wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 10:52:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,842 Commits 12 Branches 184 Tags
490eeb400390c973667fe09c89937079880ca044
Commit Graph

14842 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniele Lacamera
490eeb4003 Support for IoT-Safe with TLS demo 2021-08-16 13:13:30 -07:00
Hayden Roche
c6f0fb11d0 Merge pull request #4253 from julek-wolfssl/lighttpd-1.4.55 
Implement `wolfSSL_set_client_CA_list` and add 'HIGH' cipher suite
 2021-08-16 15:05:51 -05:00
David Garske
1ac95b5716 Merge pull request #4303 from haydenroche5/rsyslog 
Add support for rsyslog.
 2021-08-16 11:20:28 -07:00
David Garske
6a37309ece Merge pull request #4300 from julek-wolfssl/libimobiledevice 
Missing API for libimobiledevice
 2021-08-16 09:40:42 -07:00
Hayden Roche
bbb514fa6d Add support for rsyslog. 
- Add an --enable-rsyslog option to configure.ac.
- Add a few missing `WOLFSSL_ERROR` calls that were expected by rsyslog unit
  tests.
- Add better documentation around `WOLFSSL_SHUTDOWN_NOT_DONE` and define it to
  be 0 (rather than 2) when `WOLFSSL_ERROR_CODE_OPENSSL` is defined. This is in
  accordance with OpenSSL documentation. Without this change, rsyslog was
  failing to do the bidirectional shutdown properly because it was checking the
  shutdown return value against 0. I'm keeping the old value when
  `WOLFSSL_ERROR_CODE_OPENSSL` isn't defined because it's part of the public
  wolfssl interface (it's in ssl.h).
 2021-08-13 23:24:28 -07:00
Juliusz Sosinowicz
0f6e564093 Rebase fixes 2021-08-14 00:35:55 +02:00
Juliusz Sosinowicz
6a5f40d698 Code review fixes. 2021-08-14 00:25:00 +02:00
Juliusz Sosinowicz
72f1d0adac Refactor client_CA API to use wolfSSL_sk_X509_NAME_* API 2021-08-14 00:24:24 +02:00
Juliusz Sosinowicz
62cab15c64 Reorganize wolfSSL_sk_X509_NAME_* 
Make the `wolfSSL_sk_X509_NAME_*` API's available in OPENSSL_EXTRA for use with `client_CA_list` API's.
 2021-08-14 00:24:24 +02:00
Juliusz Sosinowicz
d4391bd997 Parse distinguished names in DoCertificateRequest 
The CA names sent by the server are now being parsed in `DoCertificateRequest` and are saved on a stack in `ssl->ca_names`.
 2021-08-14 00:24:08 +02:00
Juliusz Sosinowicz
647e007eea Implement wolfSSL_set_client_CA_list and add 'HIGH' cipher suite 2021-08-14 00:24:08 +02:00
elms
b2380069f0 Merge pull request #4261 from dgarske/rsa_der_pub 2021-08-13 13:36:01 -07:00
Chris Conlon
ca06694bfb Merge pull request #4282 from miyazakh/SSL_CIPHER_xx 
Add SSL_CIPHER_get_xxx_nid support
 2021-08-13 13:48:31 -06:00
Chris Conlon
5235b7d1e6 Merge pull request #4291 from miyazakh/PARAM_set1_ip 
Add X509_VERIFY_PARAM_set1_ip support
 2021-08-13 13:45:33 -06:00
David Garske
ec4e336866 Merge pull request #4299 from haydenroche5/evp_pkey_dec_enc_improvements 
Make improvements to wolfSSL_EVP_PKEY_encrypt and wolfSSL_EVP_PKEY_decrypt.
 2021-08-13 08:10:20 -07:00
David Garske
14bbf49118 Merge pull request #3726 from julek-wolfssl/openresty 
Openresty
 2021-08-13 08:06:46 -07:00
Juliusz Sosinowicz
59d04efee8 Missing API for libimobiledevice 2021-08-13 16:32:53 +02:00
Hayden Roche
3be13f7358 Make improvements to wolfSSL_EVP_PKEY_encrypt and wolfSSL_EVP_PKEY_decrypt. 
- Handle case where output buffer is NULL. In this case, passed in output buffer
  length pointer should be given the maximum output buffer size needed.
- Add better debug messages.
 2021-08-12 18:46:15 -07:00
Juliusz Sosinowicz
7dea1dcd39 OpenResty 1.13.6.2 and 1.19.3.1 support 
# New or Updated APIs
- wolfSSL_get_tlsext_status_type
- wolfSSL_X509_chain_up_ref
- wolfSSL_get0_verified_chain
- SSL_CTX_set_cert_cb
- SSL_certs_clear
- SSL_add0_chain_cert ssl_cert_add0_chain_cert
- SSL_add1_chain_cert ssl_cert_add1_chain_cert
- sk_X509_NAME_new_null
- SSL_CTX_set_cert_cb
- SSL_set0_verify_cert_store
- SSL_set_client_CA_list

# Other Changes
- Ignore gdbinit
- Add api.c tests for new API
- Add `WOLFSSL_X509_STORE* x509_store_pt` to `WOLFSSL`
- Add macro to select the `WOLFSSL` specific store when available and the associated `WOLFSSL_CTX` store otherwise. Calls to `ssl->ctx->cm` and `ssl->ctx->x509_store*` were replaced by macros.
- NO-OP when setting existing store
- Add reference counter to `WOLFSSL_X509_STORE`
- Cleanup MD5 redundant declarations
- WOLFSSL_ERROR may map to nothing so make assignment outside of it
- refMutex fields are excluded with SINGLE_THREADED macro
- Chain cert refactor
- Make `wolfSSL_add0_chain_cert` and `wolfSSL_add1_chain_cert` not affect the context associated with the SSL object
- `wolfSSL_CTX_add1_chain_cert` now updates the `ctx->certChain` on success and stores the cert in `ctx->x509Chain` for later free'ing
 2021-08-12 23:58:22 +02:00
David Garske
8601c14f1c Merge pull request #4297 from anhu/master 
Fix a race condition in the benchmark example and …
 2021-08-12 13:51:43 -07:00
David Garske
cccb8f940a Merge pull request #4209 from julek-wolfssl/net-snmp 
Add support for net-snmp
 2021-08-12 13:06:21 -07:00
David Garske
96c223e585 Merge pull request #4288 from julek-wolfssl/get-date-from-cert 
Add a test/example for parsing the date from a certificate
 2021-08-12 12:52:52 -07:00
David Garske
93a1fe4580 Merge pull request #4205 from julek-wolfssl/wpas-include-extra-stuff 
Include stuff needed for EAP in hostap
 2021-08-12 11:17:23 -07:00
Chris Conlon
d4b0ec0705 Merge pull request #4290 from TakayukiMatsuo/general 
Add wolfSSL_GENERAL_NAME_print
 2021-08-12 09:51:28 -06:00
Anthony Hu
7c75b9836e Changes to make Jenkins happy and reduce verbosity. 
- added HAVE_PTHREAD guards
- usleep ---> XSLEEP_MS
- only print polling message if verbose output requested.
 2021-08-12 11:13:15 -04:00
JacobBarthelmeh
5dff4dd4e0 Merge pull request #4280 from dgarske/caam_macros 
Fixes for CAAM build macros and spelling
 2021-08-12 19:19:31 +07:00
Juliusz Sosinowicz
e583d0ab76 SslSessionCacheOn -> SslSessionCacheOff 2021-08-12 13:52:25 +02:00
TakayukiMatsuo
517309724a Add wolfSSL_GENERAL_NAME_print 2021-08-12 14:17:41 +09:00
Hideki Miyazaki
0b070166cb addressed review comments 2021-08-12 10:44:07 +09:00
Hideki Miyazaki
4fa69c0a3a addressed review comments 2021-08-12 07:41:24 +09:00
David Garske
9c3502bea9 Merge pull request #4285 from haydenroche5/alerts 
During the handshake, make sure alerts are getting read on the client side in the event of an error.
 2021-08-11 15:22:05 -07:00
David Garske
0a238483c1 Merge pull request #4296 from lealem47/fix-link 
Fix broken link in examples/README.md
 2021-08-11 15:21:43 -07:00
Chris Conlon
fc4e4eacba Merge pull request #4292 from kojo1/evp 
EVP_CIPHER_CTX_set_iv_length
 2021-08-11 16:13:26 -06:00
Anthony Hu
586317f198 Fix a race condition in the benchmark example and all output goes to stderr. 2021-08-11 17:07:01 -04:00
David Garske
9bbb32c352 Merge pull request #4295 from haydenroche5/stunnel_key_gen 
Turn on key generation for --enable-stunnel.
 2021-08-11 11:17:30 -07:00
elms
d39b91de27 Merge pull request #4266 from dgarske/hexchar 2021-08-11 10:56:53 -07:00
Lealem Amedie
d4d225e33f Fix broken link in examples/README.md 2021-08-11 10:49:38 -06:00
Juliusz Sosinowicz
dd4adacee8 Code review changes 2021-08-11 17:58:46 +02:00
elms
d487916557 Merge pull request #4279 from haydenroche5/pkcs12 
Cleanups for PKCS8 and PKCS12 macros (always support parsing PKCS8 header)
 2021-08-10 18:37:33 -07:00
Hayden Roche
65a00d9430 Turn on key generation for --enable-stunnel. 2021-08-10 17:14:06 -07:00
David Garske
b258321219 Fixes for misc.c to not be included unless required. 2021-08-10 16:11:22 -07:00
David Garske
df10152b54 Refactor hex char to byte conversions. 2021-08-10 12:07:41 -07:00
David Garske
fdb6c8141e Merge pull request #4274 from haydenroche5/pyopenssl 
Add support for pyOpenSSL.
 2021-08-10 11:49:07 -07:00
Hayden Roche
fdc350fb52 Add a macro guard WOLFSSL_CHECK_ALERT_ON_ERR that has the client check for 
alerts in the event of an error during the handshake.
 2021-08-10 09:43:12 -07:00
Hayden Roche
ef5510cbcc During the handshake, make sure alerts are getting read on the client side in 
the event of an error.
 2021-08-09 14:26:53 -07:00
David Garske
0e4b200df1 Merge pull request #4267 from elms/key_overflow 
tls13: avoid buffer overflow with size check
 2021-08-09 09:19:46 -07:00
David Garske
e698d08317 Merge pull request #4286 from douzzer/cryptocb-pedantic-c99 
--enable-cryptocb CFLAGS='-std=c99 -pedantic'
 2021-08-09 08:29:36 -07:00
Hideki Miyazaki
5c55be72ec fix jenkins failure part2 2021-08-09 10:00:35 +09:00
Takashi Kojo
c0b085dd4a EVP_CIPHER_CTX_set_iv_length 2021-08-08 14:49:28 +09:00
Hideki Miyazaki
cf9d5ea8b6 fix jenkins failure part2 2021-08-07 14:14:39 +09:00