WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix stack-check warnings for newer versions but fastmath still has some so take away warning for now

pull/1/head
toddouska 2012-10-30 17:35:12 -07:00
parent f175bd302d
commit 01138a5c53
8 changed files with 152 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ctaocrypt/benchmark/benchmark.c
View File

@ -422,7 +422,7 @@ RNG rng;
void bench_rsa(void) void bench_rsa(void)
{ {
int i; int i;
byte tmp[4096]; byte tmp[3072];
size_t bytes; size_t bytes;
word32 idx = 0; word32 idx = 0;

86
ctaocrypt/src/asn.c
View File

@ -1264,7 +1264,7 @@ static int GetKey(DecodedCert* cert)
if ( (next - key) < 0) if ( (next - key) < 0)
return ASN_NTRU_KEY_E; return ASN_NTRU_KEY_E;
cert->srcIdx = tmpIdx + (next - key); cert->srcIdx = tmpIdx + (int)(next - key);
cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap, cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap,
DYNAMIC_TYPE_PUBLIC_KEY); DYNAMIC_TYPE_PUBLIC_KEY);
@ -2972,17 +2972,29 @@ static mp_int* GetRsaInt(RsaKey* key, int idx)
} }
/* Release Tmp RSA resources */
static INLINE void FreeTmpRsas(byte** tmps, void* heap)
{
int i;
(void)heap;
for (i = 0; i < RSA_INTS; i++)
XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
}
/* Convert RsaKey key to DER format, write to output (inLen), return bytes /* Convert RsaKey key to DER format, write to output (inLen), return bytes
written */ written */
int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
{ {
word32 seqSz, verSz, rawLen, intTotalLen = 0; word32 seqSz, verSz, rawLen, intTotalLen = 0;
word32 sizes[RSA_INTS]; word32 sizes[RSA_INTS];
int i, j, outLen; int i, j, outLen, ret = 0;
byte seq[MAX_SEQ_SZ]; byte seq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ]; byte ver[MAX_VERSION_SZ];
byte tmps[RSA_INTS][MAX_RSA_INT_SZ]; byte* tmps[RSA_INTS];
if (!key || !output) if (!key || !output)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -2990,25 +3002,43 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
if (key->type != RSA_PRIVATE) if (key->type != RSA_PRIVATE)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
for (i = 0; i < RSA_INTS; i++)
tmps[i] = NULL;
/* write all big ints from key to DER tmps */ /* write all big ints from key to DER tmps */
for (i = 0; i < RSA_INTS; i++) { for (i = 0; i < RSA_INTS; i++) {
mp_int* keyInt = GetRsaInt(key, i); mp_int* keyInt = GetRsaInt(key, i);
rawLen = mp_unsigned_bin_size(keyInt); rawLen = mp_unsigned_bin_size(keyInt);
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
DYNAMIC_TYPE_RSA);
if (tmps[i] == NULL) {
ret = MEMORY_E;
break;
}
tmps[i][0] = ASN_INTEGER; tmps[i][0] = ASN_INTEGER;
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */ sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
if ( (sizes[i] + rawLen) < sizeof(tmps[i])) { if (sizes[i] <= MAX_SEQ_SZ) {
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]); int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) { if (err == MP_OKAY) {
sizes[i] += rawLen; sizes[i] += rawLen;
intTotalLen += sizes[i]; intTotalLen += sizes[i];
} }
else else {
return err; ret = err;
break;
}
} }
else else {
return ASN_INPUT_E; ret = ASN_INPUT_E;
break;
}
}
if (ret != 0) {
FreeTmpRsas(tmps, key->heap);
return ret;
} }
/* make headers */ /* make headers */
@ -3029,6 +3059,7 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
XMEMCPY(output + j, tmps[i], sizes[i]); XMEMCPY(output + j, tmps[i], sizes[i]);
j += sizes[i]; j += sizes[i];
} }
FreeTmpRsas(tmps, key->heap);
return outLen; return outLen;
} }
@ -4051,10 +4082,18 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
/* Set cert issuer from issuerFile in PEM */ /* Set cert issuer from issuerFile in PEM */
int SetIssuer(Cert* cert, const char* issuerFile) int SetIssuer(Cert* cert, const char* issuerFile)
{ {
byte der[8192]; int derSz;
int derSz = CyaSSL_PemCertToDer(issuerFile, der, sizeof(der)); byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
if (der == NULL) {
CYASSL_MSG("SetIssuer OOF Problem");
return MEMORY_E;
}
derSz = CyaSSL_PemCertToDer(issuerFile, der, EIGHTK_BUF);
cert->selfSigned = 0; cert->selfSigned = 0;
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
return SetNameFromCert(&cert->issuer, der, derSz); return SetNameFromCert(&cert->issuer, der, derSz);
} }
@ -4062,8 +4101,16 @@ int SetIssuer(Cert* cert, const char* issuerFile)
/* Set cert subject from subjectFile in PEM */ /* Set cert subject from subjectFile in PEM */
int SetSubject(Cert* cert, const char* subjectFile) int SetSubject(Cert* cert, const char* subjectFile)
{ {
byte der[8192]; int derSz;
int derSz = CyaSSL_PemCertToDer(subjectFile, der, sizeof(der)); byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
if (der == NULL) {
CYASSL_MSG("SetSubject OOF Problem");
return MEMORY_E;
}
derSz = CyaSSL_PemCertToDer(subjectFile, der, EIGHTK_BUF);
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
return SetNameFromCert(&cert->subject, der, derSz); return SetNameFromCert(&cert->subject, der, derSz);
} }
@ -4074,8 +4121,15 @@ int SetSubject(Cert* cert, const char* subjectFile)
/* Set atl names from file in PEM */ /* Set atl names from file in PEM */
int SetAltNames(Cert* cert, const char* file) int SetAltNames(Cert* cert, const char* file)
{ {
byte der[8192]; int derSz;
int derSz = CyaSSL_PemCertToDer(file, der, sizeof(der)); byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
if (der == NULL) {
CYASSL_MSG("SetAltNames OOF Problem");
return MEMORY_E;
}
derSz = CyaSSL_PemCertToDer(file, der, EIGHTK_BUF);
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
return SetAltNamesFromCert(cert, der, derSz); return SetAltNamesFromCert(cert, der, derSz);
} }

5
ctaocrypt/src/integer.c
View File

@ -37,6 +37,11 @@
#include <cyassl/ctaocrypt/integer.h> #include <cyassl/ctaocrypt/integer.h>
#ifndef NO_CYASSL_SMALL_STACK
#ifndef CYASSL_SMALL_STACK
#define CYASSL_SMALL_STACK
#endif
#endif
/* math settings check */ /* math settings check */
word32 CheckRunTimeSettings(void) word32 CheckRunTimeSettings(void)

2
ctaocrypt/src/tfm.c
View File

@ -1005,7 +1005,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
} }
/* grab the next msb from the exponent */ /* grab the next msb from the exponent */
y = (fp_digit)(buf >> (DIGIT_BIT - 1)) & 1; y = (int)(buf >> (DIGIT_BIT - 1)) & 1;
buf <<= (fp_digit)1; buf <<= (fp_digit)1;
/* do ops */ /* do ops */

103
ctaocrypt/test/test.c
View File

@ -1364,7 +1364,9 @@ int random_test(void)
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
static byte GetEntropy(ENTROPY_CMD cmd, byte* out) byte GetEntropy(ENTROPY_CMD cmd, byte* out);
byte GetEntropy(ENTROPY_CMD cmd, byte* out)
{ {
static RNG rng; static RNG rng;
@ -1403,11 +1405,12 @@ static const char* clientCert = "./certs/client-cert.der";
static const char* caCertFile = "./certs/ca-cert.pem"; static const char* caCertFile = "./certs/ca-cert.pem";
#endif #endif
#define FOURK_BUF 4096
int rsa_test(void) int rsa_test(void)
{ {
byte tmp[2048], tmp2[2048]; byte* tmp;
size_t bytes, bytes2; size_t bytes;
RsaKey key; RsaKey key;
RNG rng; RNG rng;
word32 idx = 0; word32 idx = 0;
@ -1420,13 +1423,17 @@ int rsa_test(void)
DecodedCert cert; DecodedCert cert;
#endif #endif
tmp = (byte*)malloc(FOURK_BUF);
if (tmp == NULL)
return -40;
FILE* file = fopen(clientKey, "rb"), * file2; FILE* file = fopen(clientKey, "rb"), * file2;
if (!file) if (!file)
err_sys("can't open ./certs/client-key.der, " err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -40); "Please run from CyaSSL home dir", -40);
bytes = fread(tmp, 1, sizeof(tmp), file); bytes = fread(tmp, 1, FOURK_BUF, file);
InitRsaKey(&key, 0); InitRsaKey(&key, 0);
ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
@ -1456,17 +1463,15 @@ int rsa_test(void)
if (!file2) if (!file2)
return -49; return -49;
bytes2 = fread(tmp2, 1, sizeof(tmp2), file2); bytes = fread(tmp, 1, FOURK_BUF, file2);
#ifdef CYASSL_TEST_CERT #ifdef CYASSL_TEST_CERT
InitDecodedCert(&cert, (byte*)&tmp2, (word32)bytes2, 0); InitDecodedCert(&cert, (byte*)&tmp, (word32)bytes2, 0);
ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0); ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) return -491; if (ret != 0) return -491;
FreeDecodedCert(&cert); FreeDecodedCert(&cert);
#else
(void)bytes2;
#endif #endif
fclose(file2); fclose(file2);
@ -1474,8 +1479,8 @@ int rsa_test(void)
#ifdef CYASSL_KEY_GEN #ifdef CYASSL_KEY_GEN
{ {
byte der[4096]; byte* der;
byte pem[4096]; byte* pem;
int derSz = 0; int derSz = 0;
int pemSz = 0; int pemSz = 0;
RsaKey derIn; RsaKey derIn;
@ -1488,7 +1493,14 @@ int rsa_test(void)
if (ret != 0) if (ret != 0)
return -301; return -301;
derSz = RsaKeyToDer(&genKey, der, sizeof(der)); der = (byte*)malloc(FOURK_BUF);
if (der == NULL)
return -307;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -308;
derSz = RsaKeyToDer(&genKey, der, FOURK_BUF);
if (derSz < 0) if (derSz < 0)
return -302; return -302;
@ -1498,7 +1510,7 @@ int rsa_test(void)
ret = (int)fwrite(der, derSz, 1, keyFile); ret = (int)fwrite(der, derSz, 1, keyFile);
fclose(keyFile); fclose(keyFile);
pemSz = DerToPem(der, derSz, pem, sizeof(pem), PRIVATEKEY_TYPE); pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
if (pemSz < 0) if (pemSz < 0)
return -304; return -304;
@ -1516,6 +1528,8 @@ int rsa_test(void)
FreeRsaKey(&derIn); FreeRsaKey(&derIn);
FreeRsaKey(&genKey); FreeRsaKey(&genKey);
free(pem);
free(der);
} }
#endif /* CYASSL_KEY_GEN */ #endif /* CYASSL_KEY_GEN */
@ -1524,8 +1538,8 @@ int rsa_test(void)
/* self signed */ /* self signed */
{ {
Cert myCert; Cert myCert;
byte derCert[4096]; byte* derCert;
byte pem[4096]; byte* pem;
FILE* derFile; FILE* derFile;
FILE* pemFile; FILE* pemFile;
int certSz; int certSz;
@ -1534,6 +1548,13 @@ int rsa_test(void)
DecodedCert decode; DecodedCert decode;
#endif #endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
return -309;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -310;
InitCert(&myCert); InitCert(&myCert);
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
@ -1546,7 +1567,7 @@ int rsa_test(void)
myCert.isCA = 1; myCert.isCA = 1;
myCert.sigType = CTC_SHA256wRSA; myCert.sigType = CTC_SHA256wRSA;
certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng); certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
if (certSz < 0) if (certSz < 0)
return -401; return -401;
@ -1563,7 +1584,7 @@ int rsa_test(void)
ret = (int)fwrite(derCert, certSz, 1, derFile); ret = (int)fwrite(derCert, certSz, 1, derFile);
fclose(derFile); fclose(derFile);
pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE); pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0) if (pemSz < 0)
return -404; return -404;
@ -1572,36 +1593,42 @@ int rsa_test(void)
return -405; return -405;
ret = (int)fwrite(pem, pemSz, 1, pemFile); ret = (int)fwrite(pem, pemSz, 1, pemFile);
fclose(pemFile); fclose(pemFile);
free(pem);
free(derCert);
} }
/* CA style */ /* CA style */
{ {
RsaKey caKey; RsaKey caKey;
Cert myCert; Cert myCert;
byte derCert[4096]; byte* derCert;
byte pem[4096]; byte* pem;
FILE* derFile; FILE* derFile;
FILE* pemFile; FILE* pemFile;
int certSz; int certSz;
int pemSz; int pemSz;
byte tmp3[2048];
size_t bytes3; size_t bytes3;
word32 idx3 = 0; word32 idx3 = 0;
#ifdef CYASSL_TEST_CERT #ifdef CYASSL_TEST_CERT
DecodedCert decode; DecodedCert decode;
#endif #endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
return -311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -312;
FILE* file3 = fopen(caKeyFile, "rb"); FILE* file3 = fopen(caKeyFile, "rb");
if (!file3) if (!file3)
return -412; return -412;
bytes3 = fread(tmp3, 1, sizeof(tmp3), file3); bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3); fclose(file3);
InitRsaKey(&caKey, 0); InitRsaKey(&caKey, 0);
ret = RsaPrivateKeyDecode(tmp3, &idx3, &caKey, (word32)bytes3); ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -413; if (ret != 0) return -413;
InitCert(&myCert); InitCert(&myCert);
@ -1618,11 +1645,11 @@ int rsa_test(void)
if (ret < 0) if (ret < 0)
return -405; return -405;
certSz = MakeCert(&myCert, derCert, sizeof(derCert), &key, &rng); certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, &rng);
if (certSz < 0) if (certSz < 0)
return -407; return -407;
certSz = SignCert(&myCert, derCert, sizeof(derCert), &caKey, &rng); certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
if (certSz < 0) if (certSz < 0)
return -408; return -408;
@ -1641,7 +1668,7 @@ int rsa_test(void)
ret = (int)fwrite(derCert, certSz, 1, derFile); ret = (int)fwrite(derCert, certSz, 1, derFile);
fclose(derFile); fclose(derFile);
pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE); pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0) if (pemSz < 0)
return -411; return -411;
@ -1650,25 +1677,32 @@ int rsa_test(void)
return -412; return -412;
ret = (int)fwrite(pem, pemSz, 1, pemFile); ret = (int)fwrite(pem, pemSz, 1, pemFile);
fclose(pemFile); fclose(pemFile);
free(pem);
free(derCert);
} }
#ifdef HAVE_NTRU #ifdef HAVE_NTRU
{ {
RsaKey caKey; RsaKey caKey;
Cert myCert; Cert myCert;
byte derCert[4096]; byte* derCert;
byte pem[4096]; byte* pem;
FILE* derFile; FILE* derFile;
FILE* pemFile; FILE* pemFile;
FILE* caFile; FILE* caFile;
FILE* ntruPrivFile; FILE* ntruPrivFile;
int certSz; int certSz;
int pemSz; int pemSz;
byte tmp[2048];
size_t bytes; size_t bytes;
word32 idx = 0; word32 idx = 0;
#ifdef CYASSL_TEST_CERT #ifdef CYASSL_TEST_CERT
DecodedCert decode; DecodedCert decode;
#endif #endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
return -311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
return -312;
byte public_key[557]; /* sized for EES401EP2 */ byte public_key[557]; /* sized for EES401EP2 */
word16 public_key_len; /* no. of octets in public key */ word16 public_key_len; /* no. of octets in public key */
@ -1700,7 +1734,7 @@ int rsa_test(void)
if (!caFile) if (!caFile)
return -453; return -453;
bytes = fread(tmp, 1, sizeof(tmp), caFile); bytes = fread(tmp, 1, FOURK_BUF, caFile);
fclose(caFile); fclose(caFile);
InitRsaKey(&caKey, 0); InitRsaKey(&caKey, 0);
@ -1721,12 +1755,12 @@ int rsa_test(void)
if (ret < 0) if (ret < 0)
return -455; return -455;
certSz = MakeNtruCert(&myCert, derCert, sizeof(derCert), public_key, certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
public_key_len, &rng); public_key_len, &rng);
if (certSz < 0) if (certSz < 0)
return -456; return -456;
certSz = SignCert(&myCert, derCert, sizeof(derCert), &caKey, &rng); certSz = SignCert(&myCert, derCert, FOURK_BUF, &caKey, &rng);
if (certSz < 0) if (certSz < 0)
return -457; return -457;
@ -1744,7 +1778,7 @@ int rsa_test(void)
ret = fwrite(derCert, certSz, 1, derFile); ret = fwrite(derCert, certSz, 1, derFile);
fclose(derFile); fclose(derFile);
pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE); pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0) if (pemSz < 0)
return -460; return -460;
@ -1759,11 +1793,14 @@ int rsa_test(void)
return -462; return -462;
ret = fwrite(private_key, private_key_len, 1, ntruPrivFile); ret = fwrite(private_key, private_key_len, 1, ntruPrivFile);
fclose(ntruPrivFile); fclose(ntruPrivFile);
free(pem);
free(derCert);
} }
#endif /* HAVE_NTRU */ #endif /* HAVE_NTRU */
#endif /* CYASSL_CERT_GEN */ #endif /* CYASSL_CERT_GEN */
FreeRsaKey(&key); FreeRsaKey(&key);
free(tmp);
return 0; return 0;
} }

1
cyassl/ctaocrypt/asn.h
View File

@ -142,6 +142,7 @@ enum Misc_ASN {
#endif #endif
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */ MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */ MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
EIGHTK_BUF = 8192, /* Tmp buffer size */
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2 MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
/* use bigger NTRU size */ /* use bigger NTRU size */
}; };

3
m4/ax_harden_compiler_flags.m4
View File

@ -58,6 +58,7 @@
# AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_cflags_extra]) # AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_cflags_extra])
# AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_cflags_extra]) # AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_cflags_extra])
# AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_cflags_extra]) # AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_cflags_extra])
# AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cflags_extra]) -- problems with fastmath stack size checks
#serial 4 #serial 4
@ -113,7 +114,6 @@
AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cflags_extra]) AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cflags_extra])
],[]) ],[])
AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cflags_extra])
AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cflags_extra]) AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cflags_extra])
AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cflags_extra]) AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cflags_extra])
@ -179,7 +179,6 @@
AS_IF([test "$ac_cv_vcs_checkout" = "yes" ], [ AS_IF([test "$ac_cv_vcs_checkout" = "yes" ], [
AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_cxxflags_extra]) AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_cxxflags_extra])
AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cxxflags_extra])
],[ ],[
AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cxxflags_extra]) AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cxxflags_extra])
]) ])

6
src/ssl.c
View File

@ -3175,7 +3175,7 @@ int CyaSSL_set_compression(CYASSL* ssl)
because of SSL_write behavior and because front adds may be small */ because of SSL_write behavior and because front adds may be small */
int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt) int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt)
{ {
byte tmp[OUTPUT_RECORD_SIZE]; byte tmp[FILE_BUFFER_SIZE];
byte* myBuffer = tmp; byte* myBuffer = tmp;
int send = 0; int send = 0;
int newBuffer = 0; int newBuffer = 0;
@ -6855,8 +6855,8 @@ static int initGlobalRNG = 0;
/* return 1 on success else 0 */ /* return 1 on success else 0 */
int CyaSSL_DH_generate_key(CYASSL_DH* dh) int CyaSSL_DH_generate_key(CYASSL_DH* dh)
{ {
unsigned char pub [1024]; unsigned char pub [768];
unsigned char priv[1024]; unsigned char priv[768];
word32 pubSz = sizeof(pub); word32 pubSz = sizeof(pub);
word32 privSz = sizeof(priv); word32 privSz = sizeof(priv);
RNG tmpRNG; RNG tmpRNG;