21dcc1e748
fixup
2015-06-25 10:59:56 +02:00
463e09d64b
Prepare library split
2015-06-24 12:05:33 +02:00
bae389b4d4
Fix uninitialized access
...
Found using Codenomicon Defensics.
2015-06-24 10:47:33 +02:00
ac5361f7dc
Fix small issues in tests found by Coverity
2015-06-24 01:08:09 +02:00
bcc030849a
Avoid fclose( NULL )
...
Found by Coverity Scan.
2015-06-24 00:09:29 +02:00
7f9049baf4
Make config.pl more resistant to misuse
2015-06-23 23:30:16 +02:00
61ee351af4
Adapt programs to the new debug API
2015-06-23 23:30:16 +02:00
fd474233c8
Change SSL debug API in the library
2015-06-23 18:44:11 +02:00
79c4e3ee59
Rm obsolete comments
2015-06-23 18:44:10 +02:00
52fa38a214
Better cleanup in all.sh
2015-06-23 18:44:10 +02:00
b86145e6cd
Avoid potential NULL dereference.
...
May happen with a faulty configuration (eg no allowed curve but trying to use
ECDHE key exchange), but not trigger able remotely.
(Found with Clang's scan-build.)
2015-06-23 18:44:10 +02:00
14bf7063b9
Add SSL "assertions" to help static analyzers
...
scan-build was reporting NULL dereferences
2015-06-23 18:44:10 +02:00
b9c93d0d0a
Fix earlier incomplete change in RSA PMS reading
...
Probably a bad merge from the 1.3 branch
2015-06-23 18:43:53 +02:00
19389753c8
Avoid dead stores (makes scan-build happier)
2015-06-23 13:46:44 +02:00
