wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 02:52:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,589 Commits 12 Branches 184 Tags
b5eef78cdb756666a00a070a68c56972d64b9ab0
Commit Graph

14589 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
JacobBarthelmeh
b5eef78cdb Merge pull request #4176 from SparkiDev/sp_math_read_bin_max 
SP math all: allow reading of bin up to max digit size
 2021-07-14 16:03:32 +07:00
JacobBarthelmeh
18399091ce Merge pull request #4012 from julek-wolfssl/haproxy 
HaProxy 2.4-dev18 support
 2021-07-14 15:46:04 +07:00
Daniel Pouzzner
81f3f417e8 Merge pull request #4190 from SparkiDev/bench_sakke_ecdsa 
ECC bench: can't use SAKKE curve with ECDH/ECDSA
 2021-07-13 15:39:25 -05:00
David Garske
10987a69d7 Merge pull request #4201 from JacobBarthelmeh/Release 
bump version for dev
 2021-07-13 11:41:51 -07:00
JacobBarthelmeh
0d55dcaaa0 Merge pull request #4188 from guidovranken/mp_invmod_slow-check 
Add missing return value check in mp_invmod_slow
 2021-07-14 01:27:10 +07:00
Jacob Barthelmeh
3f22721a86 use version from wolfssl/version.h with driver 2021-07-13 22:39:39 +07:00
Jacob Barthelmeh
3bebcaaf54 bump version for dev 2021-07-13 04:18:52 +07:00
John Safranek
52b8c7b1fa Merge pull request #4192 from haydenroche5/ocsp_http_header 
Improve wolfIO_HttpProcessResponse HTTP header checking logic.
 2021-07-12 14:13:07 -07:00
John Safranek
add4a68465 Merge pull request #4199 from JacobBarthelmeh/Certs 
Lighttpd build fix and gencertbuf on updated ed25519 certs
v4.8.0-stable 		2021-07-12 09:15:50 -07:00
Jacob Barthelmeh
851c1fe1cf fix for lighttpd build 2021-07-12 16:25:50 +07:00
Jacob Barthelmeh
2f9af5f753 gencertbuf on updated ed25519 certs 2021-07-12 14:31:03 +07:00
John Safranek
30baa83a0b Merge pull request #4198 from douzzer/fix-linuxkm-for-v4.8 2021-07-09 19:15:23 -07:00
John Safranek
50d007ded8 Merge pull request #4196 from JacobBarthelmeh/Release 
Release version 4.8.0
 2021-07-09 14:33:26 -07:00
John Safranek
84539be656 Merge pull request #4197 from JacobBarthelmeh/Jenkins 
Updates found with Jenkins tests
 2021-07-09 14:32:43 -07:00
Daniel Pouzzner
15c890179f Linux kernel module: add an explicit -ffreestanding to CFLAGS in linuxkm/Makefile, and in wc_port.h ifdef WOLFSSL_LINUXKM, ignore -Wtype-limits in Linux kernel header files (needed for kernel v5.13), and suppress inclusion of stdint-gcc.h. 2021-07-09 15:23:07 -05:00
Jacob Barthelmeh
88b70a3906 update google cert that was set to expire in Dec 2021 2021-07-09 23:57:50 +07:00
JacobBarthelmeh
c01a63508a account for testing on big endian system 2021-07-09 08:18:39 -06:00
Jacob Barthelmeh
f4c4cf8afe update changelog for release 4.8.0 2021-07-09 17:02:18 +07:00
JacobBarthelmeh
500a6c8b27 prepare for release 4.8.0 2021-07-08 12:02:40 -06:00
JacobBarthelmeh
127add4bf7 include stddef for size_t type for ptr 2021-07-08 07:06:20 -06:00
Jacob Barthelmeh
7bcd0da164 warning for length used on strncpy 2021-07-08 15:51:17 +07:00
Jacob Barthelmeh
263e03748e fix issue of handling partially streamed PKCS7 input 2021-07-08 15:25:40 +07:00
JacobBarthelmeh
a250e1f23a Merge pull request #4194 from ejohnstown/to-fix 
Timeout Fix
 2021-07-08 14:34:42 +07:00
John Safranek
c9aa23ac7a Merge pull request #4191 from dgarske/htons 
Fix for missing `XHTONS` with `WOLFSSL_USER_IO` and session tickets
 2021-07-07 16:21:59 -07:00
John Safranek
00cab36b36 Timeout Fix 
The macros setting up the timeout for the select used to timeout just
multiplied the ms by 1000 to make us. The BSD select used on macOS
doesn't like the us to be greater than 999999. Modified to carry the
excess us over into the seconds.
 2021-07-07 16:14:48 -07:00
Sean Parkinson
849020660f Merge pull request #4182 from JacobBarthelmeh/CAAM 
check return of DSA decode
 2021-07-08 08:16:46 +10:00
John Safranek
b9dac74086 Merge pull request #4193 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis tests
 2021-07-07 14:23:58 -07:00
JacobBarthelmeh
86e5287a14 Merge pull request #4032 from TakayukiMatsuo/tk11968 
Make wolfSSL_CTX_set_timeout reflect to Session-ticket-lifetime-hint
 2021-07-07 22:26:06 +07:00
Juliusz Sosinowicz
b7bd3766c7 Fix pedantic errors about macros in macros 2021-07-07 10:54:34 +02:00
JacobBarthelmeh
7b9d6a3f5e Merge pull request #3792 from TakayukiMatsuo/os_keylog 
Add wolfSSL_CTX_set_keylog_callback
 2021-07-07 15:34:33 +07:00
Hayden Roche
7422f07fb5 Improve wolfIO_HttpProcessResponse HTTP header checking logic. 
Modify this function to just ensure that the response header starts with "HTTP
1.x 200" (where x is 0, 1, etc.).
 2021-07-06 15:18:26 -07:00
David Garske
41ac17cdc6 Improve support for XHTONS with WOLFSSL_USER_IO and session tickets with default encryption implementation !WOLFSSL_NO_DEF_TICKET_ENC_CB. 2021-07-06 13:13:35 -07:00
Jacob Barthelmeh
b1a6d88af6 fix for memory leak 2021-07-06 23:37:35 +07:00
Juliusz Sosinowicz
fc7533fe5e Code review changes 2021-07-06 16:14:25 +02:00
Juliusz Sosinowicz
1acf906612 Code review changes 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
6dfc702364 Correct serverDH_Pub length on renegotiation 
On a renegotiation the serverDH_Pub buffer may be too short. The previous DhGenKeyPair call may have generated a key that has a shorter binary representation (usually by one byte). Calling DhGenKeyPair with this shorter buffer results in a WC_KEY_SIZE_E error.
 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
1b6b16c2c3 HaProxy 2.4-dev18 support 
*This patch is dependent on https://github.com/wolfSSL/wolfssl/pull/3871 because proto version selection logic is refactored in that pull request.*
This patch contains the following changes:
- Enable more options with `--enable-haproxy`
- Compatibility layer additions
    - `STACK_TYPE_X509_OBJ`
    - `OCSP_id_cmp`
    - `X509_STORE_get0_objects`
    - `X509V3_EXT_nconf_nid`
    - `X509V3_EXT_nconf`
    - `X509_chain_up_ref`
    - `X509_NAME_hash`
    - `sk_X509_NAME_new_null`
    - `X509_OBJECT_get0_X509`
    - `X509_OBJECT_get0_X509_CRL`
    - `ASN1_OCTET_STRING_free`
    - `X509_LOOKUP_TYPE`
    - `OSSL_HANDSHAKE_STATE`
- New `OPENSSL_COMPATIBLE_DEFAULTS` define will set default behaviour that is compatible with OpenSSL
    - WOLFSSL_CTX
        - Enable all compiled in protocols
        - Allow anonymous ciphers
        - Set message grouping
        - Set verify to SSL_VERIFY_NONE
- In `SetSSL_CTX`, don't change `send` and `recv` callback if currently using `BIO`
- `ssl->peerVerifyRet`
    - Return first that occured
    - Set correct value on date error
    - Set revoked error on OCSP or CRL error
    - Save value in session and restore on resumption
    - Add to session serialization
- With `OPENSSL_EXTRA`, send an alert on invalid downgrade attempt
- Handle sni callback `SSL_TLSEXT_ERR_NOACK`
- Add `WOLFSSL_VERIFY_DEFAULT` option for `wolfSSL_CTX_set_verify` and `wolfSSL_set_verify` to allow resetting to default behaviour
 2021-07-06 15:39:23 +02:00
Jacob Barthelmeh
a6ce91f3bb fix for gcc-11 build with blake2 2021-07-06 14:53:39 +07:00
Jacob Barthelmeh
ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
Sean Parkinson
34528eb6c9 ECC bench: can't use SAKKE curve with ECDH/ECDSA 
Skip curve benchmarking when all curves are being benchmarked.
 2021-07-06 12:19:50 +10:00
Guido Vranken
e0f268e522 Simplify mp_invmod_slow fix 2021-07-06 02:29:31 +02:00
Guido Vranken
9783d64f7e Add missing return value check in mp_invmod_slow 2021-07-06 02:13:42 +02:00
TakayukiMatsuo
5df0f7820a Add wolfSSL_CTX_set_keylog_callback 2021-07-03 14:51:23 +09:00
Jacob Barthelmeh
89866846d6 check return of DSA decode 2021-07-03 03:41:40 +07:00
TakayukiMatsuo
567d8ed704 Make wolfSSL_set_session return success on timeout under WOLFSSL_ERROR_CODE_OPENSSL macro definition. 2021-07-02 10:50:00 +09:00
TakayukiMatsuo
aef9e560b1 Make wolfSSL_CTX_set_timeout call wolfSSL_CTX_set_TicketHint internally to change session-ticket-lifetime-hint. 2021-07-02 09:15:01 +09:00
David Garske
197b959916 Merge pull request #4177 from SparkiDev/ecc_exp_point_size 
ECC: validate ordinate length before export
 2021-07-01 17:07:35 -07:00
David Garske
d16e374972 Merge pull request #4160 from JacobBarthelmeh/fuzzing 
better checking on length of streaming buffer
 2021-07-01 17:04:49 -07:00
David Garske
43f8c5ba1b Merge pull request #4121 from JacobBarthelmeh/PKCS7 
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
 2021-07-01 17:03:56 -07:00
JacobBarthelmeh
9b8142c1ff Merge pull request #4174 from SparkiDev/zephyr_2_6_99 
Zephyr Project: update port to work with latest
 2021-07-02 03:23:10 +07:00