wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 20:12:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,316 Commits 12 Branches 184 Tags
12c358bc30f9793efab4e44445b58a7ce3fb0ecd
Commit Graph

5199 Commits

Author SHA1 Message Date
Sean Parkinson
12c358bc30 Merge pull request #3979 from dgarske/tls13_async 
Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement
 2021-06-15 10:02:19 +10:00
David Garske
77df7d8630 Merge pull request #3968 from elms/pedantic_cleanup 
Fixes for some `-pedantic` errors
 2021-06-14 13:46:39 -07:00
David Garske
831e1713f1 Merge pull request #4076 from TakayukiMatsuo/st_timeout 
Add session ticket timeout check in DoSessionTicket
 2021-06-14 13:44:32 -07:00
Chris Conlon
7ad4a3dffd Merge pull request #4086 from miyazakh/psk_length_zero 
treats a return of zero from callback as no psk available
 2021-06-14 13:54:00 -06:00
David Garske
2e4e65f518 Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement 
* Added async support to `SendTls13ClientHello`, `DoTls13ServerHello` and `DoTls13ClientHello`.
* Cleanup of the example client/server use key share code.
* Fix some scan-build warnings.
ZD 12065
 2021-06-11 14:12:12 -07:00
TakayukiMatsuo
1a9b59b183 Add macro guard for LowResTimer 2021-06-11 11:58:55 +09:00
Sean Parkinson
89156908da Merge pull request #4021 from embhorn/zd12233 
Fix heap-buffer-overflow issues in wolfSSL_SMIME_read_PKCS7
 2021-06-11 12:38:52 +10:00
Sean Parkinson
36a9cd3010 Merge pull request #3911 from TakayukiMatsuo/tk11851 
Fix SSL_read behaving differently from openSSL after bidirectional shutdown
 2021-06-11 10:25:39 +10:00
Sean Parkinson
e720762b5a Merge pull request #4010 from JacobBarthelmeh/fuzzing 
fix for use after free issue on error cases
 2021-06-11 10:21:30 +10:00
John Safranek
4e881a226a Merge pull request #4088 from julek-wolfssl/dtls-mtu-define 
Change magic number 100 bytes to an enum define
 2021-06-10 09:22:08 -07:00
David Garske
624e150c7b Merge pull request #3827 from SparkiDev/tls13_psk_hash 
TLS 1.3 PSK: use the hash algorithm to choose cipher suite
 2021-06-10 06:59:40 -07:00
Sean Parkinson
3ecb8d5a3e Merge pull request #4062 from dgarske/dh_key 
DH Key and Params Export cleanups and Apache httpd fixes
 2021-06-10 20:54:32 +10:00
Sean Parkinson
56c317e1ab Merge pull request #4052 from elms/gcc11_fixes 
fixes for gcc 11 compile and other whitespace
 2021-06-10 15:51:04 +10:00
Sean Parkinson
7e0c372e4c TLS 1.3 PSK: use the hash algorithm to choose cipher suite 
See RFC 8446: 4.2.11
With TLS 1.3 PSK callback, If the returned cipher suite isn't available,
use the hash from the cipher suite and choose from available list.
Require exact match when: WOLFSSL_TLS13_PSK_NO_MATCH_HASH

Alternative callback for client added that is passed a cipher suite
string. Called for each cipher suite that is to be negotiated.
If cipher suite to be used with PSK then return client identity.
Returning an identity based on cipher suite hash will result in
only one PSK extension being added per hash.
 2021-06-10 09:55:27 +10:00
David Garske
c6c7dfd5db Merge pull request #4053 from SparkiDev/cppcheck_fixes_6 
cppcheck: fixes from reviewing report
 2021-06-09 12:51:30 -07:00
David Garske
a6edff7bd5 Merge pull request #4017 from SparkiDev/not_ecc_pk_cb 
ECC: Disable ECC but have Curve25519/448 and PK callbacks fix
 2021-06-09 12:38:37 -07:00
Eric Blankenhorn
a68542e6f4 Fix heap-buffer-overflow issues in wolfSSL_SMIME_read_PKCS7 2021-06-09 08:32:52 -05:00
Elms
5a54bb656b make macros for pragma to compile with gcc11 2021-06-08 19:20:20 -07:00
Sean Parkinson
c6646ae9c8 Merge pull request #4044 from julek-wolfssl/ZD12270 
Check for XREAD when XFREAD fails
 2021-06-09 09:48:25 +10:00
Sean Parkinson
9580574382 Merge pull request #3999 from dgarske/user_io 
Fixes for building with `WOLFSSL_USER_IO`
 2021-06-09 08:55:36 +10:00
David Garske
6db0b42c7f * Refactor of DH key and param exports code (moved into asn.c) enabled with WOLFSSL_DH_EXTRA. 
* Cleanup `WOLFSSL_DH_EXTRA` macro logic and do not allow with FIPS v1 or v2.
* Fixes for httpd (if `SSL_CONF_FLAG_FILE` is defined it is used to indicate support for `SSL_CONF_CTX_set_flags` and `SSL_CONF_cmd_value_type`).
* Add Curve448 and ED448 key type to `enum wc_PkType`.
* Expand `dh_ffdhe_test` to include 4096 bit.
 2021-06-08 09:27:26 -07:00
Jacob Barthelmeh
34d8073fbd remove dead code 2021-06-08 22:45:28 +07:00
Sean Parkinson
88322b82a5 Merge pull request #3871 from julek-wolfssl/openvpn-master 
OpenVPN additions and fixes
 2021-06-08 13:54:14 +10:00
Sean Parkinson
194b494741 Merge pull request #4034 from embhorn/zd12261 
Fix declarations for EVP_VerifyFinal and RSA_private_encrypt
 2021-06-08 12:15:30 +10:00
Sean Parkinson
8ee1dda2f9 Merge pull request #4001 from dgarske/time_long 
Improve TLS v1.3 time rollover support and fixes for NO_ASN_TIME
 2021-06-08 11:17:55 +10:00
Elms
c726cddf1b session_ticket: Add separate member to track compatCb 
This resolves an error:
`ISO C forbids conversion of object pointer to function pointer type`

Instead of casting the function pointer, the extra
member contains the function pointer.
 2021-06-07 15:42:38 -07:00
Hideki Miyazaki
1606746d2d a return of zero from callback as no psk available 2021-06-06 11:53:02 +09:00
Juliusz Sosinowicz
588a424d8d Change magic number 100 bytes to an enum define 2021-06-04 11:27:57 +02:00
David Garske
21060afb80 Fix for building SP math only (small) with key generation. Fix for WOLFSSL_EXTRA. Fix for RSA without PSS. Fix for ed25519 spelling error. 2021-06-03 10:56:54 -07:00
Chris Conlon
6cfb982740 Merge pull request #3981 from miyazakh/qt_oslext_cnf 
Added compatibility layer API
 2021-06-01 15:25:37 -06:00
TakayukiMatsuo
69cf5ef266 Chage to use WOLFSSL_SESSION.bornON instead of WOLFSSL_SESSION.timestamp to hold the ticket creation time. 2021-06-01 15:30:07 +09:00
TakayukiMatsuo
5f7477980c Add session ticket timeout check in DoSessionTicket 2021-06-01 00:09:50 +09:00
TakayukiMatsuo
54dba6a2f2 Add calling wc_FreeMutex for globalRNGMutex 2021-05-28 11:19:40 +09:00
Hideki Miyazaki
1c0fd3f1c0 addressed review comments part3 2021-05-26 06:17:33 +09:00
Hideki Miyazaki
e2284d59bf addressed review comments part2 2021-05-26 06:07:48 +09:00
Hideki Miyazaki
ae502c7a09 addressed review comments part1 2021-05-26 06:07:48 +09:00
Hideki Miyazaki
af67965f65 addressed jenkins failures part1 2021-05-26 06:07:48 +09:00
Hideki Miyazaki
33e91c577f added unit test cases for cmdline 2021-05-26 06:07:47 +09:00
Hideki Miyazaki
394c0b5cdc implemented CONF_cmd 2021-05-26 06:07:47 +09:00
Elms
7127dbeeec fixes for gcc 11 compile and other whitespace 2021-05-25 12:34:04 -07:00
Sean Parkinson
6747055d46 TLS: fix build with no TLSv12 but PK callbacks 
./configure '--disable-tlsv12' '-enable-pkcallbacks'
Disable non-TLS13 cipher suite test as well.
 2021-05-21 10:59:23 +10:00
Sean Parkinson
2c6285ccba cppcheck: fixes from reviewing report 2021-05-20 17:55:06 +10:00
Juliusz Sosinowicz
58e7d5388a Check for XREAD when XFREAD fails 
On Windows we would always fail with `NOT_COMPILED_IN` when reading a  file BIO.
 2021-05-17 16:57:53 +02:00
Eric Blankenhorn
9eebaaf352 Fix declarations for EVP_VerifyFinal and RSA_private_encrypt 2021-05-13 10:48:49 -05:00
Juliusz Sosinowicz
5865dc08dd Code review changes 2021-05-13 15:21:33 +02:00
Chris Conlon
c75830e2e8 Merge pull request #4011 from miyazakh/set_verify_depth2 
fix out of bound access when peer's chain is greater than verifyDepth + 1
 2021-05-11 15:38:39 -06:00
Chris Conlon
ae0591b1db Merge pull request #4016 from miyazakh/qt_sanity_check 
add sanity check
 2021-05-11 15:06:54 -06:00
David Garske
92a524820b Merge pull request #4018 from SparkiDev/jenkins-nightly-1 
Fixes from nightly builds
 2021-05-11 09:11:42 -07:00
John Safranek
a608b083b4 Take into account a new flag in the DTLS state export and import. 2021-05-10 09:33:38 -07:00
David Garske
ead656c4db Fixes for NO_BIO related to ZD11886. Replaces PR #3888. 2021-05-10 09:19:08 -07:00