wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 18:22:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,028 Commits 12 Branches 184 Tags
be69412e2776570769e7029685ba5ca77f092a91
Commit Graph

5828 Commits

Author SHA1 Message Date
Marco Oliverio
4907696ed4 wolfssl: keys: add missing wc_AesFree() when setting new keys 2021-12-30 20:30:36 +01:00
Jacob Barthelmeh
73b4cc9476 fix for location of xmemset 2021-12-29 10:48:06 -07:00
Jacob Barthelmeh
05a19c852b account for DTLS extra header size when reading msg from pool 2021-12-27 16:52:09 -07:00
Daniel Pouzzner
54e9076c45 src/ssl.c: fix whitespace and heap reference in FreeSession() (re 569c066fab). 2021-12-24 01:16:32 -06:00
David Garske
02186dbd23 Fix for TLS v1.3 client session ticket resumption where the server opts to do a new handshake. Fix to make sure preMasterSz is valid. 2021-12-23 18:45:52 -08:00
David Garske
a92fb0eb42 Fix for session resumption to ensure use of the right cipher suite. ZD13297 2021-12-23 18:42:41 -08:00
Sean Parkinson
f1f15f411f Merge pull request #4688 from embhorn/gh4684 
Fix missing include ws2tcpip.h for VS build
 2021-12-24 11:58:12 +10:00
Sean Parkinson
929174be6b Merge pull request #4667 from dgarske/zd13363 
Improve TLS client side session cache references
 2021-12-24 11:23:06 +10:00
David Garske
a75e152b93 Merge pull request #4698 from JacobBarthelmeh/Jenkins 
fix for user_settings_all.h build on 'VS' and build with libz + pkcs7 test
 2021-12-23 16:54:40 -08:00
David Garske
1e4b13dfac Only include ws2tcpip.h if not user IO. 2021-12-23 15:25:25 -08:00
David Garske
569c066fab Improve TLS client side session cache references to provide option for not returning an internal session cache pointer. Now use wolfSSL_get1_sesson for reference logic, that requires calling wolfSSL_SESSION_free. To disable this feature use NO_SESSION_CACHE_REF. 2021-12-23 14:25:45 -08:00
Daniel Pouzzner
7b5b1f5a4d src/ssl.c: refine integration of wolfCrypt_SetPrivateKeyReadEnable_fips(), started by 52754123d9: depend on fips 5.1+, and call as matched pair in wolfSSL_Init() and wolfSSL_Cleanup(). 2021-12-23 16:05:25 -06:00
David Garske
f950f24b1a Merge pull request #4691 from JacobBarthelmeh/sessionExport 
retain same size for exported session
 2021-12-23 14:03:11 -08:00
David Garske
57d2555ac8 Merge pull request #4695 from douzzer/20211222-fips-config-update-and-fix-test_RsaDecryptBoundsCheck 
fips config update and test-driven cleanup
 2021-12-23 10:38:36 -08:00
David Garske
a8605309c6 Merge pull request #4692 from haydenroche5/wolfssl_init_fipsv5 
Call wc_SetSeed_Cb and wolfCrypt_SetPrivateKeyReadEnable_fips in wolfSSL_Init.
 2021-12-23 09:28:36 -08:00
JacobBarthelmeh
63df8f0836 add fe_low_mem.c to wolfssl vs project and fix a couple warnings 2021-12-23 16:55:51 +00:00
Sean Parkinson
86e51b97e9 Merge pull request #4689 from haydenroche5/wolfengine_compression_fix 
Fix usage of SSL_OP_NO_COMPRESSION that was breaking wolfEngine.
 2021-12-23 10:47:30 +10:00
Daniel Pouzzner
a5b3daf216 fix whitespace. 2021-12-22 17:34:06 -06:00
Hayden Roche
52754123d9 Call wc_SetSeed_Cb and wolfCrypt_SetPrivateKeyReadEnable_fips in wolfSSL_Init. 
Additionally, remove wc_SetSeed_Cb calls applications (e.g. example client and
server), since they are now redundant.
 2021-12-22 14:21:06 -08:00
Chris Conlon
8670e33baf Merge pull request #4651 from TakayukiMatsuo/tsip_sce 2021-12-22 15:00:32 -07:00
Jacob Barthelmeh
fd39197e4b retain same size for exported session 2021-12-22 14:28:42 -07:00
Hayden Roche
646ceb259a Fix usage of SSL_OP_NO_COMPRESSION that was breaking wolfEngine. 
Replace instances of SSL_OP_NO_COMPRESSION with WOLFSSL_OP_NO_COMPRESSION in
ssl.c. Only define SSL_OP_NO_COMPRESSION when using the compatibility layer.
Before these changes, wolfEngine builds were failing due to
SSL_OP_NO_COMPRESSION being defined in both wolfSSL and OpenSSL headers.
 2021-12-22 10:23:51 -08:00
David Garske
9d137668c7 Merge pull request #4675 from julek-wolfssl/openssh-8.8 
Fix macro name conflicts with openssh
 2021-12-22 08:31:36 -08:00
Juliusz Sosinowicz
8435eb4644 Add WC_ namespace to variable handling defines 2021-12-22 12:16:02 +01:00
TakayukiMatsuo
cd96330f2a Integrate Renesas TSIP specific code into Renesas common logics 2021-12-22 13:18:32 +09:00
David Garske
af0bcef0ef Merge pull request #4648 from embhorn/zd13365 
Fix - wolfSSL_init should cleanup on failure of a component
 2021-12-21 17:17:16 -08:00
Sean Parkinson
bb306d14b7 Merge pull request #4643 from kareem-wolfssl/zd13328 
Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined.
 2021-12-21 08:02:17 +10:00
Anthony Hu
7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC 
AKA: The Great Rename of December 2021
 2021-12-20 11:48:03 -05:00
David Garske
ab9eda636a Merge pull request #4671 from lealem47/remove-n 
Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER
 2021-12-17 14:04:42 -08:00
David Garske
97830b81d6 Merge pull request #4674 from anhu/uninitialized 
Fix unitialized usage
 2021-12-17 10:51:43 -08:00
Anthony Hu
9cc1624023 Fix unitialized usage 2021-12-17 11:55:08 -05:00
Lealem Amedie
a79440b95a Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER 2021-12-16 13:30:43 -07:00
Daniel Pouzzner
f889916fae ssl.c: fix C++ invalid conversion in wolfSSL_sk_X509_INFO_value(). 2021-12-16 13:29:17 -06:00
David Garske
dec78169bf Merge pull request #4658 from julek-wolfssl/apache-2.4.51 
Add Apache 2.4.51 support
 2021-12-16 08:52:10 -08:00
Eric Blankenhorn
44cc9e4824 Fix - wolfSSL_init should cleanup on failure of a component 2021-12-16 09:50:50 -06:00
Juliusz Sosinowicz
afa6237f56 Add WOLFSSL_FORCE_AUTO_RETRY option: force retrying of network reads 2021-12-16 15:33:30 +01:00
Juliusz Sosinowicz
017d6cf464 Simplify error queue macros 2021-12-16 12:39:58 +01:00
Juliusz Sosinowicz
e78f7f734e Add Apache 2.4.51 support 
- Define `OPENSSL_COMPATIBLE_DEFAULTS` and `WOLFSSL_NO_OCSP_ISSUER_CHECK` for Apache config
- Fix `SSL_set_timeout` to match OpenSSL signature
- Implement `pkey` in `X509_INFO`
- Detect attempt to connect with plain HTTP
- Implement `wolfSSL_OCSP_request_add1_nonce`
- Set `ssl->cipher.bits` when calling `wolfSSL_get_current_cipher`
- Use custom flush method in `wolfSSL_BIO_flush` when set in BIO method
- Set the TLS version options in the `ssl->options` at the end of ClientHello parsing
- Don't modify the `ssl->version` when in a handshake (`ssl->msgsReceived.got_client_hello` is set)
- `wolfSSL_get_shutdown` returns a full bidirectional return when the SSL object is cleared. `wolfSSL_get_shutdown` calls `wolfSSL_clear` on a successful shutdown so if we detect a cleared SSL object, assume full shutdown was performed.
 2021-12-16 12:39:38 +01:00
David Garske
caf9024984 Merge pull request #4652 from douzzer/no-rsa-no-dh-no-dsa 
WOLFSSL_ECC_NO_SMALL_STACK etc
 2021-12-13 10:12:14 -08:00
Daniel Pouzzner
355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Anthony Hu
4c12f0be95 Only one call to wc_falcon_init() and comment on 300. 2021-12-10 16:40:41 -05:00
Anthony Hu
1d8ff70900 In d2iGenericKey(), if a falcon key is encountered, make a dummy pkey. 
This allows apache-httpd to work without PQ-specific patch along with a previous
pull request.
 2021-12-10 14:18:42 -05:00
David Garske
b921161309 Merge pull request #4633 from SparkiDev/tls13_expired 
TLS13: Skip if expired rather than turning off resuming
 2021-12-09 14:10:42 -08:00
Sean Parkinson
32014c69fd TLS 13 session ticket timeout: fixup checks 
Check difference between now and ticket seen from encrypted ticket
against timeout.
 2021-12-09 12:43:30 +10:00
Kareem
376be0f66a Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined. 2021-12-08 16:51:51 -07:00
Sean Parkinson
cf0d3263ac Merge pull request #4628 from julek-wolfssl/issue-4623 
Handle an `EPIPE` error from the socket
 2021-12-09 08:08:56 +10:00
Sean Parkinson
85ec6054c6 TLS13: Skip if expired rather than turning off resuming 2021-12-07 13:58:38 +10:00
Sean Parkinson
9f6aa36866 Merge pull request #4629 from dgarske/zd13337 
Additional checking for side on TLS messages
 2021-12-07 10:13:44 +10:00
Sean Parkinson
d5c27fca7d Merge pull request #4626 from JacobBarthelmeh/certs 
add human readable string of IP
 2021-12-07 08:23:31 +10:00
Chris Conlon
e45c33a771 Merge pull request #4624 from miyazakh/jenkins_qt_failure 2021-12-06 09:53:34 -07:00