wolfSSL_set_secret() was checking the preMasterSz against the sizeof
the preMasterSecret member of the Arrays structure. That member
was changed to a pointer and allocated dynamically for the session
write-duping. The comparison between the passed in size and the size
of the parameter started failing. The check now uses the constant
that is used for allocating the preMasterSecret member.
1. Restore original EmbedRecvFrom callback.
2. Add new EmbedRecvFromMcast callback. (EmbedSendTo still the same.)
3. Set new receive from callback when setting the member ID.
4. Fixed bad rebase change.
1. Adding the prototypes for the sequence number high water callback.
2. Added the accessors to set the highwater callback function,
trigger levels, and application context.
3. Calls the highwater callback at specified sequence number thresholds
per peer.
1. Separated the peer ID from the array index into the peer sequence
list. This allows peer IDs to range from 0..255, and to have an
arbitrary size for the sequence list.
2. Add API to add and remove peer IDs from the sequence number list.
1. Temporary change to io.c to recieve datagrams from any peer.
2. Uses an array of Peer Sequence structures to track the current
sequence number of all the peers.
1. Since multicast's only cipher suite uses null cipher
automatically enable it.
2. Add options to example client and server to start
testing multicast API. (Uses TLS over TCP.)
3. Updates to use the forced secrets set by API.
1. Add DTLS-multicast to the enable options.
2. Reorg DTLS related enable options together.
3. Update a couple enable option texts to use the AS_HELP_STRING() macro.
4. Add three new APIs for managing a DTLS Multicast session.
5. Add test code for new APIs.
6. Add stub code for the new APIs.
Change verify depth and set curve to be compiled in whe using:
OPENSSL_EXTRA
Fix comparison of curve name strings to use ecc function.
Fix verify depth check when compiling with both OPENSSL_EXTRA and
WOLFSSL_TRUST_PEER_CERT.
Support TLS v1.3 clients connecting to Nginx.
Fix for PSS to not advertise hash unless the signature fits the private
key size.
Allow curves to be chosen by user.
Support maximum verification depth (maximum number of untrusted certs in
chain.)
Add support for SSL_is_server() API.
Fix number of certificates in chain when using
wolfSSL_CTX_add_extra_chain_cert().
Allow TLS v1.2 client hello parsing to call TLS v1.3 parsing when
SupportedVersions extension seen.
Minor fixes.
Reset list of supported sig algorithms before sending certificate
request on server.
Refactored setting of ticket for both TLS13 and earlier.
Remember the type of key for deciding which sig alg to use with TLS13
CertificateVerify.
RSA PKCS #1.5 not allowed in TLS13 for CertificateVerify.
Remove all remaining DTLS code as spec barely started.
Turn off SHA512 code where decision based on cipher suite hash.
Fix fragment handling to work with encrypted messages.
Test public APIS.
