jordan
d4ba2e50d4
Used codespell and fixed obvious typos.
2023-08-17 15:20:10 -05:00
JacobBarthelmeh
cc4e327316
Merge pull request #6544 from TakayukiMatsuo/rpk
...
Add support for raw-public-key
2023-08-17 09:23:18 -06:00
Hideki Miyazaki
47caa9b06d
generalize sce protect impl to fsp sm(secure module)
2023-08-13 09:23:03 +09:00
TakayukiMatsuo
3a5739a8fa
Add support for raw-public-key
2023-08-11 11:29:15 +09:00
Juliusz Sosinowicz
e96837aa34
cond: Add start and end API for mutex handling
2023-08-10 18:07:51 +02:00
JacobBarthelmeh
12685d7713
Merge pull request #6686 from dgarske/fix_cond
...
Fixes for wolfSSL conditional porting
2023-08-09 12:08:05 -06:00
JacobBarthelmeh
35f4a1a09d
Merge pull request #6672 from anhu/cert_err_message
...
Add some OpenSSL compat error strings.
2023-08-09 09:28:51 -06:00
Juliusz Sosinowicz
d747df2ae4
Make sure no mutexes are held when cond API are called
2023-08-09 16:25:58 +02:00
Juliusz Sosinowicz
7ba00f3b84
Initialize BIO methods at compile time
2023-08-09 16:23:46 +02:00
Anthony Hu
5daabe0801
Suggestion from Jacob to remove OPENSSL_EXTRA_X509_SMALL
2023-08-08 16:35:55 -04:00
David Garske
5b16586483
Fixes for wolfSSL conditional porting. Can cause deadlock in high usage situations. Added better signal support on MacOS. Issue created in PR #6437 .
2023-08-08 12:46:42 -07:00
Daniel Pouzzner
e51ca7941f
fixes for code warned by clang-tidy:18 and cppcheck-2.11:
...
bugprone-inc-dec-in-conditions: examples/server/server.c:server_test(), src/internal.c:MatchDomainName(), src/x509.c:wolfSSL_X509_set_ext(), wolfcrypt/src/asn.c:MatchBaseName()
missingReturn: wolfcrypt/src/wc_port.c:mystrnstr()
bugprone-unused-return-value: wolfcrypt/src/wc_port.c:wolfSSL_NewThreadNoJoin()
clang-analyzer-deadcode.DeadStores: wolfssl/test.h:udp_accept()
2023-08-05 12:28:41 -05:00
JacobBarthelmeh
65b515aec8
Merge pull request #6655 from julek-wolfssl/threading-testing
...
Port testing to wolfSSL threading interface
2023-08-04 13:46:14 -06:00
Anthony Hu
cec438a4e4
Add some OpenSSL compat error strings.
2023-08-04 13:26:28 -04:00
Juliusz Sosinowicz
90a6a14878
Merge pull request #6446 from JacobBarthelmeh/session
2023-08-04 11:34:59 +02:00
Juliusz Sosinowicz
67d6d438c5
Port testing to wolfSSL threading interface
2023-08-04 10:49:39 +02:00
JacobBarthelmeh
7f0cfcb27d
Merge pull request #6667 from bandi13/byebyeCyaSSL
...
Byebye cya ssl
2023-08-03 15:43:01 -06:00
Andras Fekete
a6c850d7f9
Fix CAVP errors
2023-08-03 12:05:40 -04:00
Juliusz Sosinowicz
8a9a363621
DTLS 1.3: move state machine forward when HVR received
2023-08-03 15:00:14 +02:00
Juliusz Sosinowicz
907a0201e7
Require HAVE_SECURE_RENEGOTIATION for API that perform SCR (not just indication)
2023-08-03 11:32:42 +02:00
Juliusz Sosinowicz
5a94dc961d
DtlsShouldDrop: don't ignore app data sent before a SCR handshake
2023-08-03 11:32:03 +02:00
Andras Fekete
b31e485dc9
Remove 'HAVE_FIPS_VERSION < 2' blocks
2023-08-02 17:08:03 -04:00
Juliusz Sosinowicz
dee32247b9
Code review
2023-08-02 18:02:41 +02:00
Juliusz Sosinowicz
bfe7bc0fcc
Recover when the client sends a 0-length session ID when using tickets
...
Fixes ZD16477
2023-08-02 18:02:30 +02:00
Juliusz Sosinowicz
724fe53379
DoHelloVerifyRequest: only do DTLS 1.3 version check
2023-08-02 10:30:12 +02:00
Andras Fekete
25f542adb4
Clean up compile errors
2023-08-01 15:46:18 -04:00
JacobBarthelmeh
1468d77e50
Merge pull request #6644 from julek-wolfssl/zd/16441
...
TLSX_CA_Names_Parse: Verify the length of the extension
2023-07-31 16:03:23 -06:00
Juliusz Sosinowicz
854ae0dcdb
Code review
2023-07-31 15:16:59 +02:00
Juliusz Sosinowicz
a495bb4e7f
TLSX_CA_Names_Parse: make sure to do cleanup when smallstack is on
2023-07-28 16:34:35 +02:00
Dimitri Papadopoulos
6d9c85a762
Fix typos found by codespell
2023-07-27 23:38:44 +02:00
David Garske
c529b2f3aa
Merge pull request #6627 from jpbland1/ocsp-nonce-usage-fix
...
fix bad & statement that was setting ocspSendNonce
2023-07-27 09:22:08 -07:00
Jacob Barthelmeh
b16e7fd87b
use Expect with test
...
fix for session expire check
better name for test function
rewrite test case
make new session also timeout in 1 second
2023-07-26 15:10:22 -07:00
JacobBarthelmeh
7c11c0f201
conversion warning flagged on Windows test builds
2023-07-26 13:48:33 -07:00
JacobBarthelmeh
3e5e16f1ff
Merge pull request #6641 from julek-wolfssl/gh/6555
...
Dtls13GetRnMask: Correctly get chacha counter on BE systems
2023-07-26 11:29:39 -06:00
JacobBarthelmeh
48434f7814
Merge pull request #6653 from julek-wolfssl/kerberos-update
...
Updates for Kerberos 5 1.21.1
2023-07-26 11:26:57 -06:00
Juliusz Sosinowicz
4a175ba280
Updates for Kerberos 5 1.21.1
...
- wolfssl_ec_point_mul: fix parameters being passed into ec_mul2add
- Compile in compressed ecc key parsing for OPENSSLALL
- Improve debugging around compat layer ecc operations
- wolfSSL_BN_div: dv can be NULL
- Add spake like computation test
- Add CI krb5 testing
- Add timeouts to CI
2023-07-26 16:40:38 +02:00
Juliusz Sosinowicz
5947c9ae8c
TLSX_CA_Names_Parse: Verify the length of the extension
2023-07-26 13:32:37 +02:00
Juliusz Sosinowicz
5cf42244f0
Add comment back in
2023-07-26 12:04:11 +02:00
gojimmypi
31dfdf8360
TLS SM2, SM3, SM4-CBC: hash details for SM3
2023-07-25 17:25:11 -07:00
Daniel Pouzzner
cebb4da307
fixes and workarounds for cppcheck 2.11 with uninitvar checks reactivated, and legacyUninitvar suppressed globally (as before):
...
src/internal.c:wolfSSL_DtlsUpdateWindow(): shiftTooManyBitsSigned and integerOverflowCond (true positive, fixed);
src/ssl.c:wolfSSL_GetSessionFromCache(): autoVariables (true positive, intentional and now suppressed);
wolfcrypt/src/asn.c: several uninitvars in EccSpecifiedECDomainDecode(), wc_EccPrivateKeyDecode(), DecodeSingleResponse(), and DecodeResponseData() (false positives due to bug in cppcheck short circuit eval analysis, mitigated by refactoring && expressions to nested-if constructs that are semantically identical);
src/ssl.c:wolfSSL_GetSessionFromCache(): nullPointer (false positive due to bug in cppcheck value flow analysis, workarounded).
2023-07-25 11:31:01 -05:00
David Garske
c0b4cde6df
Merge pull request #6632 from jpbland1/ocsp-want-read-error
...
OCSP_WANT_READ mishandled re-run
2023-07-25 08:23:46 -07:00
John Bland
a9c9662124
fix bad & statement that was setting ocspSendNonce
...
to 1 when WOLFSSL_OCSP_NO_NONCE was selected
related to but doesn't solve zd 16377
2023-07-24 16:51:10 -04:00
JacobBarthelmeh
1285ae7816
Merge pull request #6506 from DimitriPapadopoulos/codespell
...
Fix typos found by codespell
2023-07-24 10:34:29 -06:00
Juliusz Sosinowicz
ab560aa6b8
Fix ClientHello parsing when no extensions are present
2023-07-24 09:14:21 +02:00
Juliusz Sosinowicz
56fc5bbf87
Dtls13GetRnMask: Correctly get chacha counter on BE systems
...
The issue was that BIG_ENDIAN is defined in endian.h (on linux). Our define is BIG_ENDIAN_ORDER.
2023-07-24 09:13:10 +02:00
JacobBarthelmeh
d3202600a4
Merge pull request #6525 from lealem47/san
...
Improve subjectAltName extension parsing and printing
2023-07-22 08:19:54 -06:00
JacobBarthelmeh
2acc4a6dd5
Merge pull request #6561 from lealem47/zd16348
...
Fix for adding pkcs9 contentType entry name
2023-07-21 17:04:47 -06:00
JacobBarthelmeh
c2a3f5316d
Merge pull request #6591 from embhorn/zd16296
...
Add CRL_REPORT_LOAD_ERRORS option
2023-07-21 17:00:23 -06:00
John Bland
2e4b651b87
update tls13 to handle an OCSP_WANT_READ, update
...
async client test to retry connect on OCSP_WANT_READ instead of timing out
2023-07-21 16:24:59 -04:00
Lealem Amedie
0cd5a293ca
Fix for parsing pkcs9_contentType
2023-07-21 13:57:45 -06:00