wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 15:12:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,794 Commits 12 Branches 184 Tags
6c4bcb3b596aaf2e259f16dc7edd7a57b60076ba
Commit Graph

4346 Commits

Author SHA1 Message Date
toddouska
ff08a01f94 Merge pull request #3171 from SparkiDev/tls13_fin_fix 
TLS 1.3: Client requires cert_vfy before finished when not PSK
 2020-07-31 11:28:24 -07:00
toddouska
64f6dc08f7 Merge pull request #3164 from SparkiDev/tls13_ocsp2 
TLS 1.3 server MUST NOT use OCSP Status V2
 2020-07-29 16:23:24 -07:00
Sean Parkinson
f59a1fa295 TLS 1.3: Client requires cert_vfy before finished when not PSK 2020-07-29 10:21:34 +10:00
Sean Parkinson
76a35f2a77 TLS 1.3: Client with no certificate an error with define 
WOLFSSL_NO_CLIENT_CERT_ERROR
 2020-07-27 09:54:51 +10:00
Sean Parkinson
b775058f49 TLS 1.3 server MUST NOT use OCSP Status V2 
Parses the extension but does not use the information.
TLSX code change to ensure that the OCSP Status V2 extension is not
written out in EncryptedExtension, CertificateRequest nor Certificate
messages.
 2020-07-27 09:32:14 +10:00
toddouska
e84defb268 Merge pull request #3044 from dgarske/sniffer_tls13 
TLS v1.3 sniffer support
 2020-07-24 11:46:38 -07:00
David Garske
38cef2b3c9 Merge pull request #3151 from ejohnstown/dtls-size 
DTLS Size Fix
 2020-07-24 08:19:50 -07:00
JacobBarthelmeh
81475fac96 Merge pull request #3154 from embhorn/zd10651 
Fix build error with X509_SMALL config
 2020-07-23 13:34:29 -06:00
John Safranek
839044d9e1 1. Remove dead assignment from client test. 
2. Fix memory leak in example server test.
3. Use verify callback on certificates to allow callback to fail
   them.
4. Restore the forced failure test cases.
5. Make the verify action thread local.
 2020-07-23 12:26:49 -07:00
JacobBarthelmeh
303d0dfedb Merge pull request #3157 from embhorn/zd10631 
Fix build issue with OPENSSL_EXTRA_X509_SMALL
 2020-07-23 13:18:28 -06:00
toddouska
e198f6e73b Merge pull request #3141 from SparkiDev/tls_cert_alert 
Send more detail alerts for bad certificates
 2020-07-22 16:46:14 -07:00
toddouska
d75e6d4f55 Merge pull request #3131 from JacobBarthelmeh/Testing 
add sanity check on padSz
 2020-07-22 16:39:27 -07:00
Eric Blankenhorn
9b421ce497 Fix for config failure 2020-07-22 17:22:46 -05:00
Eric Blankenhorn
39271e9234 Fix build issue with OPENSSL_EXTRA_X509_SMALL 2020-07-22 14:08:57 -05:00
Eric Blankenhorn
89913076f1 Fix build error with X509_SMALL config 2020-07-21 16:36:30 -05:00
Sean Parkinson
c45e192581 Send more detail alerts for bad certificates 2020-07-22 00:07:23 +10:00
John Safranek
5d5aa129ca When attempting to send a message with DTLS, if it is too large, return an error rather than splitting it across records. (ZD 10602) 2020-07-20 16:14:53 -07:00
John Safranek
10c293a76c SCTP Test 
1. Removed test cases for DTLSv1.0 that used AEAD ciphers.
2. Cleaned up some typos in the test configs.
3. Fixed typo in a WOLFSSL_SCTP ifdef check.
 2020-07-20 15:03:48 -07:00
David Garske
9409d8682f Fix for building without session-ticket. 2020-07-17 15:22:35 -07:00
David Garske
e15e0828bf Cleanup of the SHOW_SECRET debugging. Use only latest wolf API's (not older Cyassl names). 2020-07-17 15:22:35 -07:00
David Garske
3be390d50d Added TLS v1.3 session resumption support. TLS v1.3 uses session tickets and a resumption secret is derived after the "finished" message. This uses the internal static wolf session cache to retain the resumption secret between sniffer sessions. 2020-07-17 15:22:35 -07:00
David Garske
1b051d9c5b TLS v1.3 sniffer support: 
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
 2020-07-17 15:22:35 -07:00
JacobBarthelmeh
01a01c373f sanity check on return value for wolfSSL_X509_NAME_ENTRY_get_object 2020-07-17 11:03:12 -06:00
toddouska
9137794cb4 Merge pull request #3105 from embhorn/zd10457_a 
Adding wolfSSL_X509_check_ip_asc
 2020-07-16 10:53:27 -07:00
Eric Blankenhorn
f2b279e834 Update from review 2020-07-15 20:57:04 -05:00
toddouska
fbe0c8cba7 Merge pull request #3122 from JacobBarthelmeh/Compatibility-Layer 
fix X509 multiple OU's and refactor
 2020-07-15 15:06:22 -07:00
toddouska
925e9d9213 Merge pull request #3075 from julek-wolfssl/dtls-no-cookie 
DTLS session resumption fixes
 2020-07-15 14:07:34 -07:00
Eric Blankenhorn
525a3cb9c3 Move API out of OPENSSL_EXTRA 2020-07-15 10:48:11 -05:00
Eric Blankenhorn
d1a82589f9 Adding wolfSSL_X509_check_ip_asc 2020-07-15 10:48:11 -05:00
David Garske
12478a4534 Merge pull request #3128 from tmael/fips_ossl 
Correct string truncation of XSTRNCAT
 2020-07-14 17:17:27 -07:00
Jacob Barthelmeh
a8736dd89d set heap hint for name malloc 2020-07-14 14:23:49 -06:00
toddouska
1caa6f860b Merge pull request #3088 from kaleb-himes/ZD10539 
Change Hash union to wc_Hmac_Hash
 2020-07-14 11:23:30 -07:00
Jacob Barthelmeh
173b9833fc fixes for edge build cases and static memory 2020-07-14 09:07:23 -06:00
Tesfa Mael
aee208f1b1 Correct build 2020-07-13 17:29:12 -07:00
Jacob Barthelmeh
85437e4097 add sanity check on padSz 2020-07-13 17:17:57 -06:00
Jacob Barthelmeh
63c8f7d1b1 x509 small build and memory free 2020-07-13 15:51:27 -06:00
Chris Conlon
a77085960e Merge pull request #3103 from TakayukiMatsuo/master 
Supprted TSIP v1.09 for target board GR-ROSE
 2020-07-13 14:35:07 -06:00
Jacob Barthelmeh
d880d59974 fix for init of renegotiation and fix for compiler warnings 2020-07-13 00:31:40 -06:00
Jacob Barthelmeh
eec5f4a109 set initial NID value and account for null character on string 2020-07-12 19:54:50 -06:00
Jacob Barthelmeh
2aaeb2a2df fix X509 multiple OU's and refactor 2020-07-10 17:12:20 -06:00
toddouska
a90d6b2a5e Merge pull request #3039 from tmael/cov-fix2 
Coverity fix in wolfSSL 4.4.0 - part 2
 2020-07-10 13:06:22 -07:00
kaleb-himes
64c0d53a2d Use portable friendly XVALIDATE_DATE in ssl.c and add wc_ to default 2020-07-10 09:43:24 -06:00
David Garske
ed0f2bb8f5 Added sniffer API's to load buffer directly, not file. ZD 10547 2020-07-09 08:54:26 -07:00
TakayukiMatsuo
942226dc5a Merge branch 'master' of https://github.com/wolfSSL/wolfssl to get updated ocsp tests 2020-07-09 07:47:54 +09:00
Sean Parkinson
b952f18eb4 Merge pull request #3104 from JacobBarthelmeh/nginx 
Nginx 1.15.7
 2020-07-09 08:46:30 +10:00
Tesfa Mael
890500c1b1 Fix Coverity 2020-07-08 08:20:43 -07:00
Eric Blankenhorn
b9855b51bf Sanity check in DoTls13HandShakeMsgType 2020-07-08 07:55:05 -05:00
JacobBarthelmeh
e194a11cb8 add wolfSSL_SESSION_new and change to peek error 2020-07-06 10:47:46 -06:00
TakayukiMatsuo
9554e54e8f Resolved conflict 2020-07-06 10:58:58 +09:00
Guido Vranken
04d063f2ba In TLSX_SupportedFFDHE_Set, free TLSX list if TLSX_PopulateSupportedGroups fails 2020-07-05 23:41:50 +02:00