David Garske
eac3b4e189
Merge pull request #5752 from julek-wolfssl/alt-name-str-type
...
Set alt name type to V_ASN1_IA5STRING
2022-11-08 15:42:39 -08:00
Daniel Pouzzner
48ba365fd6
fixes for defects:
...
clang-analyzer-deadcode.DeadStores in examples/server/server.c;
-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;
nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
2022-11-08 14:04:16 -06:00
Sean Parkinson
bd83345c02
Merge pull request #5773 from dgarske/async_v5.5.3
...
Fixes for various tests that do not properly handle `WC_PENDING_E`
2022-11-08 14:47:23 +10:00
David Garske
1ee3a78e4a
Fixes for various tests that do not properly handle WC_PENDING_E.
2022-11-04 14:56:40 -07:00
Hayden Roche
5d70f3efce
Merge pull request #5730 from philljj/zd15040
2022-11-04 13:32:48 -07:00
Hayden Roche
4a917219f7
Merge pull request #5608 from SparkiDev/pk_c_rework_2
2022-11-04 13:32:36 -07:00
JacobBarthelmeh
8225d3642b
save next status with OCSP response verify
2022-11-03 22:39:47 -07:00
Juliusz Sosinowicz
8bbbdfa3f9
Set alt name type to V_ASN1_IA5STRING
2022-10-28 19:58:01 +02:00
JacobBarthelmeh
7366a9edbd
Merge pull request #5744 from SparkiDev/regression_fixes_4
...
Regresssion testing fixes
2022-10-27 11:49:52 -06:00
Sean Parkinson
fd7544ca19
Regresssion testing fixes
...
Ed25519 and Ed448 need to enable certs.
If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.
Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.
MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
2022-10-27 17:47:48 +10:00
Hayden Roche
294a26ba0c
Merge pull request #5708 from JacobBarthelmeh/OCSP
2022-10-26 15:43:15 -07:00
Jacob Barthelmeh
8d6ee0b26a
minor warning fixes
2022-10-26 10:48:51 -06:00
JacobBarthelmeh
a26b89f66b
fix leak with multiple entries
2022-10-26 09:29:06 -07:00
Sean Parkinson
5db2d53d54
Fixes from review part 2
2022-10-26 16:04:05 +10:00
Sean Parkinson
dad62fc182
pk.c: rework DH API and improve PEM read/write
...
Reorganized the DH APIs into groups.
Reworked all DH APIs.
Improved testing of DH API.
Implemented wolfSSL_PEM_read_RSAPublicKey() and
wolfSSL_PEM_write_RSA_PUBKEY().
Fix public key PEM write implementations to use the correct
header/footer names.
Added support for "RSA PUBLIC KEY" in header and footer in DerToPemEx().
Reworked PEM read/write APIs to be independent. No longer create an EVP
to use common function - common functionality refectored out.
Similarly file APIs don't create a BIO and call the partner APIs.
Improved testing of PEM read/write APIs.
Generic read BIO from memory BIO now returns the buffer instead of
allocating memory and reading.
No longer reading chunks when a file BIO.
Added wolfssl_make_rng() to create or get get global random. All RSA and
DH APIs now use this. DH_generate_parameters() creates a random object
and use global on error rather than just using global random.
Changed implementations to use BIO_new_fp() instead of create a new BIO
and setting file pointer.
2022-10-26 10:28:20 +10:00
Daniel Pouzzner
baa19c1092
tests/api.c: fix 3 clang-analyzer-deadcode.DeadStores.
2022-10-25 18:17:22 -05:00
JacobBarthelmeh
29a5c04c2e
add test case
2022-10-25 15:35:37 -07:00
jordan
8b7668f771
Fix X509 subject and issuer name_hash mismatch
...
Fix api test and cleanup.
2022-10-25 13:00:22 -05:00
Hayden Roche
e7a121325b
Merge pull request #5720 from julek-wolfssl/nid-defines
2022-10-25 10:34:59 -07:00
Hayden Roche
2b72a50688
Merge pull request #5662 from Uriah-wolfSSL/haproxy-update-2.6.0
2022-10-25 07:47:54 -07:00
Juliusz Sosinowicz
55091c6464
Add small test
2022-10-25 13:13:14 +02:00
jordan
e3153f3997
Fix X509 subject and issuer name_hash mismatch
2022-10-24 18:09:44 -05:00
Uriah Pollock
19e30b081f
Resolved sanitizer issue.
2022-10-24 16:27:18 -05:00
Hayden Roche
a60a15d544
Merge pull request #5721 from philljj/zd15011
2022-10-21 12:32:03 -07:00
Uriah Pollock
6aff27c5c8
Resolved valgrind issue. Updated ASN1_TIME usage per feedback.
...
Refactored wolfSSL_d2i_OCSP_CERTID per feedback.
2022-10-21 13:16:32 -05:00
Hayden Roche
fdffdd241f
Merge pull request #5711 from philljj/add_SSL_set1_host
2022-10-20 15:02:24 -07:00
jordan
bfe8b9b76c
correct DIST_POINT_NAME type value
2022-10-20 15:10:36 -05:00
jordan
90eefc2824
fix unit test when RSA disabled
2022-10-18 21:03:41 -05:00
Hayden Roche
b7c4ddba72
Merge pull request #5663 from lealem47/scan_build
2022-10-18 08:10:33 -07:00
Stefan Eissing
9726d1f6eb
Allowing use of SSL/CTX_set_max_early_data() for client side.
...
- updating english doc and test cases
2022-10-18 10:40:18 +02:00
Lealem Amedie
327b66d3ed
Miscellaneous fixes from scan-build and KDF refactor & small build fixes
2022-10-17 14:34:08 -07:00
jordan
7e35919cc0
Add SSL_set1_host
2022-10-17 16:23:38 -05:00
JacobBarthelmeh
bc1c087701
free PKCS7 in test case
2022-10-17 08:24:38 -07:00
JacobBarthelmeh
6f1db6c03a
Merge pull request #5697 from cconlon/pkcs7SignedCertSet
...
PKCS#7: Fix SignedData verification when signer cert is not first in SET
2022-10-14 16:05:40 -06:00
David Garske
e2566bab21
Various build fixes:
...
* Fix api.c build error with `NO_FILESYSTEM` and `WOLFSSL_CERT_EXT`.
* Fix for building tests/suites.c with static memory (missing `LARGEST_MEM_BUCKET`).
* Always expose `wc_ecc_set_rng` for compatibility.
2022-10-13 12:49:06 -07:00
Chris Conlon
1b0171fe3e
fix PKCS7 SignedData verification when signer cert is not first in SET
2022-10-13 11:03:13 -06:00
Uriah Pollock
5cbb099dc9
Updated per PR comments.
2022-10-12 14:06:57 -05:00
Uriah Pollock
9117f8b51b
Added more APIs for HaProxy integration.
2022-10-12 14:06:57 -05:00
David Garske
3b33c962c4
Merge pull request #5660 from haydenroche5/load_system_root_certs
...
Add support for wolfSSL_CTX_load_system_CA_certs on Windows and Mac.
2022-10-11 08:38:57 -07:00
Daniel Pouzzner
6456b244d3
tests/api.c: refactor struct initializer using XMEMCPY() to mollify -Werror=missing-field-initializers in C++ builds.
2022-10-10 16:18:33 -05:00
Juliusz Sosinowicz
b1f97c6bc0
Merge pull request #5652 from rizlik/send_alert_on_version_mismatch
2022-10-10 11:16:11 +02:00
Hayden Roche
47ccd924c2
Merge pull request #5657 from julek-wolfssl/dtls-1.2-stateless
2022-10-09 09:31:07 -07:00
Hayden Roche
98ac4a6f9c
Add ability to toggle system CA certs support.
2022-10-07 12:34:00 -07:00
Hayden Roche
5c85c8e128
Merge pull request #5658 from philljj/fix_wolfSSL_sk_X509_new
2022-10-06 17:18:03 -07:00
Hayden Roche
b50a786cb2
Add support for wolfSSL_CTX_load_system_CA_certs on Windows and Mac.
...
Additionally, fix CMake build to add WOLFSSL_X86_64_BUILD when building for
x86_64.
2022-10-06 17:12:21 -07:00
Juliusz Sosinowicz
7f42792616
DTLS 1.2: Test stateless server connection
2022-10-06 18:53:13 +02:00
Marco Oliverio
ebb378096a
test: DTLSv1.2: send alert when version negotiation fails
2022-10-05 20:29:23 +02:00
Marco Oliverio
84748757b0
tests: refactor ticket-nonce-test callbacks to re-use code
2022-10-05 20:29:23 +02:00
Hayden Roche
79d9bc376f
Merge pull request #5631 from dgarske/smallstack
2022-10-04 14:39:17 -07:00
jordan
984649eeac
Correct wolfSSL_sk_X509_new in OpenSSL compatible API
2022-10-04 15:20:32 -05:00