wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 11:09:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,081 Commits 12 Branches 184 Tags
6d9fbf7ab3df3f6eaebed4be2764bb39ac6e1156
Commit Graph

17081 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hayden Roche
6d9fbf7ab3 Provide access to "Finished" messages outside the compat layer. 
Prior to this commit, if you wanted access to the Finished messages from a
handshake, you needed to turn on the compatibility layer, via one of
OPENSSL_ALL, WOLFSSL_HAPROXY, or WOLFSSL_WPAS. With this commit, defining any
of these causes WOLFSSL_HAVE_TLS_UNIQUE to be defined (a reference to the
tls-unique channel binding which these messages are used for) in settings.h.
This allows a user to define WOLFSSL_HAVE_TLS_UNIQUE to access the Finished
messages without bringing in the whole compat layer.
 2022-05-19 16:34:13 -07:00
David Garske
4a3ff40eb3 Merge pull request #5138 from haydenroche5/issuer_names 
Add ability to store issuer name components when parsing a certificate.
 2022-05-18 16:56:55 -07:00
Sean Parkinson
cd41c8beaf Merge pull request #5147 from rizlik/do_alert_reset 
internal.c:reset input/processReply state if exiting after DoAlert()
 2022-05-19 09:36:44 +10:00
Daniel Pouzzner
b53484be10 Merge pull request #5155 from cconlon/configFix 
Fix --enable-openssh FIPS detection syntax in configure.ac
 2022-05-18 17:34:43 -05:00
Chris Conlon
628a34a43d fix --enable-openssh FIPS detection syntax in configure.ac 2022-05-18 12:52:07 -06:00
Chris Conlon
1026c7141e Merge pull request #5148 from JacobBarthelmeh/PKCS7 2022-05-18 11:44:20 -06:00
Marco Oliverio
be172af3cd internal.c: check that we have data before processing messages 
We should never encounter this bug under normal circumstances. But if we enter
processReplyEx with a wrongly `ssl->options.processReply` set to
`runProcessingOneMessage` we check that we have some data.
 2022-05-18 18:49:33 +02:00
Marco Oliverio
6940a5eaae internal.c:reset input/processReply state if exiting after DoAlert() 2022-05-18 18:35:29 +02:00
John Safranek
40063f7487 Merge pull request #5109 from rizlik/dtls_peer_matching_fix 
wolfio: dtls: fix incorrect peer matching check
 2022-05-18 09:12:26 -07:00
David Garske
ac3fc89df9 Merge pull request #5151 from SparkiDev/tls13_premaster 
TLS 1.3:  pre-master secret zeroizing
 2022-05-17 19:18:43 -07:00
Sean Parkinson
1765e2c482 Merge pull request #5150 from haydenroche5/benchmark_main_void 
Fix main signature in benchmark.c.
 2022-05-18 10:10:07 +10:00
Hayden Roche
04ff6afbad Add ability to store issuer name components when parsing a certificate. 
This is turned on when `WOLFSSL_HAVE_ISSUER_NAMES` is defined. This allows the
user to inspect various issuer name components (e.g. locality, organization,
etc.) by using these new fields in a `DecodedCert`.
 2022-05-17 16:29:52 -07:00
Sean Parkinson
2f91028f2d TLS 1.3: pre-master secret zeroizing 2022-05-18 08:52:38 +10:00
Hayden Roche
fd535242a0 Fix main signature in benchmark.c. 
If `NO_CRYPT_BENCHMARK` is defined, the main function is `int main()`, but it
should be `int main(void)`.
 2022-05-17 14:28:43 -07:00
Jacob Barthelmeh
8b46c95f06 macro guard for build with disable ecc 2022-05-17 11:36:09 -06:00
David Garske
c9ae021427 Merge pull request #5143 from julek-wolfssl/x509-ret-empty-name 
Return subject and issuer X509_NAME obj even when not set
 2022-05-17 09:16:54 -07:00
David Garske
50cc6d0422 Merge pull request #5139 from cconlon/opensshfips 
Modify --enable-openssh to not enable non-FIPS algos for FIPS builds
 2022-05-17 09:16:21 -07:00
Marco Oliverio
6df65c0162 wolfio: dtls: fix incorrect peer matching check 
Ignore packet if coming from a peer of a different size *or* from a different
peer. Avoid whole memcmp of sockaddr_in[6] struct because is not portable (there
are optional fields in struct sockaddr_in).
 2022-05-17 11:01:55 +02:00
Sean Parkinson
fc12c68601 Merge pull request #5146 from dgarske/kcapi_keywrap 
Fix to allow enabling AES key wrap (direct) with KCAPI
 2022-05-17 08:16:00 +10:00
Jacob Barthelmeh
1dc5e4cee5 add padding for variable ecc signature size 2022-05-16 15:26:29 -06:00
David Garske
ec619e3f35 Merge pull request #5107 from julek-wolfssl/wpas-ex-data-leak 
Call ctx->rem_sess_cb when a session is about to be invalid
 2022-05-16 13:27:08 -07:00
David Garske
579a37bdf0 Merge pull request #5117 from cconlon/getrandom 
add support for Linux getrandom() with WOLFSSL_GETRANDOM
 2022-05-16 12:36:30 -07:00
Chris Conlon
0ef4707859 Merge pull request #5137 from JacobBarthelmeh/docs 2022-05-16 12:18:14 -06:00
Juliusz Sosinowicz
7f8f0dcffe Refactor cache ex_data update/retrieve into one function 
- Add explicit pointer cast
 2022-05-16 13:01:05 +02:00
Juliusz Sosinowicz
d996086a6d Return subject and issuer X509_NAME obj even when not set 
This allows the user to set the attributes of the subject and issuer name by calling X509_REQ_get_subject_name and adding attributes to it.
 2022-05-16 12:49:34 +02:00
David Garske
6b1e3003fb Merge pull request #5142 from SparkiDev/ssl_move_pk 
ssl.c rework
 2022-05-13 12:56:14 -07:00
David Garske
643cd78ea2 Fix to allow enabling AES key wrap (direct) with KCAPI. 2022-05-13 11:15:32 -07:00
David Garske
1a57e3065a Small cleanups. Missing (void), spelling and formatting. Also fixes for variations of 25519/448 build. 2022-05-13 09:24:59 -07:00
John Safranek
7305616452 Merge pull request #5080 from JacobBarthelmeh/DH 
with WOLFSSL_NO_DH186 restriction allow odd DH param size generations
 2022-05-13 08:57:33 -07:00
David Garske
50f53f9576 Merge pull request #5129 from LinuxJedi/remove-python-wrappers 
Remove the Python wrappers from wolfSSL source
 2022-05-13 08:36:33 -07:00
David Garske
630c5ef364 Merge pull request #5140 from SparkiDev/sp_fixes_7 
SP fixes
 2022-05-12 21:57:48 -07:00
Sean Parkinson
852d5169d4 ssl.c rework 
Move the public key APIs out of ssl.c and into pk.c.
(RSA, DSA, DH and EC)
 2022-05-13 11:12:44 +10:00
Sean Parkinson
eea537e5ea Merge pull request #5124 from kaleb-himes/WIN_MULTICONFIG 
Address issues ID'd by new windows multi-config test
 2022-05-13 09:39:15 +10:00
Sean Parkinson
e8160f049e SP fixes 
Fix div_word without using div.
Fix ARM32 and Cortex-M builds to work for 4096 again.
 2022-05-13 09:37:24 +10:00
Chris Conlon
c3a79f50d8 modify --enable-openssh to not enable non-FIPS algos for FIPS builds 2022-05-12 16:53:57 -06:00
Chris Conlon
e6ce735ed8 add support for Linux getrandom() with WOLFSSL_GETRANDOM 2022-05-12 16:51:38 -06:00
Sean Parkinson
6aaee73585 Merge pull request #5133 from rizlik/cookie_keyshare_fix 
tls13: fix cookie has keyShare information check
 2022-05-13 08:01:59 +10:00
Sean Parkinson
d1308fcdfc Merge pull request #5122 from rizlik/tls13_pad_calc 
internal.c: fix pad-size when more records are received at once
 2022-05-13 07:59:36 +10:00
Sean Parkinson
52fc3844a6 Merge pull request #5127 from rizlik/wolfss_msg_fix 
wolfcrypt: logging: use do{}while(0) to disable WOLFSSL_MSG* macro
 2022-05-13 07:55:18 +10:00
JacobBarthelmeh
988236ca70 remove port print out 2022-05-12 13:07:04 -07:00
JacobBarthelmeh
8124368319 Merge pull request #5136 from douzzer/20220512-stderr 
print errors to stderr, not stdout
 2022-05-12 13:59:41 -06:00
Daniel Pouzzner
c4920021d8 print errors to stderr, not stdout; 
fix whitespace in internal.c;

add missing error handling in examples/server/server.c around recvfrom().
 2022-05-12 13:07:32 -05:00
Daniel Pouzzner
60864f19da Merge pull request #5130 from JacobBarthelmeh/examples 
print out test errors to stderr instead of stdout
 2022-05-12 12:44:45 -05:00
John Safranek
2cf87a8049 Merge pull request #5084 from julek-wolfssl/zd14101-dtls-want-write 
DTLS fixes with WANT_WRITE simulations
 2022-05-12 09:36:40 -07:00
Andrew Hutchings
7316a275ae Add EXTRA_DIST entry for include.am 2022-05-12 17:00:02 +01:00
Andrew Hutchings
c3d4c3086e Add README to point to the new Python locations 2022-05-12 16:55:26 +01:00
David Garske
05ce8329c9 Merge pull request #5067 from miyazakh/compat_altcertchain 
"veify ok" if alternate cert chain mode is used
 2022-05-12 08:54:51 -07:00
David Garske
7a95be1a97 Merge pull request #5126 from JacobBarthelmeh/crl 
do not error out on CRL next date if using NO_VERIFY
 2022-05-12 08:44:29 -07:00
Kaleb Himes
9ca1206bf3 Merge pull request #5131 from SparkiDev/sp_win_fixes_1 
SP: Windows build fixes
 2022-05-12 09:56:27 -05:00
Juliusz Sosinowicz
44be4e1cc8 Reset ret in client and server after wolfSSL_dtls_got_timeout() 
- Do UDP connect only with simulateWantWrite to accommodate macOS that doesn't like sendto being called on connected UDP sockets
- Call wolfSSL_dtls_get_current_timeout only on a DTLS connection
 2022-05-12 16:48:04 +02:00