wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 15:49:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,817 Commits 12 Branches 184 Tags
1b18da7e87ff6414e72e643b994d50c0625bd9f4
Commit Graph

18817 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
1b18da7e87 Merge pull request #5920 from jpbland1/unrecognized-http-header 
remove http header length check for CRL verification
 2022-12-22 17:01:54 -08:00
David Garske
5c89719c51 Merge pull request #5916 from julek-wolfssl/dtls-srtp-keying-material 
DTLS-SRTP: use wolfSSL_export_keying_material instead of wc_PRF_TLS
 2022-12-22 17:01:37 -08:00
David Garske
135b9f0566 Merge pull request #5915 from julek-wolfssl/dtls-remove-realloc-dep 
DtlsMsgCombineFragBuckets: Remove realloc dependency
 2022-12-22 17:01:31 -08:00
David Garske
62e3835b0e Merge pull request #5911 from julek-wolfssl/DtlsMsgPoolSend-sendSz 
DtlsMsgPoolSend: Use correct sendSz
 2022-12-22 17:01:19 -08:00
David Garske
29c46ce867 Merge pull request #5902 from bandi13/ESP-IDF_fixes 
Esp idf v5 fixes
 2022-12-22 17:01:09 -08:00
Chris Conlon
8e0f0d611f Merge pull request #5914 from kojo1/ja 
add Doxygen cmac.h, quic.h
 2022-12-22 15:20:26 -07:00
John Safranek
9ce79c4de8 Merge pull request #5921 from cconlon/libsuffix 2022-12-22 11:37:28 -08:00
David Garske
709461e4aa Merge pull request #5922 from JacobBarthelmeh/Testing 
add crl test file to dist
 2022-12-21 16:30:33 -08:00
Jacob Barthelmeh
db03994899 add crl test file to dist 2022-12-21 15:05:30 -07:00
Chris Conlon
9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
John Bland
b36d585335 remove http header length check for CRL verification 2022-12-21 13:01:58 -05:00
David Garske
4fbd4fd36a Merge pull request #5917 from JacobBarthelmeh/release 
prepare for release 5.5.4
v5.5.4-stable 		2022-12-20 16:15:51 -08:00
JacobBarthelmeh
509ad07dbd Merge pull request #5918 from kareem-wolfssl/zd15369 
Fix length being passed into GetFormattedTime.
 2022-12-20 17:12:13 -07:00
Kareem
eebe04b181 Fix length being passed into GetFormattedTime. 2022-12-20 15:42:02 -07:00
Jacob Barthelmeh
cca63a465d prepare for release 5.5.4 2022-12-20 14:19:59 -07:00
Juliusz Sosinowicz
6a8be960ba DTLS-SRTP: use wolfSSL_export_keying_material instead of wc_PRF_TLS 2022-12-20 16:42:28 +01:00
Juliusz Sosinowicz
2fe6555fcf DtlsMsgCombineFragBuckets: Remove realloc dependency 2022-12-20 13:53:03 +01:00
Takashi Kojo
5ff8bec975 add Doxygen cmac.h, quic.h 2022-12-20 17:44:52 +09:00
David Garske
6f7d8d287d Merge pull request #5905 from JacobBarthelmeh/cert_update 
end of year certificate update
 2022-12-19 09:52:53 -08:00
Andras Fekete
bc15f67d8d Fixing indentation on preprocessor commands 2022-12-19 11:13:58 -05:00
András Fekete
11fcb790b1 Merge branch 'wolfSSL:master' into ESP-IDF_fixes 2022-12-19 11:11:55 -05:00
Juliusz Sosinowicz
53b2be06d3 DtlsMsgPoolSend: Use correct sendSz 
pool->sz is the size without the record header. The handshake header is present already.

Reproducible with
  ./udp_proxy -p 12345 -s 127.0.0.1:11111 -x 1:3 -S server
or
  ./udp_proxy -p 12345 -s 127.0.0.1:11111 -x 1:3 -S server
and
  ./examples/server/server -l ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305 -u -i
  ./examples/client/client -l ECDHE-RSA-AES256-GCM-SHA384 -u -R -p 12345 -i
 2022-12-19 17:07:37 +01:00
JacobBarthelmeh
3d1775320b Merge pull request #5900 from icing/tls12-no-tickets 
WOLFSSL_OP_NO_TICKET fix for TLSv1.2
 2022-12-16 14:42:50 -07:00
JacobBarthelmeh
91f8b5e58e Merge pull request #5903 from douzzer/20221216-fix-benchmark 
20221216-fix-benchmark
 2022-12-16 14:35:12 -07:00
JacobBarthelmeh
c6aaa1310e end of year certificate update 2022-12-16 13:32:37 -08:00
Kaleb Himes
b90c07900b Merge pull request #5904 from anhu/FIPS_fix 
ENABLED_FIPS doesn't hold the version; FIPS_VERSION does.
 2022-12-16 14:16:47 -07:00
Anthony Hu
24d7f85016 ENABLED_FIPS doesn't hold the version; FIPS_VERSION does. 
Found with:

./configure --enable-engine=fips=v2
 2022-12-16 14:06:43 -05:00
Daniel Pouzzner
04b31518ba wolfcrypt/benchmark/benchmark.c: fix calculation of outer iteration constant in bench_aesecb_internal(); fix .c.h clash in argument name ("useDevId" vs "useDeviceID"). 2022-12-16 12:55:37 -06:00
Andras Fekete
d0f0d66b80 Add in changes to wolfssl_server 2022-12-16 11:55:53 -05:00
Andras Fekete
814ad9fc38 Better fixes 2022-12-16 11:55:28 -05:00
Andras Fekete
b9e69f1795 Fixes for wolfssl_client example 2022-12-16 10:23:09 -05:00
David Garske
5c21e40bce Merge pull request #5899 from SparkiDev/regression_fixes_5 
Fixes from regression testing.
 2022-12-16 06:54:26 -08:00
David Garske
07dcd5270e Merge pull request #5898 from cconlon/androidSystemCa 
Add Android CA certs path for wolfSSL_CTX_load_system_CA_certs()
 2022-12-16 06:12:24 -08:00
Stefan Eissing
9d0b16097e Fix builds without session tickets. 2022-12-16 09:40:51 +01:00
Stefan Eissing
dccabc60a5 Disabling TLSv1.2 session tickets when WOLFSSL_OP_NO_TICKET is being set. 
There seems to have been a misunderstanding that WOLFSSL_OP_NO_TICKET would only disable tickets
for TLS version lower than 1.2. But it includes 1.2 as well.
 2022-12-16 09:29:44 +01:00
Sean Parkinson
45e3c721b3 Fixes from regression testing. 
Fix random prime generation for big endian to set low bits after
shifting top word.
Allow SP_MATH to be built without RSA, DH and ECC - needed for PKCS#12.
Add DH 2048 bit parameters to cert_test.c for test.c when NO_ASN and
WOLFSSL_SP_MATH.
 2022-12-16 14:43:29 +10:00
David Garske
502fd843ec Merge pull request #5897 from gojimmypi/gojimmypi-initialize-resp_length 
initialize resp_length = 0 in tls.c
 2022-12-15 17:23:48 -08:00
Chris Conlon
f9bd8f76de add Android system CA certs path for to wolfSSL_CTX_load_system_CA_certs() usage 2022-12-15 16:39:48 -07:00
Sean Parkinson
4434d898a1 Merge pull request #5894 from kaleb-himes/fix-leak 
Fix a quick leak in the test apps
 2022-12-16 08:04:50 +10:00
JacobBarthelmeh
aa784397b0 Merge pull request #5896 from cconlon/atexitOSX 
AC_CHECK_DECLS for atexit needs stdlib.h on OSX
 2022-12-15 15:00:29 -07:00
Andras Fekete
b823da9bb9 Fix build issues with the latest ESP-IDF 2022-12-15 16:11:39 -05:00
gojimmypi
e0c9586b79 initialize resp_length = 0 in tls.c 2022-12-15 12:51:33 -08:00
kaleb-himes
b23db16ff8 Refactor the double-free fix 2022-12-15 12:21:08 -07:00
David Garske
668efea464 Merge pull request #5884 from icing/ssl-set-ssl-ctx 
Fix wolfSSL_set_SSL_CTX() to be usable during handshake.
 2022-12-15 10:59:54 -08:00
Chris Conlon
8c54bd0fb1 check for atexit needs stdlib.h on OSX, fixes configure sed error 2022-12-15 11:23:37 -07:00
David Garske
908744dc0f Merge pull request #5646 from JacobBarthelmeh/caam 
benchmark devid changes, CCM with SECO fix, set IV on AES import into SECO
 2022-12-15 10:01:01 -08:00
David Garske
d9ca5f6d3a Merge pull request #5893 from kaleb-himes/mtu-with-static-mem 
Add alt case for unsupported static memory API
 2022-12-15 09:22:21 -08:00
David Garske
d46813953d Merge pull request #5892 from tatowicz/decodealtnames-fuzz-fix 
Add Overflow check to DecodeAltNames input buffer access
 2022-12-15 09:21:37 -08:00
kaleb-himes
46c47e4adc Fix a quick leak in the test apps 
Fix a double-free scenario also
 2022-12-15 09:13:45 -07:00
Stefan Eissing
78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake. 
This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.
 2022-12-15 09:33:01 +01:00