Commit Graph

4341 Commits

Author SHA1 Message Date
toddouska e84defb268 Merge pull request #3044 from dgarske/sniffer_tls13
TLS v1.3 sniffer support
2020-07-24 11:46:38 -07:00
David Garske 38cef2b3c9 Merge pull request #3151 from ejohnstown/dtls-size
DTLS Size Fix
2020-07-24 08:19:50 -07:00
JacobBarthelmeh 81475fac96 Merge pull request #3154 from embhorn/zd10651
Fix build error with X509_SMALL config
2020-07-23 13:34:29 -06:00
John Safranek 839044d9e1 1. Remove dead assignment from client test.
2. Fix memory leak in example server test.
3. Use verify callback on certificates to allow callback to fail
   them.
4. Restore the forced failure test cases.
5. Make the verify action thread local.
2020-07-23 12:26:49 -07:00
JacobBarthelmeh 303d0dfedb Merge pull request #3157 from embhorn/zd10631
Fix build issue with OPENSSL_EXTRA_X509_SMALL
2020-07-23 13:18:28 -06:00
toddouska e198f6e73b Merge pull request #3141 from SparkiDev/tls_cert_alert
Send more detail alerts for bad certificates
2020-07-22 16:46:14 -07:00
toddouska d75e6d4f55 Merge pull request #3131 from JacobBarthelmeh/Testing
add sanity check on padSz
2020-07-22 16:39:27 -07:00
Eric Blankenhorn 9b421ce497 Fix for config failure 2020-07-22 17:22:46 -05:00
Eric Blankenhorn 39271e9234 Fix build issue with OPENSSL_EXTRA_X509_SMALL 2020-07-22 14:08:57 -05:00
Eric Blankenhorn 89913076f1 Fix build error with X509_SMALL config 2020-07-21 16:36:30 -05:00
Sean Parkinson c45e192581 Send more detail alerts for bad certificates 2020-07-22 00:07:23 +10:00
John Safranek 5d5aa129ca When attempting to send a message with DTLS, if it is too large, return an error rather than splitting it across records. (ZD 10602) 2020-07-20 16:14:53 -07:00
John Safranek 10c293a76c SCTP Test
1. Removed test cases for DTLSv1.0 that used AEAD ciphers.
2. Cleaned up some typos in the test configs.
3. Fixed typo in a WOLFSSL_SCTP ifdef check.
2020-07-20 15:03:48 -07:00
David Garske 9409d8682f Fix for building without session-ticket. 2020-07-17 15:22:35 -07:00
David Garske e15e0828bf Cleanup of the SHOW_SECRET debugging. Use only latest wolf API's (not older Cyassl names). 2020-07-17 15:22:35 -07:00
David Garske 3be390d50d Added TLS v1.3 session resumption support. TLS v1.3 uses session tickets and a resumption secret is derived after the "finished" message. This uses the internal static wolf session cache to retain the resumption secret between sniffer sessions. 2020-07-17 15:22:35 -07:00
David Garske 1b051d9c5b TLS v1.3 sniffer support:
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
2020-07-17 15:22:35 -07:00
JacobBarthelmeh 01a01c373f sanity check on return value for wolfSSL_X509_NAME_ENTRY_get_object 2020-07-17 11:03:12 -06:00
toddouska 9137794cb4 Merge pull request #3105 from embhorn/zd10457_a
Adding wolfSSL_X509_check_ip_asc
2020-07-16 10:53:27 -07:00
Eric Blankenhorn f2b279e834 Update from review 2020-07-15 20:57:04 -05:00
toddouska fbe0c8cba7 Merge pull request #3122 from JacobBarthelmeh/Compatibility-Layer
fix X509 multiple OU's and refactor
2020-07-15 15:06:22 -07:00
toddouska 925e9d9213 Merge pull request #3075 from julek-wolfssl/dtls-no-cookie
DTLS session resumption fixes
2020-07-15 14:07:34 -07:00
Eric Blankenhorn 525a3cb9c3 Move API out of OPENSSL_EXTRA 2020-07-15 10:48:11 -05:00
Eric Blankenhorn d1a82589f9 Adding wolfSSL_X509_check_ip_asc 2020-07-15 10:48:11 -05:00
David Garske 12478a4534 Merge pull request #3128 from tmael/fips_ossl
Correct string truncation of XSTRNCAT
2020-07-14 17:17:27 -07:00
Jacob Barthelmeh a8736dd89d set heap hint for name malloc 2020-07-14 14:23:49 -06:00
toddouska 1caa6f860b Merge pull request #3088 from kaleb-himes/ZD10539
Change Hash union to wc_Hmac_Hash
2020-07-14 11:23:30 -07:00
Jacob Barthelmeh 173b9833fc fixes for edge build cases and static memory 2020-07-14 09:07:23 -06:00
Tesfa Mael aee208f1b1 Correct build 2020-07-13 17:29:12 -07:00
Jacob Barthelmeh 85437e4097 add sanity check on padSz 2020-07-13 17:17:57 -06:00
Jacob Barthelmeh 63c8f7d1b1 x509 small build and memory free 2020-07-13 15:51:27 -06:00
Chris Conlon a77085960e Merge pull request #3103 from TakayukiMatsuo/master
Supprted TSIP v1.09 for target board GR-ROSE
2020-07-13 14:35:07 -06:00
Jacob Barthelmeh d880d59974 fix for init of renegotiation and fix for compiler warnings 2020-07-13 00:31:40 -06:00
Jacob Barthelmeh eec5f4a109 set initial NID value and account for null character on string 2020-07-12 19:54:50 -06:00
Jacob Barthelmeh 2aaeb2a2df fix X509 multiple OU's and refactor 2020-07-10 17:12:20 -06:00
toddouska a90d6b2a5e Merge pull request #3039 from tmael/cov-fix2
Coverity fix in wolfSSL 4.4.0 - part 2
2020-07-10 13:06:22 -07:00
kaleb-himes 64c0d53a2d Use portable friendly XVALIDATE_DATE in ssl.c and add wc_ to default 2020-07-10 09:43:24 -06:00
David Garske ed0f2bb8f5 Added sniffer API's to load buffer directly, not file. ZD 10547 2020-07-09 08:54:26 -07:00
TakayukiMatsuo 942226dc5a Merge branch 'master' of https://github.com/wolfSSL/wolfssl to get updated ocsp tests 2020-07-09 07:47:54 +09:00
Sean Parkinson b952f18eb4 Merge pull request #3104 from JacobBarthelmeh/nginx
Nginx 1.15.7
2020-07-09 08:46:30 +10:00
Tesfa Mael 890500c1b1 Fix Coverity 2020-07-08 08:20:43 -07:00
Eric Blankenhorn b9855b51bf Sanity check in DoTls13HandShakeMsgType 2020-07-08 07:55:05 -05:00
JacobBarthelmeh e194a11cb8 add wolfSSL_SESSION_new and change to peek error 2020-07-06 10:47:46 -06:00
TakayukiMatsuo 9554e54e8f Resolved conflict 2020-07-06 10:58:58 +09:00
Guido Vranken 04d063f2ba In TLSX_SupportedFFDHE_Set, free TLSX list if TLSX_PopulateSupportedGroups fails 2020-07-05 23:41:50 +02:00
TakayukiMatsuo 464cd49e45 Supprted TSIP v1.09 for target board GR-ROSE 2020-07-04 23:40:10 +09:00
JacobBarthelmeh df9a1a2a0e revert error peek function 2020-07-01 16:26:38 -06:00
JacobBarthelmeh e6746639af add SSL_SESSION_up_ref and fix for get lib 2020-06-30 13:16:28 -06:00
toddouska 2c11f96c9d Merge pull request #3048 from embhorn/zd10216
Override CRL error for NO_VERIFY
2020-06-29 15:35:53 -07:00
David Garske e2afbae6aa Merge pull request #3054 from JacobBarthelmeh/CRL
fix for x509 store add crl
2020-06-25 09:52:12 -07:00