wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 20:42:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,475 Commits 12 Branches 184 Tags
3a3c0be43f85ebc6da95ebbcc86634ef6195ce73
Commit Graph

4856 Commits

Author SHA1 Message Date
JacobBarthelmeh
8d7c61cf10 prep for Async release 2021-02-19 11:51:23 -07:00
Sean Parkinson
ad58478d29 Merge pull request #3765 from embhorn/zd11703 
Validate name size
 2021-02-18 08:42:26 +10:00
Sean Parkinson
276e090a1f Merge pull request #3763 from embhorn/zd11726 
Adding wolfSSL_CTX_get_TicketEncCtx
 2021-02-18 08:35:03 +10:00
Eric Blankenhorn
caa39f78ae Fix from review and leak in wolfSSL_X509_get_serialNumber 2021-02-17 13:53:30 -06:00
Eric Blankenhorn
608083f559 Add more checks for name->sz 2021-02-17 12:19:42 -06:00
Jacob Barthelmeh
4def38dd7e fix build for apache without tls 1.3 2021-02-17 18:23:03 +07:00
Eric Blankenhorn
806b5d7d23 Validate name size 2021-02-16 14:58:58 -06:00
Eric Blankenhorn
b7b07e1945 Adding wolfSSL_CTX_get_TicketEncCtx 2021-02-15 11:28:46 -06:00
Jacob Barthelmeh
0b0f370384 fix for haproxy and nginx build 2021-02-15 22:09:44 +07:00
Sean Parkinson
ba1c67843a Merge pull request #3752 from JacobBarthelmeh/Jenkins 
changes from nightly Jenkins test review
 2021-02-15 16:32:40 +10:00
Sean Parkinson
505514415d Merge pull request #3748 from JacobBarthelmeh/Testing 
always check index into certs
 2021-02-15 08:20:28 +10:00
Jacob Barthelmeh
1c852f60ab fix for g++ build 2021-02-12 23:26:54 +07:00
Jacob Barthelmeh
0938a0055d always use MAX_CHAIN_DEPTH for args->certs buffer 2021-02-12 15:18:14 +07:00
toddouska
f0ce6ada0f Merge pull request #3702 from guidovranken/zd11603 
Prevent dangling pointer in TLSX_Cookie_Use
 2021-02-11 12:31:02 -08:00
toddouska
80b9949052 Merge pull request #3739 from kaleb-himes/FusionRTOS-Porting-R3 
Fusion RTOS porting round 3
 2021-02-11 12:25:55 -08:00
toddouska
39cb84de25 Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff 
OpenVPN master additions
 2021-02-11 08:56:45 -08:00
Jacob Barthelmeh
90140fc5a4 always check index into certs 2021-02-11 21:50:51 +07:00
toddouska
032cc1645c Merge pull request #3713 from SparkiDev/tls_def_sess_ticket_cb 
TLS Session Ticket: default encryption callback
 2021-02-10 16:13:33 -08:00
toddouska
67b1280bbf Merge pull request #3545 from kabuobeid/smime 
Added support for reading S/MIME messages via SMIME_read_PKCS7.
 2021-02-10 15:59:32 -08:00
kaleb-himes
223ba43c2c Add debug message regarding failure 2021-02-10 12:15:43 -07:00
kaleb-himes
9e6ab4ab70 Address indendation, fix return on stub, remove warning 2021-02-10 11:26:29 -07:00
kaleb-himes
4c171524dd Address missed CloseSocket item and revert some white space changes 2021-02-10 09:14:54 -07:00
kaleb-himes
7e428f90f2 Revert zero return, to be handled in stand-alone PR 2021-02-10 05:31:57 -07:00
kaleb-himes
15f9902e94 Address new file issue by Jenkins and peer feedback on return val of time 2021-02-10 04:16:34 -07:00
Sean Parkinson
794cb5c7a9 TLS Session Ticket: default encryption callback 
Encrypts with ChaCha20-Poly1305 or AES-GCM.
Two keys in rotation.
Key used for encryption until ticket lifetime goes beyond expirary
(default 1 hour). If key can still be used for decryption, encrypt with
other key.
Private random used to generate keys.
 2021-02-10 14:31:54 +10:00
kaleb-himes
89b97a0fbf Implement peer feedback 2021-02-09 18:42:23 -07:00
toddouska
f63f0ccb94 Merge pull request #3740 from SparkiDev/tls13_one_hrr_sh 
TLS 1.3: Only allow one ServerHello and one HelloRetryRequest
 2021-02-09 14:59:10 -08:00
toddouska
9a7aba265a Merge pull request #3716 from kaleb-himes/OE10_ACVP_OE13_ACVP_WPAA 
OE10 and OE13 ACVP updates for armv8 PAA
 2021-02-09 14:50:42 -08:00
Kaleb Himes
73d7709724 Update comment about location for porting changes. 2021-02-09 15:39:12 -07:00
kaleb-himes
6d23728a56 Fusion RTOS porting round 3 2021-02-09 15:33:06 -07:00
toddouska
250b59f8fd Merge pull request #3688 from julek-wolfssl/correct-cert-free 
Use wolfSSL_X509_free to free ourCert
 2021-02-09 12:41:12 -08:00
Chris Conlon
012841bba3 Merge pull request #3738 from embhorn/cmp_layer_high 
Compatibility layer API
 2021-02-09 08:33:41 -07:00
Chris Conlon
71b495c422 Merge pull request #3712 from miyazakh/RND_bytes 
handle size greater than RNG_MAX_BLOCK_LEN
 2021-02-09 08:26:30 -07:00
Sean Parkinson
4d70d3a3c4 TLS 1.3: Only allow one ServerHello and one HelloRetryRequest 2021-02-09 12:51:53 +10:00
Kareem Abuobeid
a4e819c60a Added support for reading S/MIME messages via SMIME_read_PKCS7. 2021-02-08 17:14:37 -07:00
Sean Parkinson
3217c7afae Merge pull request #3732 from miyazakh/setverifydepth 
issue callback when exceeding depth limit rather than error out
 2021-02-09 09:51:45 +10:00
toddouska
f14f1f37d2 Merge pull request #3673 from elms/ssl_api/get_verify_mode 
SSL: add support for `SSL_get_verify_mode`
 2021-02-08 15:40:19 -08:00
toddouska
58f9b6ec01 Merge pull request #3676 from SparkiDev/tls13_blank_cert 
TLS 1.3: ensure key for signature in CertificateVerify
 2021-02-08 15:27:05 -08:00
Eric Blankenhorn
6cff3f8488 Adding X509_LOOKUP_ctrl 2021-02-08 12:17:14 -06:00
Eric Blankenhorn
47b9c5b054 Adding X509_STORE_CTX API 2021-02-08 08:25:14 -06:00
Eric Blankenhorn
de47b9d88a Adding X509_VERIFY_PARAM API 2021-02-08 08:25:14 -06:00
Hideki Miyazaki
f13186827a issue callback when exceeding depth limit rather than error out 2021-02-08 11:01:45 +09:00
kaleb-himes
776964f7c7 OE10 and OE13 ACVP updates for armv8 PAA 2021-02-03 15:38:08 -07:00
Hideki Miyazaki
431e1c8ffe handle size greater than RNG_MAX_BLOCK_LEN 2021-02-03 12:23:36 +09:00
Juliusz Sosinowicz
542e0d79ec Jenkins Fixes 
- explicit conversions
- not all curves available for wolfSSL_CTX_set1_groups_list
- group funcs depend on HAVE_ECC
- `InitSuites` after `ssl->suites` has been set
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
921fd34876 Detect version even if not compiled in 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
69dca4fd08 Rebase fixes 
- wolfSSL_CTX_set1_groups_list and wolfSSL_set1_groups_list should use wolfSSL_CTX_set1_groups and wolfSSL_set1_groups respectively because it converts to correct groups representation
- Change to using "SHA1" as main name for SHA1
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
46821196ab Fix call to wolfSSL_connect when in wolfSSL_connect_TLSv13 
If a client is:
- TLS 1.3 capable
- calls connect with wolfSSL_connect_TLSv13
- on an WOLFSSL object that allows downgrading
then the call to wolfSSL_connect should happen before changing state to HELLO_AGAIN. Otherwise wolfSSL_connect will assume that messages up to ServerHelloDone have been read (when in reality only ServerHello had been read).

Enable keying material for OpenVPN
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
ff43d39015 GCC complains about empty if 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
5d5d2e1f02 Check that curves in set_groups functions are valid 2021-02-02 12:06:11 +01:00