len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-08-20 01:58:32 -04:00
Code Issues Projects Releases Packages Wiki Activity

Prepare for V7.2.0 release.

Browse source
This commit is contained in:
Richard Barry 2012-08-14 12:14:48 +00:00
parent 73ad4387e2
commit e0bab5981a
1071 changed files with 8726 additions and 2457 deletions
Download patch file Download diff file Expand all files Collapse all files

22
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/aes.h
View file

@ -68,6 +68,14 @@ typedef struct Aes {
ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
#ifdef HAVE_AESGCM
ALIGN16 byte H[AES_BLOCK_SIZE];
#ifdef GCM_TABLE
/* key-based fast multiplication table. */
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
#endif /* GCM_TABLE */
#endif /* HAVE_AESGCM */
} Aes;
@ -80,6 +88,20 @@ CYASSL_API void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
CYASSL_API void AesEncryptDirect(Aes* aes, byte* out, const byte* in);
CYASSL_API void AesDecryptDirect(Aes* aes, byte* out, const byte* in);
#ifdef HAVE_AESGCM
CYASSL_API void AesGcmSetKey(Aes* aes, const byte* key, word32 len,
const byte* implicitIV);
CYASSL_API void AesGcmSetExpIV(Aes* aes, const byte* iv);
CYASSL_API void AesGcmGetExpIV(Aes* aes, byte* iv);
CYASSL_API void AesGcmIncExpIV(Aes* aes);
CYASSL_API void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
CYASSL_API int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESGCM */
#ifdef __cplusplus
} /* extern "C" */

99
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/asn.h
View file

@ -61,6 +61,7 @@ enum ASN_Tags {
ASN_SEQUENCE = 0x10,
ASN_SET = 0x11,
ASN_UTC_TIME = 0x17,
ASN_DNS_TYPE = 0x02,
ASN_GENERALIZED_TIME = 0x18,
CRL_EXTENSIONS = 0xa0,
ASN_EXTENSIONS = 0xa3,
@ -138,6 +139,8 @@ enum Misc_ASN {
#endif
/* Max total extensions, id + len + others */
#endif
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
/* use bigger NTRU size */
};
@ -198,6 +201,13 @@ enum VerifyType {
};
typedef struct DNS_entry DNS_entry;
struct DNS_entry {
DNS_entry* next; /* next on DNS list */
char* name; /* actual DNS name */
};
typedef struct DecodedCert DecodedCert;
typedef struct Signer Signer;
@ -211,6 +221,7 @@ struct DecodedCert {
word32 sigLength; /* length of signature */
word32 signatureOID; /* sum of algorithm object id */
word32 keyOID; /* sum of key algo object id */
DNS_entry* altNames; /* alt names list of dns entries */
byte subjectHash[SHA_SIZE]; /* hash of all Names */
byte issuerHash[SHA_SIZE]; /* hash of all Names */
#ifdef HAVE_OCSP
@ -219,6 +230,7 @@ struct DecodedCert {
byte* signature; /* not owned, points into raw cert */
char* subjectCN; /* CommonName */
int subjectCNLen;
int subjectCNStored; /* have we saved a copy we own */
char issuer[ASN_NAME_MAX]; /* full name including common name */
char subject[ASN_NAME_MAX]; /* full name including common name */
int verify; /* Default to yes, but could be off */
@ -278,6 +290,7 @@ struct Signer {
#define CYASSL_TEST_API CYASSL_LOCAL
#endif
CYASSL_TEST_API void FreeAltNames(DNS_entry*, void*);
CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
CYASSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, void* cm);
@ -295,6 +308,7 @@ CYASSL_LOCAL void FreeSigners(Signer*, void*);
CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
#ifdef HAVE_ECC
/* ASN sig helpers */
@ -321,6 +335,10 @@ enum cert_enums {
#endif /* CYASSL_CERT_GEN */
/* for pointer use */
typedef struct CertStatus CertStatus;
#ifdef HAVE_OCSP
enum Ocsp_Response_Status {
@ -341,47 +359,82 @@ enum Ocsp_Cert_Status {
enum Ocsp_Sums {
OCSP_BASIC_OID = 117
OCSP_BASIC_OID = 117,
OCSP_NONCE_OID = 118
};
#define STATUS_LIST_SIZE 5
typedef struct OcspRequest OcspRequest;
typedef struct OcspResponse OcspResponse;
struct CertStatus {
CertStatus* next;
byte serial[EXTERNAL_SERIAL_SIZE];
int serialSz;
int status;
byte thisDate[MAX_DATE_SIZE];
byte nextDate[MAX_DATE_SIZE];
byte thisDateFormat;
byte nextDateFormat;
};
struct OcspResponse {
int responseStatus; /* return code from Responder */
word32 respBegin; /* index to beginning of OCSP Response */
word32 respLength; /* length of the OCSP Response */
byte* response; /* Pointer to beginning of OCSP Response */
word32 responseSz; /* length of the OCSP Response */
int version; /* Response version number */
byte producedDate[MAX_DATE_SIZE];
/* Date at which this response was signed */
byte producedDateFormat; /* format of the producedDate */
byte* issuerHash;
byte* issuerKeyHash;
word32 sigIndex; /* Index into source for start of sig */
word32 sigLength; /* Length in octets for the sig */
byte* cert;
word32 certSz;
byte* sig; /* Pointer to sig in source */
word32 sigSz; /* Length in octets for the sig */
word32 sigOID; /* OID for hash used for sig */
int certStatusCount; /* Count of certificate statuses, Note
* 1:1 correspondence between certStatus
* and certSerialNumber */
byte certSN[STATUS_LIST_SIZE][EXTERNAL_SERIAL_SIZE];
int certSNsz[STATUS_LIST_SIZE];
/* Certificate serial number array. */
word32 certStatus[STATUS_LIST_SIZE];
/* Certificate status array */
CertStatus* status; /* certificate status to fill out */
byte* nonce; /* pointer to nonce inside ASN.1 response */
int nonceSz; /* length of the nonce string */
byte* source; /* pointer to source buffer, not owned */
word32 maxIdx; /* max offset based on init size */
void* heap; /* for user memory overrides */
};
CYASSL_LOCAL void InitOcspResponse(OcspResponse*, byte*, word32, void*);
CYASSL_LOCAL void FreeOcspResponse(OcspResponse*);
struct OcspRequest {
DecodedCert* cert;
byte nonce[MAX_OCSP_NONCE_SZ];
int nonceSz;
byte* issuerHash; /* pointer to issuerHash in source cert */
byte* issuerKeyHash; /* pointer to issuerKeyHash in source cert */
byte* serial; /* pointer to serial number in source cert */
int serialSz; /* length of the serial number */
byte* dest; /* pointer to the destination ASN.1 buffer */
word32 destSz; /* length of the destination buffer */
};
CYASSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32);
CYASSL_LOCAL int OcspResponseDecode(OcspResponse*);
CYASSL_LOCAL int EncodeOcspRequest(DecodedCert*, byte*, word32);
CYASSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*, byte*, word32);
CYASSL_LOCAL int EncodeOcspRequest(OcspRequest*);
CYASSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*);
#endif /* HAVE_OCSP */
@ -410,12 +463,14 @@ struct DecodedCRL {
byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
byte nextDate[MAX_DATE_SIZE]; /* next update date */
byte lastDateFormat; /* format of last date */
byte nextDateFormat; /* format of next date */
RevokedCert* certs; /* revoked cert list */
int totalCerts; /* number on list */
};
CYASSL_LOCAL void InitDecodedCRL(DecodedCRL*);
CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, long sz);
CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, long sz, void* cm);
CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);

2
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/error.h
View file

@ -98,6 +98,8 @@ enum {
NO_PASSWORD = -176, /* no password provided by user */
ALT_NAME_E = -177, /* alt name size problem, too big */
AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */
MIN_CODE_E = -200 /* errors -101 - -199 */
};

17
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/hmac.h
View file

@ -32,6 +32,10 @@
#include <cyassl/ctaocrypt/sha256.h>
#endif
#ifdef CYASSL_SHA384
#include <cyassl/ctaocrypt/sha512.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
@ -40,13 +44,19 @@
enum {
IPAD = 0x36,
OPAD = 0x5C,
#ifndef NO_SHA256
#if defined(CYASSL_SHA384)
INNER_HASH_SIZE = SHA384_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE
#elif !defined(NO_SHA256)
INNER_HASH_SIZE = SHA256_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE,
SHA384 = 5
#else
INNER_HASH_SIZE = SHA_DIGEST_SIZE,
HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE,
SHA256 = 2, /* hash type unique */
SHA384 = 5
#endif
HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE
};
@ -57,6 +67,9 @@ typedef union {
#ifndef NO_SHA256
Sha256 sha256;
#endif
#ifdef CYASSL_SHA384
Sha384 sha384;
#endif
} Hash;
/* Hmac digest */

1
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/include.am
View file

@ -15,6 +15,7 @@ nobase_include_HEADERS+= \
cyassl/ctaocrypt/hc128.h \
cyassl/ctaocrypt/hmac.h \
cyassl/ctaocrypt/integer.h \
cyassl/ctaocrypt/md2.h \
cyassl/ctaocrypt/md4.h \
cyassl/ctaocrypt/md5.h \
cyassl/ctaocrypt/misc.h \

64
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/md2.h Normal file
View file

@ -0,0 +1,64 @@
/* md2.h
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef CYASSL_MD2
#ifndef CTAO_CRYPT_MD2_H
#define CTAO_CRYPT_MD2_H
#include <cyassl/ctaocrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
/* in bytes */
enum {
MD2 = 6, /* hash type unique */
MD2_BLOCK_SIZE = 16,
MD2_DIGEST_SIZE = 16,
MD2_PAD_SIZE = 16,
MD2_X_SIZE = 48
};
/* Md2 digest */
typedef struct Md2 {
word32 count; /* bytes % PAD_SIZE */
byte X[MD2_X_SIZE];
byte C[MD2_BLOCK_SIZE];
byte buffer[MD2_BLOCK_SIZE];
} Md2;
CYASSL_API void InitMd2(Md2*);
CYASSL_API void Md2Update(Md2*, const byte*, word32);
CYASSL_API void Md2Final(Md2*, byte*);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CTAO_CRYPT_MD2_H */
#endif /* CYASSL_MD2 */

13
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/misc.h
View file

@ -49,6 +49,19 @@ CYASSL_LOCAL
void XorWords(word*, const word*, word32);
CYASSL_LOCAL
void xorbuf(byte*, const byte*, word32);
#ifdef WORD64_AVAILABLE
CYASSL_LOCAL
word64 rotlFixed64(word64, word64);
CYASSL_LOCAL
word64 rotrFixed64(word64, word64);
CYASSL_LOCAL
word64 ByteReverseWord64(word64);
CYASSL_LOCAL
void ByteReverseWords64(word64*, const word64*, word32);
#endif /* WORD64_AVAILABLE */
#endif /* NO_INLINE */

15
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/settings.h
View file

@ -85,17 +85,22 @@
#define NO_HC128
#endif /* MBED */
#ifdef FREERTOS
#ifdef FREERTOS_WINSIM
#define FREERTOS
#define USE_WINDOWS_API
#endif
#ifdef FREERTOS
#define NO_WRITEV
#define NO_SHA512
#define NO_DH
#define NO_DSA
#define NO_HC128
#endif
#ifdef FREERTOS_WINSIM
#define FREERTOS
#define USE_WINDOWS_API
#ifndef SINGLE_THREADED
#include "FreeRTOS.h"
#include "semphr.h"
#endif
#endif
#ifdef CYASSL_GAME_BUILD

9
FreeRTOS-Plus/CyaSSL/cyassl/ctaocrypt/types.h
View file

@ -157,6 +157,8 @@ enum {
#ifndef STRING_USER
#include <string.h>
char* mystrnstr(const char* s1, const char* s2, unsigned int n);
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
@ -167,6 +169,7 @@ enum {
/* strstr, strncmp, and strncat only used by CyaSSL proper, not required for
CTaoCrypt only */
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#endif
@ -205,7 +208,11 @@ enum {
DYNAMIC_TYPE_CRL = 22,
DYNAMIC_TYPE_REVOKED = 23,
DYNAMIC_TYPE_CRL_ENTRY = 24,
DYNAMIC_TYPE_CERT_MANAGER = 25
DYNAMIC_TYPE_CERT_MANAGER = 25,
DYNAMIC_TYPE_CRL_MONITOR = 26,
DYNAMIC_TYPE_OCSP_STATUS = 27,
DYNAMIC_TYPE_OCSP_ENTRY = 28,
DYNAMIC_TYPE_ALTNAME = 29
};
/* stack protection */

13
FreeRTOS-Plus/CyaSSL/cyassl/error.h
View file

@ -92,14 +92,21 @@ enum CyaSSL_ErrorCodes {
NOT_CA_ERROR = -257, /* Not a CA cert error */
BAD_PATH_ERROR = -258, /* Bad path for opendir */
BAD_CERT_MANAGER_ERROR = -259, /* Bad Cert Manager */
OCSP_CERT_REVOKED = -260,
OCSP_CERT_REVOKED = -260, /* OCSP Certificate revoked */
CRL_CERT_REVOKED = -261, /* CRL Certificate revoked */
CRL_MISSING = -262, /* CRL Not loaded */
MONITOR_RUNNING_E = -263, /* CRL Monitor already running */
THREAD_CREATE_E = -264, /* Thread Create Error */
OCSP_NEED_URL = -265, /* OCSP need an URL for lookup */
OCSP_CERT_UNKNOWN = -266, /* OCSP responder doesn't know */
OCSP_LOOKUP_FAIL = -267, /* OCSP lookup not successful */
MAX_CHAIN_ERROR = -268, /* max chain depth exceeded */
COOKIE_ERROR = -269, /* dtls cookie error */
/* add strings to SetErrorString !!!!! */
/* begin negotiation parameter errors */
UNSUPPORTED_SUITE = -270, /* unsupported cipher suite */
MATCH_SUITE_ERROR = -271 /* can't match cipher suite */
UNSUPPORTED_SUITE = -290, /* unsupported cipher suite */
MATCH_SUITE_ERROR = -291 /* can't match cipher suite */
/* end negotiation parameter errors only 10 for now */
/* add strings to SetErrorString !!!!! */
};

150
FreeRTOS-Plus/CyaSSL/cyassl/internal.h
View file

@ -44,6 +44,9 @@
#ifdef HAVE_OCSP
#include <cyassl/ocsp.h>
#endif
#ifdef CYASSL_SHA512
#include <cyassl/ctaocrypt/sha512.h>
#endif
#ifdef CYASSL_CALLBACKS
#include <cyassl/openssl/cyassl_callbacks.h>
@ -59,10 +62,6 @@
#include <winsock2.h>
#endif
#include <windows.h>
#if defined(FREERTOS_WINSIM) && !defined(SINGLE_THREADED)
#include "FreeRTOS.h"
#include "semphr.h"
#endif
#endif
#elif defined(THREADX)
#ifndef SINGLE_THREADED
@ -71,10 +70,7 @@
#elif defined(MICRIUM)
/* do nothing, just don't pick Unix */
#elif defined(FREERTOS)
#ifndef SINGLE_THREADED
#include "FreeRTOS.h"
#include "semphr.h"
#endif
/* do nothing */
#else
#ifndef SINGLE_THREADED
#define CYASSL_PTHREADS
@ -156,6 +152,10 @@ void c32to24(word32 in, word24 out);
#define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
#endif
#if defined (HAVE_AESGCM)
#define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256
#define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#if !defined(NO_HC128) && !defined(NO_TLS)
@ -173,6 +173,10 @@ void c32to24(word32 in, word24 out);
#if !defined (NO_SHA256)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
#define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
#if defined (HAVE_AESGCM)
#define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
#define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
@ -187,6 +191,18 @@ void c32to24(word32 in, word24 out);
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
#if defined (HAVE_AESGCM)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#if !defined(NO_RC4)
#define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
@ -219,6 +235,10 @@ void c32to24(word32 in, word24 out);
#define BUILD_AES
#endif
#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256)
#define BUILD_AESGCM
#endif
#if defined(BUILD_TLS_RSA_WITH_HC_128_CBC_SHA) || \
defined(BUILD_TLS_RSA_WITH_HC_128_CBC_MD5)
#define BUILD_HC128
@ -284,7 +304,23 @@ enum {
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x6b,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67,
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c,
/* AES-GCM */
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c,
TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f,
/* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2c,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2d,
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0x2e,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x30,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x31,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32
};
@ -306,12 +342,15 @@ enum Misc {
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
NO_COMPRESSION = 0,
ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */
HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */
SECRET_LEN = 48, /* pre RSA and all master */
ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */
SIZEOF_SENDER = 4, /* clnt or srvr */
FINISHED_SZ = MD5_DIGEST_SIZE + SHA_DIGEST_SIZE,
MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */
MAX_MSG_EXTRA = 68, /* max added to msg, mac + pad */
MAX_MSG_EXTRA = 70, /* max added to msg, mac + pad from */
/* RECORD_HEADER_SZ + BLOCK_SZ (pad) + SHA_256
digest sz + BLOC_SZ (iv) + pad byte (1) */
MAX_COMP_EXTRA = 1024, /* max compression extra */
MAX_MTU = 1500, /* max expected MTU */
MAX_UDP_SIZE = MAX_MTU - 100, /* don't exceed MTU w/ 100 byte header */
@ -335,6 +374,7 @@ enum Misc {
SEED_LEN = RAN_LEN * 2, /* tls prf seed length */
ID_LEN = 32, /* session id length */
MAX_COOKIE_LEN = 32, /* max dtls cookie size */
COOKIE_SZ = 20, /* use a 20 byte cookie */
SUITE_LEN = 2, /* cipher suite sz length */
ENUM_LEN = 1, /* always a byte */
COMP_LEN = 1, /* compression length */
@ -345,6 +385,10 @@ enum Misc {
CERT_HEADER_SZ = 3, /* always 3 bytes */
REQ_HEADER_SZ = 2, /* cert request header sz */
HINT_LEN_SZ = 2, /* length of hint size field */
HELLO_EXT_SZ = 14, /* total length of the lazy hello extensions */
HELLO_EXT_LEN = 12, /* length of the lazy hello extensions */
HELLO_EXT_SIGALGO_SZ = 8, /* length of signature algo extension */
HELLO_EXT_SIGALGO_LEN = 6, /* number of items in the signature algo list */
DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */
@ -368,8 +412,19 @@ enum Misc {
AES_256_KEY_SIZE = 32, /* for 256 bit */
AES_192_KEY_SIZE = 24, /* for 192 bit */
AES_IV_SIZE = 16, /* always block size */
AES_GCM_IMP_IV_SZ = 4, /* Implicit part of IV */
AES_GCM_EXP_IV_SZ = 8, /* Explicit part of IV */
AES_GCM_CTR_IV_SZ = 4, /* Counter part of IV */
AES_128_KEY_SIZE = 16, /* for 128 bit */
AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */
AEAD_TYPE_OFFSET = 8, /* Auth Data: Type */
AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */
AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */
AEAD_LEN_OFFSET = 11, /* Auth Data: Length */
AEAD_AUTH_TAG_SZ = 16, /* Size of the authentication tag */
AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */
HC_128_KEY_SIZE = 16, /* 128 bits */
HC_128_IV_SIZE = 16, /* also 128 bits */
@ -394,7 +449,7 @@ enum Misc {
MAX_EX_DATA = 3, /* allow for three items of ex_data */
MAX_CHAIN_DEPTH = 9, /* max cert chain peer depth, FORTRESS option */
#else
MAX_CHAIN_DEPTH = 4, /* max cert chain peer depth */
MAX_CHAIN_DEPTH = 6, /* max cert chain peer depth */
#endif
MAX_X509_SIZE = 2048, /* max static x509 buffer size */
CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */
@ -484,9 +539,6 @@ struct CYASSL_BIO {
struct CYASSL_METHOD {
ProtocolVersion version;
byte side; /* connection side, server or client */
byte verifyPeer; /* request or send certificate */
byte verifyNone; /* whether to verify certificate */
byte failNoCert; /* fail if no certificate */
byte downgrade; /* whether to downgrade version, default no */
};
@ -520,9 +572,9 @@ enum {
#define COMP_EXTRA 0
#endif
/* only the sniffer needs space in the buffer for an extra MTU record */
/* only the sniffer needs space in the buffer for extra MTU record(s) */
#ifdef CYASSL_SNIFFER
#define MTU_EXTRA MAX_MTU
#define MTU_EXTRA MAX_MTU * 3
#else
#define MTU_EXTRA 0
#endif
@ -599,6 +651,8 @@ int SetCipherList(Suites*, const char* list);
#endif
#ifdef CYASSL_DTLS
CYASSL_LOCAL
int EmbedGenerateCookie(byte *buf, int sz, void *ctx);
CYASSL_LOCAL
int IsUDP(void*);
#endif
@ -613,7 +667,7 @@ struct CYASSL_CIPHER {
#ifdef SINGLE_THREADED
typedef int CyaSSL_Mutex;
#else /* MULTI_THREADED */
/* Comes first to enable use of FreeRTOS Windows simulator only. */
/* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */
#ifdef FREERTOS
typedef xSemaphoreHandle CyaSSL_Mutex;
#elif defined(USE_WINDOWS_API)
@ -636,6 +690,28 @@ CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*);
typedef struct OCSP_Entry OCSP_Entry;
struct OCSP_Entry {
OCSP_Entry* next; /* next entry */
byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */
byte issuerKeyHash[SHA_DIGEST_SIZE]; /* issuer public key hash */
CertStatus* status; /* OCSP response list */
int totalStatus; /* number on list */
};
/* CyaSSL OCSP controller */
struct CYASSL_OCSP {
byte enabled;
byte useOverrideUrl;
char overrideName[80];
char overridePath[80];
int overridePort;
OCSP_Entry* ocspList;
};
typedef struct CRL_Entry CRL_Entry;
/* Complete CRL */
@ -645,16 +721,31 @@ struct CRL_Entry {
byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */
byte lastDate[MAX_DATE_SIZE]; /* last date updated */
byte nextDate[MAX_DATE_SIZE]; /* next update date */
byte lastDateFormat; /* last date format */
byte nextDateFormat; /* next date format */
RevokedCert* certs; /* revoked cert list */
int totalCerts; /* number on list */
};
typedef struct CRL_Monitor CRL_Monitor;
/* CRL directory monitor */
struct CRL_Monitor {
char* path; /* full dir path, if valid pointer we're using */
int type; /* PEM or ASN1 type */
};
/* CyaSSL CRL controller */
struct CYASSL_CRL {
CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */
CRL_Entry* crlList; /* our CRL list */
CyaSSL_Mutex crlLock; /* CRL list lock */
CRL_Monitor monitors[2]; /* PEM and DER possible */
#ifdef HAVE_CRL_MONITOR
pthread_t tid; /* monitoring thread */
#endif
};
@ -693,7 +784,7 @@ struct CYASSL_CTX {
byte sendVerify; /* for client side */
byte haveDH; /* server DH parms set by user */
byte haveNTRU; /* server private NTRU key loaded */
byte haveECDSA; /* server cert signed w/ ECDSA loaded */
byte haveECDSAsig; /* server cert signed w/ ECDSA */
byte haveStaticECC; /* static server ECC private key */
byte partialWrite; /* only one msg per write call */
byte quietShutdown; /* don't send close notify */
@ -741,7 +832,7 @@ int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash);
/* All cipher suite related info */
typedef struct CipherSpecs {
byte bulk_cipher_algorithm;
byte cipher_type; /* block or stream */
byte cipher_type; /* block, stream, or aead */
byte mac_algorithm;
byte kea; /* key exchange algo */
byte sig_algo;
@ -765,6 +856,7 @@ enum BulkCipherAlgorithm {
des40,
idea,
aes,
aes_gcm,
hc128, /* CyaSSL extensions */
rabbit
};
@ -772,7 +864,7 @@ enum BulkCipherAlgorithm {
/* Supported Message Authentication Codes from page 43 */
enum MACAlgorithm {
no_mac = 0,
no_mac,
md5_mac,
sha_mac,
sha224_mac,
@ -785,19 +877,20 @@ enum MACAlgorithm {
/* Supported Key Exchange Protocols */
enum KeyExchangeAlgorithm {
no_kea = 0,
no_kea,
rsa_kea,
diffie_hellman_kea,
fortezza_kea,
psk_kea,
ntru_kea,
ecc_diffie_hellman_kea
ecc_diffie_hellman_kea,
ecc_static_diffie_hellman_kea /* for verify suite only */
};
/* Supported Authentication Schemes */
enum SignatureAlgorithm {
anonymous_sa_algo = 0,
anonymous_sa_algo,
rsa_sa_algo,
dsa_sa_algo,
ecc_dsa_sa_algo
@ -834,7 +927,7 @@ enum ClientCertificateType {
};
enum CipherType { stream, block };
enum CipherType { stream, block, aead };
/* keys and secrets */
@ -1011,7 +1104,7 @@ typedef struct Options {
byte usingCompression; /* are we using compression */
byte haveDH; /* server DH parms set by user */
byte haveNTRU; /* server NTRU private key loaded */
byte haveECDSA; /* server ECDSA signed cert */
byte haveECDSAsig; /* server ECDSA signed cert */
byte haveStaticECC; /* static server ECC private key */
byte havePeerCert; /* do we have peer's cert */
byte usingPSK_cipher; /* whether we're using psk as cipher */
@ -1037,6 +1130,7 @@ typedef struct Arrays {
byte masterSecret[SECRET_LEN];
#ifdef CYASSL_DTLS
byte cookie[MAX_COOKIE_LEN];
byte cookieSz;
#endif
#ifndef NO_PSK
char client_identity[MAX_PSK_ID_LEN];
@ -1061,6 +1155,8 @@ struct CYASSL_X509 {
byte serial[EXTERNAL_SERIAL_SIZE];
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
buffer derCert; /* may need */
DNS_entry* altNames; /* alt names list */
DNS_entry* altNamesNext; /* hint for retrieval */
};
@ -1104,6 +1200,9 @@ struct CYASSL {
Sha hashSha; /* sha hash of handshake msgs */
#ifndef NO_SHA256
Sha256 hashSha256; /* sha256 hash of handshake msgs */
#endif
#ifdef CYASSL_SHA384
Sha384 hashSha384; /* sha384 hash of handshake msgs */
#endif
Hashes verifyHashes;
Hashes certHashes; /* for cert verify */
@ -1241,6 +1340,7 @@ enum HandShakeType {
client_hello = 1,
server_hello = 2,
hello_verify_request = 3, /* DTLS addition */
session_ticket = 4,
certificate = 11,
server_key_exchange = 12,
certificate_request = 13,

24
FreeRTOS-Plus/CyaSSL/cyassl/ocsp.h
View file

@ -26,38 +26,18 @@
#define CYASSL_OCSP_H
#include <cyassl/ssl.h>
#include <cyassl/ctaocrypt/asn.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct CYASSL_OCSP CYASSL_OCSP;
typedef struct CertStatus CertStatus;
struct CertStatus {
byte issuerHash[SHA_SIZE];
byte issuerKeyHash[SHA_SIZE];
byte serial[EXTERNAL_SERIAL_SIZE];
int serialSz;
int status;
};
struct CYASSL_OCSP {
byte enabled;
byte useOverrideUrl;
char overrideName[80];
char overridePath[80];
int overridePort;
int statusLen;
CertStatus status[1];
};
CYASSL_LOCAL int CyaSSL_OCSP_Init(CYASSL_OCSP*);
CYASSL_LOCAL void CyaSSL_OCSP_Cleanup(CYASSL_OCSP*);
CYASSL_LOCAL int CyaSSL_OCSP_set_override_url(CYASSL_OCSP*, const char*);
CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*);

2
FreeRTOS-Plus/CyaSSL/cyassl/openssl/ssl.h
View file

@ -37,8 +37,6 @@
#ifdef _WIN32
/* wincrypt.h clashes */
#undef X509_NAME
#undef OCSP_REQUEST
#undef OCSP_RESPONSE
#endif

8
FreeRTOS-Plus/CyaSSL/cyassl/sniffer_error.h
View file

@ -90,9 +90,15 @@
#define OUT_OF_ORDER_STR 57
#define OVERLAP_DUPLICATE_STR 58
#define OVERLAP_REASSEMBLY_BEGIN_STR 59
#define OVERLAP_REASSEMBLY_END_STR 60
#define MISSED_CLIENT_HELLO_STR 61
#define GOT_HELLO_REQUEST_STR 62
#define GOT_SESSION_TICKET_STR 63
#define BAD_INPUT_STR 64
#define BAD_DECRYPT_TYPE 65
#define BAD_FINISHED_MSG 66
#define BAD_COMPRESSION_STR 67
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

7
FreeRTOS-Plus/CyaSSL/cyassl/sniffer_error.rc
View file

@ -74,5 +74,12 @@ STRINGTABLE
60, "Received an Overlap Reassembly End Duplicate Packet"
61, "Missed the Client Hello Entirely"
62, "Got Hello Request msg"
63, "Got Session Ticket msg"
64, "Bad Input"
65, "Bad Decrypt Type"
66, "Bad Finished Message Processing"
67, "Bad Compression Type"
}

18
FreeRTOS-Plus/CyaSSL/cyassl/ssl.h
View file

@ -43,6 +43,12 @@
#define CYASSL_VERSION LIBCYASSL_VERSION_STRING
#endif
#ifdef _WIN32
/* wincrypt.h clashes */
#undef OCSP_REQUEST
#undef OCSP_RESPONSE
#endif
#ifdef __cplusplus
@ -686,6 +692,8 @@ CYASSL_API const unsigned char* CyaSSL_X509_get_der(CYASSL_X509*, int*);
CYASSL_API int CyaSSL_cmp_peer_cert_to_file(CYASSL*, const char*);
CYASSL_API char* CyaSSL_X509_get_next_altname(CYASSL_X509*);
/* connect enough to get peer cert */
CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl);
@ -763,10 +771,15 @@ CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *ctx);
/* CA cache callbacks */
enum {
CYASSL_SSLV3 = 0,
CYASSL_TLSV1 = 1,
CYASSL_TLSV1_1 = 2,
CYASSL_TLSV1_2 = 3,
CYASSL_USER_CA = 1, /* user added as trusted */
CYASSL_CHAIN_CA = 2 /* added to cache from trusted chain */
};
CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version);
CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*,
int, const char*);
@ -783,6 +796,8 @@ CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f,
const char* d);
CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f,
int format);
CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm,
const unsigned char* buff, int sz, int format);
CYASSL_API int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER*, unsigned char*,
int sz);
CYASSL_API int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER*, int options);
@ -801,7 +816,8 @@ CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx);
CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int);
CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL);
#define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */
#define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */
#ifdef CYASSL_CALLBACKS

165
FreeRTOS-Plus/CyaSSL/cyassl/test.h
View file

@ -7,6 +7,7 @@
#include <stdlib.h>
#include <assert.h>
#include <ctype.h>
#include <cyassl/ssl.h>
#include <cyassl/ctaocrypt/types.h>
#ifdef USE_WINDOWS_API
@ -44,6 +45,7 @@
#pragma warning(disable:4244 4996)
#endif
#if defined(__MACH__) || defined(USE_WINDOWS_API)
#ifndef _SOCKLEN_T
typedef int socklen_t;
@ -96,20 +98,23 @@
#endif
#define SERVER_DEFAULT_VERSION 3
#define CLIENT_DEFAULT_VERSION 3
/* all certs relative to CyaSSL home directory now */
static const char* caCert = "./certs/ca-cert.pem";
static const char* eccCert = "./certs/server-ecc.pem";
static const char* eccKey = "./certs/ecc-key.pem";
static const char* svrCert = "./certs/server-cert.pem";
static const char* svrKey = "./certs/server-key.pem";
static const char* cliCert = "./certs/client-cert.pem";
static const char* cliKey = "./certs/client-key.pem";
static const char* ntruCert = "./certs/ntru-cert.pem";
static const char* ntruKey = "./certs/ntru-key.raw";
static const char* dhParam = "./certs/dh2048.pem";
static const char* cliEccKey = "./certs/ecc-client-key.pem";
static const char* cliEccCert = "./certs/client-ecc-cert.pem";
static const char* crlPemDir = "./certs/crl";
#define caCert "./certs/ca-cert.pem"
#define eccCert "./certs/server-ecc.pem"
#define eccKey "./certs/ecc-key.pem"
#define svrCert "./certs/server-cert.pem"
#define svrKey "./certs/server-key.pem"
#define cliCert "./certs/client-cert.pem"
#define cliKey "./certs/client-key.pem"
#define ntruCert "./certs/ntru-cert.pem"
#define ntruKey "./certs/ntru-key.raw"
#define dhParam "./certs/dh2048.pem"
#define cliEccKey "./certs/ecc-client-key.pem"
#define cliEccCert "./certs/client-ecc-cert.pem"
#define crlPemDir "./certs/crl"
typedef struct tcp_ready {
int ready; /* predicate */
@ -131,6 +136,7 @@ typedef struct func_args {
tcp_ready* signal;
} func_args;
void wait_tcp_ready(func_args*);
typedef THREAD_RETURN CYASSL_THREAD THREAD_FUNC(void*);
@ -149,9 +155,77 @@ static INLINE void err_sys(const char* msg)
}
#define MY_EX_USAGE 2
extern int myoptind;
extern char* myoptarg;
static INLINE int mygetopt(int argc, char** argv, char* optstring)
{
static char* next = NULL;
char c;
char* cp;
if (myoptind == 0)
next = NULL; /* we're starting new/over */
if (next == NULL || *next == '\0') {
if (myoptind == 0)
myoptind++;
if (myoptind >= argc || argv[myoptind][0] != '-' ||
argv[myoptind][1] == '\0') {
myoptarg = NULL;
if (myoptind < argc)
myoptarg = argv[myoptind];
return -1;
}
if (strcmp(argv[myoptind], "--") == 0) {
myoptind++;
myoptarg = NULL;
if (myoptind < argc)
myoptarg = argv[myoptind];
return -1;
}
next = argv[myoptind];
next++; /* skip - */
myoptind++;
}
c = *next++;
cp = strchr(optstring, c);
if (cp == NULL || c == ':')
return '?';
cp++;
if (*cp == ':') {
if (*next != '\0') {
myoptarg = next;
next = NULL;
}
else if (myoptind < argc) {
myoptarg = argv[myoptind];
myoptind++;
}
else
return '?';
}
return c;
}
#ifdef OPENSSL_EXTRA
static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
{
strncpy(passwd, "yassl123", sz);
return 8;
@ -167,6 +241,7 @@ static INLINE void showPeer(CYASSL* ssl)
CYASSL_CIPHER* cipher;
CYASSL_X509* peer = CyaSSL_get_peer_certificate(ssl);
if (peer) {
char* altName;
char* issuer = CyaSSL_X509_NAME_oneline(
CyaSSL_X509_get_issuer_name(peer), 0, 0);
char* subject = CyaSSL_X509_NAME_oneline(
@ -177,6 +252,10 @@ static INLINE void showPeer(CYASSL* ssl)
printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
subject);
while ( (altName = CyaSSL_X509_get_next_altname(peer)) )
printf(" altname = %s\n", altName);
ret = CyaSSL_X509_get_serial_number(peer, serial, &sz);
if (ret == 0) {
int i;
@ -204,8 +283,8 @@ static INLINE void showPeer(CYASSL* ssl)
#if defined(SESSION_CERTS) && defined(SHOW_CERTS)
{
X509_CHAIN* chain = CyaSSL_get_peer_chain(ssl);
int count = CyaSSL_get_chain_count(chain);
CYASSL_X509_CHAIN* chain = CyaSSL_get_peer_chain(ssl);
int count = CyaSSL_get_chain_count(chain);
int i;
for (i = 0; i < count; i++) {
@ -223,7 +302,7 @@ static INLINE void showPeer(CYASSL* ssl)
static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr,
const char* peer, word16 port)
const char* peer, word16 port, int udp)
{
#ifndef TEST_IPV6
const char* host = peer;
@ -244,11 +323,10 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr,
}
#endif
#ifdef CYASSL_DTLS
*sockfd = socket(AF_INET_V, SOCK_DGRAM, 0);
#else
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
#endif
if (udp)
*sockfd = socket(AF_INET_V, SOCK_DGRAM, 0);
else
*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
memset(addr, 0, sizeof(SOCKADDR_IN_T));
#ifndef TEST_IPV6
@ -275,7 +353,8 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr,
}
#endif
#if defined(TCP_NODELAY) && !defined(CYASSL_DTLS)
#if defined(TCP_NODELAY)
if (!udp)
{
int on = 1;
socklen_t len = sizeof(on);
@ -288,27 +367,28 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr,
}
static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
int udp)
{
SOCKADDR_IN_T addr;
tcp_socket(sockfd, &addr, ip, port);
tcp_socket(sockfd, &addr, ip, port, udp);
if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
err_sys("tcp connect failed");
}
static INLINE void tcp_listen(SOCKET_T* sockfd)
static INLINE void tcp_listen(SOCKET_T* sockfd, int port, int useAnyAddr,
int udp)
{
SOCKADDR_IN_T addr;
/* don't use INADDR_ANY by default, firewall may block, make user switch
on */
#ifdef USE_ANY_ADDR
tcp_socket(sockfd, &addr, INADDR_ANY, yasslPort);
#else
tcp_socket(sockfd, &addr, yasslIP, yasslPort);
#endif
if (useAnyAddr)
tcp_socket(sockfd, &addr, INADDR_ANY, port, udp);
else
tcp_socket(sockfd, &addr, yasslIP, port, udp);
#ifndef USE_WINDOWS_API
{
@ -320,10 +400,10 @@ static INLINE void tcp_listen(SOCKET_T* sockfd)
if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
err_sys("tcp bind failed");
#ifndef CYASSL_DTLS
if (listen(*sockfd, 5) != 0)
err_sys("tcp listen failed");
#endif
if (!udp) {
if (listen(*sockfd, 5) != 0)
err_sys("tcp listen failed");
}
}
@ -351,7 +431,7 @@ static INLINE void udp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args)
{
SOCKADDR_IN_T addr;
tcp_socket(sockfd, &addr, yasslIP, yasslPort);
tcp_socket(sockfd, &addr, yasslIP, yasslPort, 1);
#ifndef USE_WINDOWS_API
@ -379,17 +459,18 @@ static INLINE void udp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args)
*clientfd = udp_read_connect(*sockfd);
}
static INLINE void tcp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args)
static INLINE void tcp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args,
int port, int useAnyAddr, int udp)
{
SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client);
#ifdef CYASSL_DTLS
if (udp) {
udp_accept(sockfd, clientfd, args);
return;
#endif
}
tcp_listen(sockfd);
tcp_listen(sockfd, port, useAnyAddr, udp);
#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER)
/* signal ready to tcp_accept */
@ -545,7 +626,7 @@ static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity,
#ifdef VERIFY_CALLBACK
static int myVerify(int preverify, CYASSL_X509_STORE_CTX* store)
static INLINE int myVerify(int preverify, CYASSL_X509_STORE_CTX* store)
{
char buffer[80];
@ -577,7 +658,7 @@ static int myVerify(int preverify, CYASSL_X509_STORE_CTX* store)
#ifdef HAVE_CRL
static void CRL_CallBack(char* url)
static void INLINE CRL_CallBack(const char* url)
{
printf("CRL callback url = %s\n", url);
}

4
FreeRTOS-Plus/CyaSSL/cyassl/version.h
View file

@ -26,8 +26,8 @@
extern "C" {
#endif
#define LIBCYASSL_VERSION_STRING "2.2.0"
#define LIBCYASSL_VERSION_HEX 0x02002000
#define LIBCYASSL_VERSION_STRING "2.3.0"
#define LIBCYASSL_VERSION_HEX 0x02003000
#ifdef __cplusplus
}