wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 17:53:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,213 Commits 12 Branches 184 Tags
b92aa59bd863607d9f7ca2dda255c1edfd561756
Commit Graph

7495 Commits

Author SHA1 Message Date
David Garske
b92aa59bd8 Merge pull request #6692 from JacobBarthelmeh/tls13 
fix setting ssl error with TLS 1.3 connect socket errors
 2023-12-05 09:15:29 -08:00
JacobBarthelmeh
1857648d7d Merge pull request #6976 from embhorn/gh6974 
Fix build errors with dtls1.3 and no tls1.2
 2023-12-04 14:53:35 -07:00
Jacob Barthelmeh
ef536f541f fix setting ssh error with TLS 1.3 connect socket errors 2023-12-04 09:09:09 -07:00
JacobBarthelmeh
a1e74d9974 Merge pull request #7014 from SparkiDev/ssl_free_tlsx_fixup 
SSL_free, TLSX_Remove calls: fix #if protection
 2023-11-30 16:56:46 -07:00
jordan
9265142369 Used codespell and fixed obvious typos. 2023-11-30 13:09:55 -06:00
JacobBarthelmeh
a7e5c6c721 Merge pull request #7011 from philljj/add_missing_aesinit 
Add missing wc_AesInit calls.
 2023-11-30 11:01:02 -07:00
Daniel Pouzzner
cb381a2336 src/tls.c: fix misspelling in TLSX_KeyShare_ProcessPqc(). 2023-11-30 10:12:17 -06:00
Sean Parkinson
7ebad05446 SSL_free, TLSX_Remove calls: fix #if protection 
TLSX_Remove calls added to FreeHanshakeResources() for when TLSX_FreeAll
can't be called but TLSX still being used.
Fix #if protection to compile in TLSX_Remove calls when available.
 2023-11-30 09:27:29 +10:00
Daniel Pouzzner
73ca6daf2b wolfssl/wolfcrypt/types.h: add needed (void)s for unused args to several XMALLOC/XFREE/XREALLOC macros that were missing them. 
src/quic.c: fix misspelled DYNAMIC_TYPE_TMP_BUFFER.
 2023-11-29 16:02:39 -06:00
jordan
3158e04863 Add missing wc_AesInit calls. 2023-11-29 12:54:28 -06:00
Daniel Pouzzner
4642077146 src/ssl.c: remove frivolous (void)heap to clear -Wdeclaration-after-statement. 
wolfcrypt/src/aes.c: add NEED_AES_TABLES gate around AesSetKey_C() implementations (fixes WOLFSSL_KCAPI_AES builds, probably among others).

wolfcrypt/src/sp_int.c: add missing casts to clear -Wconversions.
 2023-11-28 23:25:31 -06:00
JacobBarthelmeh
373fc537f1 Merge pull request #7003 from SparkiDev/ssl_make_x25519_key_temp 
SSL: make temp X25519/X448 key failure
 2023-11-28 10:46:51 -07:00
Sean Parkinson
09d2ba8bc8 Memory usage fixes: nonce type and TLSX extension free 
Nonce ciphers other than AES. Free uses DYNAMIC_TYPE_CIPHER.
AES allocation must use DYNAMIC_TYPE_CIPHER too.

If not all TLSX extensions can be freed, then free the ones that can.
Update TLSX_free() to have a message for each case.
 2023-11-28 12:56:06 +10:00
JacobBarthelmeh
36015e9131 Merge pull request #6998 from SparkiDev/tls_pad_no_hash_raw_fix 
TLS_hmac: when no raw hash, make sure maxSz is not neg
 2023-11-27 09:37:57 -07:00
Sean Parkinson
f65f8be176 SSL: make temp X25519/X448 key failure 
On failure to make the temporary X25519/X448 key, free it as the type is
stored in eccTempKeyPresent which also indicates a valid key is present.
Otherwise on SSL free, it will default to freeing the key with ECC APIs.
 2023-11-27 08:50:22 +10:00
JacobBarthelmeh
008d4958bf Merge pull request #7001 from dgarske/testnb 
Fix for TLS v1.3 in non-blocking loosing return code from `SendBuffered`
 2023-11-24 12:34:57 -07:00
David Garske
09b6974ae9 Fix for TLS v1.3 in non-blocking loosing return code from SendBuffered. Example: SendBuffered returns WANT_WRITE (-327) and sets ssl->error, then below it was doing ssl->error = ret where ret = 0. 2023-11-24 09:30:09 -08:00
Sean Parkinson
bc36202087 TLS_hmac: when no raw hash, make sure maxSz is not neg 
When padding byte is invalid, the maxSz can be negative.
Make maxSz 0 in this case so that blocks doesn't get very large and
cause delays.
 2023-11-23 09:51:44 +10:00
JacobBarthelmeh
5b3f5496f8 Merge pull request #6430 from kareem-wolfssl/memcached 
Add memcached support.
 2023-11-22 16:20:28 -07:00
gojimmypi
6c41a6a374 Initialize variables to appease Espressif compiler 2023-11-22 13:02:51 -08:00
JacobBarthelmeh
0306d07c47 Merge pull request #6994 from embhorn/gh6988 
Fix spelling warnings
 2023-11-22 13:29:51 -07:00
Kareem
e175410b00 memcached: Revert wolfSSL_in_connect_init changes 2023-11-22 11:55:16 -07:00
Eric Blankenhorn
7223b5a708 Fix spelling warnings 2023-11-22 12:34:56 -06:00
JacobBarthelmeh
2f920b5cc4 Merge pull request #6892 from embhorn/gh6890 
Add error reporting to loadX509orX509REQFromBuffer
 2023-11-22 11:18:45 -07:00
Kareem
72cbd9a44e memcached: Code review feedback 2023-11-21 17:59:55 -07:00
JacobBarthelmeh
ebbeb6c69e Merge pull request #6984 from res0nance/pqc-crash-fix 
tls: return immediately if kyber_id2type() fails
 2023-11-21 09:35:22 -07:00
Kareem
ca61034d22 Add memcached support. 
memcached support: add required functions/defines.

Fix running unit test when defining DEBUG_WOLFSSL_VERBOSE without OPENSSL_EXTRA.

Break out session_id_context APIs into separate option WOLFSSL_SESSION_ID_CTX, so they can be used without OPENSSL_EXTRA.

Make wolfSSL_ERR_get_error and wolfSSL_CTX_set_mode available for memcached.

Add --enable-memcached.

Include required defines for memcached.

Revert unit test fix, no longer needed.

Add Github actions test for memcached.  Stop defining DEBUG_WOLFSSL_VERBOSE for memcached.

Add auto retry to writes.

Memcached CI: correct libevent package name.

Memcached CI: Add pkgconfig path for Github CI wolfSSL prefix.

memcached: Fix WOLFSSL_OP_NO_RENEGOTIATION going outside of int bounds, add LD_LIBRARY_PATH for memcached CI test.

memcached CI: Use correct path for wolfSSL

memcached: Add required perl dependency for SSL tests

memcached: Update to 1.6.22

memcached: actually test tls

memcached: Update wolfSSL_SSL_in_before to be side agnostic.
 2023-11-20 10:10:34 -07:00
Daniel Pouzzner
7dedfe08ef cryptonly and linuxkm fixes: fix --enable-all[-crypto] with --enable-opensslextra and --enable-cryptonly (build failures detected by multi-test linuxkm-all-asm-cryptonly-opensslextra-pie after merge of 54f2d56300 and e2bbacd548). 2023-11-19 17:22:46 -06:00
Sean Parkinson
9ed0018954 Merge pull request #6980 from gojimmypi/SM-cipher-type-PR 
Fix evp SM cipherType check
 2023-11-20 07:22:54 +10:00
res0nance
98789dc000 tls: return immediately if kyber_id2type() fails 
This prevents a crash as ecc_key is not initialized but the
free function is still called.
 2023-11-18 15:44:03 +08:00
gojimmypi
16dba37ae6 fix wolfSSL_EVP_CIPHER_CTX_ctrl() SM GCM/CCM type 2023-11-17 07:56:56 -08:00
JacobBarthelmeh
957a0ce300 Merge pull request #6964 from lealem47/zd16470 
Parse explicit parameters in StoreEccKey()
 2023-11-16 15:59:21 -07:00
JacobBarthelmeh
6945093221 Merge pull request #6935 from SparkiDev/ssl_crypto_extract 
ssl.c: Move out crypto compat APIs
 2023-11-16 11:58:14 -07:00
Daniel Pouzzner
263973bde9 src/wolfio.c: fix stack allocations for cookie digests on NO_SHA builds; 
configure.ac: fix dependencies for enable_dsa vs enable_sha in enable-all, enable-all-crypto, and ENABLED_DSA setup.
 2023-11-15 14:43:23 -06:00
Eric Blankenhorn
7bbeadcf97 Fix build errors with dtls1.3 and no tls1.2 2023-11-15 10:37:09 -06:00
Daniel Pouzzner
7569cfdff8 src/internal.c,src/wolfio.c: fallback to SHA256 when NO_SHA, in LoadCertByIssuer(), MicriumGenerateCookie(), uIPGenerateCookie(), and GNRC_GenerateCookie(); 
tests/api.c: when NO_SHA, omit test_wolfSSL_CertManagerCheckOCSPResponse() and test_wolfSSL_CheckOCSPResponse() (both use static artifacts with SHA1 name and key hashes).
 2023-11-15 00:09:22 -06:00
David Garske
12878fccae Merge pull request #6957 from lealem47/expandDistro 
Add --enable-quic to --enable-all
 2023-11-10 15:32:05 -08:00
Lealem Amedie
04ea4da6fd Parse explicit parameters in StoreEccKey() 2023-11-10 15:11:08 -07:00
Juliusz Sosinowicz
b8d5ac83eb Add info on how to use WOLFSSL_DTLS13_NO_HRR_ON_RESUME 2023-11-10 10:43:26 +01:00
Lealem Amedie
e2bbacd548 Add QUIC to --enable-all 2023-11-09 14:44:02 -07:00
JacobBarthelmeh
2b1c61a013 Merge pull request #6949 from bigbrett/zd16925 
fix WOLFSSL_CALLBACK memory error
 2023-11-08 23:35:32 -07:00
jordan
be24d68e5d Add EXTENDED_KEY_USAGE_free to OpenSSL compat layer. 2023-11-08 15:26:24 -06:00
Sean Parkinson
54f2d56300 ssl.c: Move out crypto compat APIs 
ssl_crypto.c contains OpenSSL compatibility APIS for:
 - MD4, MD5, SHA/SHA-1, SHA2, SHA3
 - HMAC, CMAC
 - DES, DES3, AES, RC4
API implementations reworked.
Tests added for coverage.
TODOs for future enhancements.
 2023-11-08 19:43:18 +10:00
JacobBarthelmeh
c5e2f414ea Merge pull request #6929 from julek-wolfssl/dtls13-early-data-server-side 
dtls 1.3: allow to skip cookie exchange on resumption
 2023-11-06 13:30:21 -07:00
JacobBarthelmeh
8ac291bbe1 Merge pull request #6944 from miyazakh/fix_qt_jenkins_failure 
skip DATE check if flags is set when calling AddTrustedPeer
 2023-11-06 11:35:22 -07:00
JacobBarthelmeh
c92d25816a Merge pull request #6887 from julek-wolfssl/zd/16849 
Implement untrusted certs in wolfSSL_X509_STORE_CTX_init
 2023-11-06 10:13:43 -07:00
JacobBarthelmeh
190b51ae6f Merge pull request #6810 from bandi13/codeSonar_fixes 
Fix 'negative character value'
 2023-11-03 13:52:06 -06:00
Juliusz Sosinowicz
8c87920903 Address code review 2023-11-03 11:02:41 +01:00
Hideki Miyazaki
49121b5c47 move declaration to the top of func 2023-11-03 11:45:33 +09:00
Hideki Miyazaki
8d9dc3d79f skip DATE if flags is set when calling AddTrustedPeer 2023-11-03 09:38:23 +09:00