wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 04:22:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,350 Commits 12 Branches 184 Tags
46b9531becf5eff909773eff51e6afc3366a4fe4
Commit Graph

4482 Commits

Author SHA1 Message Date
David Garske
7d33312f4b Merge pull request #3339 from ejohnstown/dtls-flag 
DTLS Flag
 2020-09-25 17:05:22 -07:00
John Safranek
b36877c20b DTLS Flag 
Fix an ifdef flag that should have been WOLFSSL_DTLS, not HAVE_DTLS.
 2020-09-25 10:49:34 -07:00
David Garske
5ef5c279b5 Fix for previous max fragment commit to correctly process a TLS packet with multiple handshake messages. Fix to free the wolfSSL objects first then wolfSSL_CTX. 2020-09-24 15:53:12 -07:00
David Garske
bbaf4090b8 Fixes for sniffer when using static ECC keys. Adds TLS v1.2 ECC key fallback detection and fixes new ECC RNG requirement for timing resistance. 2020-09-24 15:03:26 -07:00
David Garske
7cfbc598ed Fix to not assume TLS v1.3 based on extended key share extension. 2020-09-24 13:05:01 -07:00
David Garske
bc960a9c25 Fix for sniffer with SNI enabled to properly handle WOLFSSL_SUCCESS error code in ProcessClientHello. ZD 10926 2020-09-24 13:05:01 -07:00
David Garske
7e2d44ba9a Fix possible unused rhSize. 2020-09-24 13:05:01 -07:00
David Garske
b5163bd1fa Added support for 802.11Q VLAN frames. Fix build error with unused "ret" when building with WOLFSSL_SNIFFER_WATCH. Fixed bad characters in sniffer README.md configure example. 2020-09-24 13:05:01 -07:00
David Garske
ce1c1fe0a6 Fix for sniffer using HAVE_MAX_FRAGMENT in "certificate" type message. ZD 10903 2020-09-24 13:05:01 -07:00
toddouska
1668f6f626 Merge pull request #3244 from douzzer/20200820-linuxkm 
Linux Kernel Module support
 2020-09-24 12:57:22 -07:00
toddouska
d75d3108b0 Merge pull request #3314 from SparkiDev/evp_hmac_sha3 
Test wolfSSL_HMAC with SHA-3
 2020-09-24 12:48:40 -07:00
Daniel Pouzzner
09b9ac8b86 add AM_CONDITIONAL([BUILD_DEBUG],...) to configure.ac, and use it to gate inclusion of wolfcrypt/src/debug.c in src/include.am; remove superfluous includes from wolfcrypt/src/debug.c. 2020-09-23 18:32:17 -05:00
Daniel Pouzzner
6a3da9477e fix --enable-stacksize[-verbose] (HAVE_STACK_SIZE[_VERBOSE]) to work correctly in testsuite.c. 2020-09-23 18:32:17 -05:00
Daniel Pouzzner
60a686f48c tidying suggested by Sean in review. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
63e3eae416 src/wolfio.c: update patch to wolfIO_HttpProcessResponse() (PR #3204). 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
87b2384cac linuxkm settings.h: define NO_STDIO_FILESYSTEM 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
05bca8b0ee when BUILD_LINUXKM, suppress building the library; rename $KROOT/$KARCH to $KERNEL_ROOT/$KERNEL_ARCH; remove SIMD enablement from linuxkm CFLAGS; add linuxkm support for -DKERNEL_OPT=x. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
925afe3b74 cast XMALLOC() return values assiduously, for Visual Studio compatibility. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
f5975d95db src/ssl.c: use heap for workspace in wolfSSL_X509_sign(), wolfSSL_d2i_RSAPrivateKey_bio(), and wolfSSL_CTX_use_RSAPrivateKey(). 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
0e480d1a14 Linux KM compilability cont'd: conform to C89isms (declarations before statements); iffdef WOLFSSL_LINUXKM use do_div() for long long division rather than C operator (avoids unresolvable compile-time callouts to libgcc function); misc gating and relocations for includes. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
dd825d90c4 more LKM WIP: polish up the struct DRBG refactor ("struct DRBG_internal"), tweaks for buildability on 3.x kernels (now builds on 3.x, 4.x, and 5.x up to 5.8.1), move a slew of #[un]def[ines] from wc_port.h to settings.h where they belong, misc cleanup. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
3c2155f4a9 linuxkm WIP -- update for kernels 4.9.x (LTS representative) and 5.8.x (latest). 2020-09-23 18:32:15 -05:00
David Garske
6425ebb60e Linux Kernel Module support using "--enable-linuxkm". 2020-09-23 18:32:15 -05:00
toddouska
1c07de883c Merge pull request #3306 from SparkiDev/tls13_pha_psk 
TLS 1.3: Post-handshake Authentication and resumption secret
 2020-09-23 16:06:55 -07:00
toddouska
2f74817e32 Merge pull request #3288 from embhorn/zd10901 
Fix mp_radix_size off by 1 error
 2020-09-23 09:19:02 -07:00
Sean Parkinson
4ed3438be0 TLS 1.3: Post-handshake Authentication and resumption secret 
The master secret in arrays is not available post-handshake.
Use the master secret in the session when calculating resumption secret.
 2020-09-23 17:09:06 +10:00
Jacob Barthelmeh
cb3338bd57 fix WOLFSSL_X509_NAME parse of empty feild and add test case 2020-09-21 18:44:13 -06:00
Sean Parkinson
f4db9c8986 Test wolfSSL_HMAC with SHA-3 
Add more support for HMAC with SHA-3.
 2020-09-22 09:39:09 +10:00
toddouska
0e66f9d835 Merge pull request #3299 from dgarske/ocsp_certchain 
Fix for possible NULL use if certChain not loaded and OCSP cert request called
 2020-09-21 13:40:21 -07:00
toddouska
1274a01dc7 Merge pull request #3289 from dgarske/wpas_small 
Fixes for building `--enable-wpas=small` with WPA Supplicant v2.7
 2020-09-21 13:37:58 -07:00
toddouska
0f6d391ea1 Merge pull request #3295 from SparkiDev/tls13_p521 
TLS 1.3: Fix P-521 algorithm matching
 2020-09-21 13:36:48 -07:00
David Garske
b4c964f729 Fix for possible NULL buffer use if certChain not loaded and OCSP cert request called. 2020-09-18 09:15:44 -07:00
David Garske
d37adefe98 Fixes for edge case builds with certificate req/gen/ext without --enable-opensslextra. 2020-09-18 09:14:41 -07:00
David Garske
780e8a4619 Fixes for building --enable-wpas=small with WPA Supplicant v2.7. 2020-09-18 09:14:41 -07:00
Sean Parkinson
d63ff07edc TLS 1.3: Fix P-521 algorithm matching 
Digest size compared to key size - P521 has large key size.
Fixed to round down.
Added P-521 keys and certificates.
Added testing of P-521 keys and certificcates to unittest.
 2020-09-18 10:51:55 +10:00
toddouska
85da1a1d0a Merge pull request #3271 from SparkiDev/tls13_peek 
TLS 1.3: allow wolfSSL_peek() to return WANT_READ
 2020-09-16 15:02:42 -07:00
toddouska
a3fca7f593 Merge pull request #3247 from JacobBarthelmeh/Compatibility-Layer 
Compatiblity Layer Fixes for serial number / ASN1 time / and order of name components
 2020-09-16 14:53:51 -07:00
Eric Blankenhorn
78a1670334 Fix mp_radix_size off by 1 error 2020-09-10 09:58:26 -05:00
Juliusz Sosinowicz
e34ccaf481 Fix window check 
If `curLT` then diff needs to be decremented. For example: `diff` = 1 represents last packet so it would be the `window[idx] & (1 << 0)` bit of the window variable.
 2020-09-09 23:27:49 +02:00
John Safranek
39b5448601 Merge pull request #3279 from dgarske/minor_fixes 
Minor build fixes for typo and CMake
 2020-09-08 16:45:52 -07:00
JacobBarthelmeh
58e03b2d26 Merge pull request #3272 from embhorn/zd10650 
Check for non-blocking return code in BioSend
 2020-09-08 14:25:16 -06:00
David Garske
6f5a7e87c5 Fix for CMake to only set ranlib arguments for Mac. Fix for stray typo of , -> ;. Fixes #3275 and Fixes #3278 2020-09-08 11:07:12 -07:00
Juliusz Sosinowicz
ee2d051536 Fix failing nightly 
Failed tests when configured with `./configure --enable-dtls --enable-opensslextra --enable-sessioncerts`. Valgrind discovered a use after free bug. Nulling session->peer fixes the issue.
 2020-09-07 14:36:57 +02:00
Sean Parkinson
93bb12ce86 TLS 1.3: allow wolfSSL_peek() to return WANT_READ 
When handshake message is processed in wolfSSL_peek() then return
WANT_READ from peek instead of blocking waiting for application data.

Server may send an alert if the client certificate is invalid.
The server also may send NewSesionTicket after client has sent finished
message.
To detect alert before handling application data, then the socket needs
to be checked for data. If the data is an alert then wolfSSL_peek() will
handle the alert, but if it is a NewSessionTicket then wolfSSL_peek()
will process it and block waiting for application data - so return
WANT_READ if no application data seen after processing handshake
message.
 2020-09-07 08:30:24 +10:00
toddouska
7fd51cf9d9 Merge pull request #3267 from SparkiDev/no_client_auth 
Get builds with WOLFSSL_NO_CLIENT_AUTH compiling and testing
 2020-09-03 15:55:38 -07:00
toddouska
9901eb9272 Merge pull request #3249 from SparkiDev/tls13_early_data_fix 
TLS 1.3 Early Data: fix
 2020-09-03 14:49:39 -07:00
toddouska
b3acd57de5 Merge pull request #3254 from dgarske/leaks 
Fixes valgrind leak reports (related to small stack cache)
 2020-09-02 10:44:49 -07:00
toddouska
9268de229a Merge pull request #3266 from dgarske/unit_test 
Fix for DH compute key compatibility function failure
 2020-09-02 10:23:23 -07:00
JacobBarthelmeh
914905f1bc Merge pull request #3193 from embhorn/zd10457_b 
Fix CheckHostName matching
 2020-09-02 10:36:02 -06:00
toddouska
6f56c3c800 Merge pull request #3204 from dgarske/ocsp_nonblock 
Fix for OCSP response in non-blocking mode and testing script improvements
 2020-09-01 15:56:52 -07:00