Merge branch 'master' of github.com:cyassl/cyassl

In sniffer changed a memcpy to memmove; update for v3.3.2
fix NO_INLINE word error in misc.h, change to cyassl_word
2015-01-08 15:27:23 -08:00 · 2015-01-08 15:25:14 -08:00 · 2015-01-08 10:31:26 -07:00 · 2015-01-06 14:25:57 -08:00 · 2015-01-06 11:08:37 -08:00 · 2015-01-06 09:27:40 -08:00
11 changed files with 96 additions and 79 deletions
--- a/12
+++ b/12
@@ -34,7 +34,17 @@ before calling SSL_new();  Though it's not recommended.

 *** end Notes ***

-CyaSSL Release 3.3.0 (12/05/2014)
+
+CyaSSL Release 3.3.2 (01/07/2015)
+
+Release 3.3.2 CyaSSL has bug fixes and new features including:
+
+- Improvements in the build configuration under AIX.
+- Various compile warnings.
+- Changed a memcpy to memmove in the sniffer.
+
+
+***********CyaSSL Release 3.3.0 (12/05/2014)

 - Countermeasuers for Handshake message duplicates, CHANGE CIPHER without
  FINISHED, and fast forward attempts.  Thanks to Karthikeyan Bhargavan from
--- a/README.md
+++ b/README.md
@@ -36,6 +36,15 @@ before calling SSL_new();  Though it's not recommended.
 ```


+# CyaSSL Release 3.3.2 (01/07/2015)
+
+## Release 3.3.2 CyaSSL has bug fixes and new features including:
+
+- Improvements in the build configuration under AIX.
+- Various compile warnings.
+- Changed a memcpy to memmove in the sniffer.
+
+
 # CyaSSL Release 3.3.0 (12/05/2014)

 - Countermeasuers for Handshake message duplicates, CHANGE CIPHER without
--- a/configure.ac
+++ b/configure.ac
@@ -6,7 +6,7 @@
 #
 #

-AC_INIT([cyassl],[3.3.0],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.wolfssl.com])
+AC_INIT([cyassl],[3.3.2],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.wolfssl.com])

 AC_CONFIG_AUX_DIR([build-aux])

--- a/ctaocrypt/src/random.c
+++ b/ctaocrypt/src/random.c
@@ -232,7 +232,7 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
            return DRBG_FAILURE;
        }

-        checkBlock = *(word32*)drbg->digest;
+        XMEMCPY(&checkBlock, drbg->digest, sizeof(word32));
        if (drbg->reseedCtr > 1 && checkBlock == drbg->lastBlock) {
            if (drbg->matchCount == 1) {
                return DRBG_CONT_FAILURE;
--- a/cyassl/ctaocrypt/misc.h
+++ b/cyassl/ctaocrypt/misc.h
@@ -44,7 +44,7 @@ CYASSL_LOCAL
 void   ByteReverseWords(word32*, const word32*, word32);

 CYASSL_LOCAL
-void XorWords(word*, const word*, word32);
+void XorWords(cyassl_word*, const cyassl_word*, word32);
 CYASSL_LOCAL
 void xorbuf(void*, const void*, word32);

--- a/cyassl/version.h
+++ b/cyassl/version.h
@@ -26,8 +26,8 @@
 extern "C" {
 #endif

-#define LIBCYASSL_VERSION_STRING "3.3.0"
-#define LIBCYASSL_VERSION_HEX 0x03003000
+#define LIBCYASSL_VERSION_STRING "3.3.2"
+#define LIBCYASSL_VERSION_HEX 0x03003002

 #ifdef __cplusplus
 }
--- a/m4/ax_am_jobserver.m4
+++ b/m4/ax_am_jobserver.m4
@@ -33,7 +33,7 @@
 #   and this notice are preserved. This file is offered as-is, without any
 #   warranty.

-#serial 7
+#serial 7.1

 AC_DEFUN([AX_AM_JOBSERVER], [
    AC_REQUIRE([AX_COUNT_CPUS])
--- a/m4/ax_harden_compiler_flags.m4
+++ b/m4/ax_harden_compiler_flags.m4
@@ -62,10 +62,9 @@
 # AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_cflags_extra]) -- causes RSA verify problem on x64
 # AX_APPEND_COMPILE_FLAGS([-Wunreachable-code],,[$ax_append_compile_cflags_extra])  -- older clang and when gcc had it are buggy

-#serial 4
+#serial 4.1

  AC_DEFUN([AX_HARDEN_LINKER_FLAGS], [
-      AC_REQUIRE([AX_CHECK_LINK_FLAG])
      AC_REQUIRE([AX_VCS_CHECKOUT])
      AC_REQUIRE([AX_DEBUG])

@@ -94,7 +93,6 @@
      ])

  AC_DEFUN([AX_HARDEN_CC_COMPILER_FLAGS], [
-      AC_REQUIRE([AX_APPEND_COMPILE_FLAGS])
      AC_REQUIRE([AX_HARDEN_LINKER_FLAGS])

      AC_LANG_PUSH([C])
@@ -229,7 +227,6 @@
      ])

  AC_DEFUN([AX_CC_OTHER_FLAGS], [
-      AC_REQUIRE([AX_APPEND_COMPILE_FLAGS])
      AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS])

      AC_LANG_PUSH([C])
--- a/src/keys.c
+++ b/src/keys.c
@@ -2325,8 +2325,8 @@ static int SetAuthKeys(OneTimeAuth* authentication, Keys* keys,
 int SetKeysSide(CYASSL* ssl, enum encrypt_side side)
 {
    int devId = NO_CAVIUM_DEVICE, ret, copy = 0;
-    Ciphers* encrypt = NULL;
-    Ciphers* decrypt = NULL;
+    Ciphers* enc = NULL;
+    Ciphers* dec = NULL;
    Keys*    keys    = &ssl->keys;

    (void)copy;
@@ -2344,16 +2344,16 @@ int SetKeysSide(CYASSL* ssl, enum encrypt_side side)

    switch (side) {
        case ENCRYPT_SIDE_ONLY:
-            encrypt = &ssl->encrypt;
+            enc = &ssl->encrypt;
            break;

        case DECRYPT_SIDE_ONLY:
-            decrypt = &ssl->decrypt;
+            dec = &ssl->decrypt;
            break;

        case ENCRYPT_AND_DECRYPT_SIDE:
-            encrypt = &ssl->encrypt;
-            decrypt = &ssl->decrypt;
+            enc = &ssl->encrypt;
+            dec = &ssl->decrypt;
            break;

        default:
@@ -2368,16 +2368,16 @@ int SetKeysSide(CYASSL* ssl, enum encrypt_side side)
    }
 #endif

-    ret = SetKeys(encrypt, decrypt, keys, &ssl->specs, ssl->options.side,
+    ret = SetKeys(enc, dec, keys, &ssl->specs, ssl->options.side,
                  ssl->heap, devId);

 #ifdef HAVE_SECURE_RENEGOTIATION
    if (copy) {
        int clientCopy = 0;

-        if (ssl->options.side == CYASSL_CLIENT_END && encrypt)
+        if (ssl->options.side == CYASSL_CLIENT_END && enc)
            clientCopy = 1;
-        else if (ssl->options.side == CYASSL_SERVER_END && decrypt)
+        else if (ssl->options.side == CYASSL_SERVER_END && dec)
            clientCopy = 1;

        if (clientCopy) {
@@ -2395,7 +2395,7 @@ int SetKeysSide(CYASSL* ssl, enum encrypt_side side)
            XMEMCPY(ssl->keys.server_write_IV,
                    keys->server_write_IV, AES_IV_SIZE);
        }
-        if (encrypt) {
+        if (enc) {
            ssl->keys.sequence_number = keys->sequence_number;
            #ifdef HAVE_AEAD
                if (ssl->specs.cipher_type == aead) {
@@ -2405,7 +2405,7 @@ int SetKeysSide(CYASSL* ssl, enum encrypt_side side)
                }
            #endif
        }
-        if (decrypt)
+        if (dec)
            ssl->keys.peer_sequence_number = keys->peer_sequence_number;
        ssl->secure_renegotiation->cache_status++;
    }
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -2673,7 +2673,7 @@ doMessage:
                    return -1;
                }
            }
-            XMEMCPY(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes);
+            XMEMMOVE(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes);
            ssl->buffers.inputBuffer.length = sslBytes;
        }
        if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@@ -53,6 +53,7 @@ int main(void)
 #include <stdlib.h>        /* EXIT_SUCCESS */
 #include <string.h>        /* strcmp */
 #include <signal.h>        /* signal */
+#include <sys/socket.h>    /* AF_INET */

 #include <cyassl/sniffer.h>
Author	SHA1	Message	Date
John Safranek	e86c6d8c84	Merge branch 'master' of github.com:cyassl/cyassl	2015-01-08 15:27:23 -08:00
John Safranek	c1546bf20b	In sniffer changed a memcpy to memmove; update for v3.3.2	2015-01-08 15:25:14 -08:00
Chris Conlon	b8c65ec0de	fix NO_INLINE word error in misc.h, change to cyassl_word	2015-01-08 10:31:26 -07:00
John Safranek	3c86c16d85	In hash drbg changed assignment to memcpy to fix strict aliasing warning.	2015-01-06 14:25:57 -08:00
John Safranek	a8803e1e16	1. snifftest.c needs socket.h included for AIX 2. cleaned up whitespace in snifftest.c	2015-01-06 11:08:37 -08:00
John Safranek	06714584f9	fix local variable masking global in SetKeysSide()	2015-01-06 09:27:40 -08:00
John Safranek	46d9037d26	removed some AC_REQUIRE statements for macros that have parameters. causing some trouble under ksh.	2015-01-05 16:20:13 -08:00