9 Commits

Author SHA1 Message Date
Daniel Pouzzner d638d2afd7 Merge pull request #10209 from ColtonWilley/harden-chain-depth-and-parser-bounds
Harden chain depth bounds and parser input validation
2026-07-03 01:03:36 -05:00
Daniel Pouzzner 076dc5a206 Merge pull request #10773 from rlm2002/coverity
24062026 Coverity fixes
2026-07-01 17:59:19 -05:00
Daniel Pouzzner 5a9a49d5d5 Merge pull request #10730 from rizlik/dtlsv13_interop
dtlsv13: fix: send correct CH2 when server do not send HRR
2026-07-01 16:40:29 -05:00
Daniel Pouzzner 8452f2b2e0 wolfssl/wolfcrypt/wc_port.h: keep #define INLINE WC_INLINE even for latest FIPS;
tests/api.c: use WOLFSSL_FILETYPE_PEM, not SSL_FILETYPE_PEM;

tests/api/test_dtls.c and tests/api/test_dtls13.c: use WOLFSSL_ERROR_WANT_READ, not SSL_ERROR_WANT_READ.
2026-06-27 22:31:48 -05:00
Ruby Martin c26f22e9f9 Correct assignment to ssl->options.tls1_3 2026-06-25 14:44:03 -06:00
Marco Oliverio 9e7958c108 dtlsv13: fix: send correct CH2 when server do not send HRR 2026-06-18 13:46:08 +02:00
Sean Parkinson b04f573e20 Regression testing fixes - memory allocation failure testing
crl.c, internal.h: leak of sigParams requiring reorder the struct fields to that it is above memcpy part.
dtl13.c: free the DRLS fragments buffer in Dtls13FreeFsmResources in case fragment is never sent.
ocsp.c: only free cid if locally allocated.
tls.c: make sure ecc_kse is zeroized and can be freed.
tls13.c: set hsHashesEch after init so isn't lost on failure.
evp_pk.c: free key on the BIO error path

Fixed various tests to not leak or crash on memory allocation failure.
2026-06-11 12:14:06 +10:00
Colton Willey 5b8b61bda6 Merge master into harden-chain-depth-and-parser-bounds
Master's test reorg (c674cec4a) moved test_dtls13_oversized_cert_chain into
the new tests/api/test_dtls13.c. This branch removes that test, so resolve by
taking master's test_dtls.{c,h} and re-applying the removal in test_dtls13.{c,h}.
2026-06-04 10:10:52 -07:00
Sean Parkinson c674cec4ac api.c: move out tests into other files
Move out DTLS 1.3 specific tests into test_dtls13.c. (Also move out from
test_dtls.c)
Move out DTLS tests into test_dtls.c.
Move out LMS and XMSS tests into test_lms_xmss.c.
Move out SSL session tests into test_session.c.
Move out remaining ML-DSA/Dilithium tests in api.c into test_mldsa.c.
2026-05-28 19:34:09 +10:00