Commit Graph

1702 Commits

Author SHA1 Message Date
David Garske 41af3da0e3 Merge pull request #4057 from SparkiDev/no_tls12_pkcb
TLS: fix build with no TLSv12 but PK callbacks
2021-05-25 15:26:40 -07:00
Sean Parkinson e1bc0c4447 EVP AES-GCM Streaming: must free Aes
AES streaming implementation allocates data in Aes objects, when small
stack, that needs to be freed.
Fix memory leaks in streaming test case too.
2021-05-25 15:57:09 +10:00
Sean Parkinson 6747055d46 TLS: fix build with no TLSv12 but PK callbacks
./configure '--disable-tlsv12' '-enable-pkcallbacks'
Disable non-TLS13 cipher suite test as well.
2021-05-21 10:59:23 +10:00
TakayukiMatsuo 8c71fb4113 Add test cases for wc_ShaxxxUpdate funcs 2021-05-14 09:46:21 +09:00
Chris Conlon c75830e2e8 Merge pull request #4011 from miyazakh/set_verify_depth2
fix out of bound access when peer's chain is greater than verifyDepth + 1
2021-05-11 15:38:39 -06:00
David Garske fce9870a64 Merge pull request #4020 from ejohnstown/options-export
New Option Export/Import
2021-05-11 09:10:17 -07:00
John Safranek d74b74d156 Also adjust for v3 of export, and update the API test case. 2021-05-10 18:06:31 -07:00
David Garske db7888ceaa Fix for the unmodified check for AesCbc test. 2021-05-10 10:04:50 -07:00
Hideki Miyazaki 2a39f1dc5c fixed memory leak 2021-05-06 16:55:51 +09:00
Hideki Miyazaki 93f04543b0 fixed unit test intermittent failure 2021-05-06 15:40:24 +09:00
Hideki Miyazaki 0539b99c86 fix boundary access when peer's chain is less than verifyDepth + 1 2021-05-06 14:54:16 +09:00
toddouska 014bd21df0 Merge pull request #3983 from tmael/tls_down
TLS minimum downgrade option
2021-05-05 15:38:45 -07:00
Hayden Roche 822aa92fcc Fix test_wolfSSL_CertManagerCheckOCSPResponse.
This test broke once we went past the nextUpdate time in the static, raw OCSP
response being used. This change makes it so that response is valid until 2048.
2021-05-03 15:26:39 -07:00
David Garske 6e0197e171 Merge pull request #4002 from kabuobeid/smime_fixes
S/MIME: Canonicalize multi-part messages before hashing.  Improve error checking in wc_MIME_parse_headers.
2021-05-03 09:24:43 -07:00
Kareem Abuobeid effcecf40d S/MIME: Add non-canonicalized test case 2021-04-30 15:07:37 -07:00
Chris Conlon 57e03d7e2f Merge pull request #3961 from miyazakh/qt_oslext_pskss_cb
added psk session callback compatibility layer API
2021-04-30 14:26:44 -06:00
TakayukiMatsuo c4782a7a1c Fix macro guard for wolfSSL_CRYPTO_get_ex_new_index and get_ex_new_index. 2021-04-28 10:41:49 +09:00
TakayukiMatsuo 9c0ff73370 Add wolfSSL_CRYPTO_get_ex_new_index 2021-04-28 10:38:53 +09:00
Hideki Miyazaki 0e40293798 added psk session callback 2021-04-28 10:08:21 +09:00
David Garske 385e0bedaa Merge pull request #3990 from haydenroche5/ocsp_bug
Fix CompareOcspReqResp.
2021-04-27 17:07:58 -07:00
Chris Conlon edb0beb9b6 Merge pull request #3969 from TakayukiMatsuo/koyo
Add wolfSSL_DH_get0_pqg
2021-04-27 17:52:17 -06:00
Chris Conlon 6fad8c4a57 Merge pull request #3975 from TakayukiMatsuo/resumable
Add implementation for wolfSSL_SESSION_is_resumable.
2021-04-27 16:45:34 -06:00
Hayden Roche 73076940af Fix CompareOcspReqResp.
There was a bug in this function that could cause a match to be reported even
when the OCSP request and response in fact had a mismatch.
2021-04-27 13:54:43 -07:00
Hideki Miyazaki 6d381a6c7f do nothing when version is zero 2021-04-27 21:13:19 +09:00
Hideki Miyazaki 3b070e1bd0 add MIN/MAX_PROTO into CTX_ctrl
add unit test for min/max proto of CTX ctrl
2021-04-27 21:13:17 +09:00
Tesfa Mael f8e9f32eb8 Add a new file 2021-04-23 15:56:09 -07:00
toddouska 91e90f7a98 Merge pull request #3604 from haydenroche5/stunnel
Make changes to get latest verison of stunnel (5.57) working with wolfSSL.
2021-04-23 15:41:22 -07:00
toddouska c3fefc6e27 Merge pull request #3889 from douzzer/network-introspection
--enable-wolfsentry
2021-04-23 15:38:01 -07:00
Tesfa Mael 0c16ef4b29 Check for TLS downgrade 2021-04-23 14:45:35 -07:00
TakayukiMatsuo 2b6f623777 Add implementation for wolfSSL_SESSION_is_resumable. 2021-04-23 11:12:20 +09:00
TakayukiMatsuo c442841e4a Fix some along review. 2021-04-23 10:53:22 +09:00
TakayukiMatsuo d22ed7443b Fix unit test. 2021-04-23 09:47:24 +09:00
TakayukiMatsuo 568c09bcde Add guard to the unit test 2021-04-23 09:47:24 +09:00
TakayukiMatsuo 63826e227b Add wolfSSL_DH_get0_pqg 2021-04-23 09:47:24 +09:00
Chris Conlon 878e0006ad Merge pull request #3965 from miyazakh/qt_oslext_epk_param_ck
added wofSSL_EVP_PKEY_param_check for compatibility layer API
2021-04-22 15:43:47 -06:00
Chris Conlon a83c6c68fe Merge pull request #3940 from miyazakh/qt_v5p15p2_r3
Added compatibility layer API for Qt5.15.2 part2
2021-04-22 15:36:20 -06:00
Daniel Pouzzner 89d7f4faf3 tests/api.c: add missing void arglists. 2021-04-21 03:22:10 -05:00
Daniel Pouzzner 1cbe696716 checkpoint: fully functioning demo via examples/server/ and unit.test (which produces a "filtered" error on a subtest when built --enable-wolfsentry). 2021-04-20 23:59:57 -05:00
Daniel Pouzzner ba2cc00e5d initial implementation of WOLFSSL_NETWORK_INTROSPECTION: --enable-network-introspection, struct wolfSSL_network_connection, wolfSSL_*_endpoints*(), NetworkFilterCallback_t, wolfSSL_*set_AcceptFilter(). 2021-04-20 23:59:57 -05:00
John Safranek 9d387b13d0 Merge pull request #3938 from julek-wolfssl/dtls-mtu
Refactor DTLS MTU logic
2021-04-20 17:18:12 -07:00
Hideki Miyazaki d3b41a2fed addressed review comments p1 2021-04-21 09:10:32 +09:00
Hideki Miyazaki e063984d17 added EVP_PKEY_param_check 2021-04-21 07:53:18 +09:00
Hideki Miyazaki bca3cd1d49 fix jenkins failures 2021-04-21 07:39:12 +09:00
Hideki Miyazaki 89b5b90be6 added compatibility layer API stub for Qt 5.15.2 2021-04-21 07:39:12 +09:00
Chris Conlon f931e67cd7 Merge pull request #3946 from TakayukiMatsuo/tk11899
Add test cases for EVP_CIPHER_CTX_cleanup and BIO_free
2021-04-20 10:10:41 -06:00
Chris Conlon c3aee06b23 Merge pull request #3939 from miyazakh/qt_v5p15p2_r1
added and modified compatibility layer APIs for Qt v5.15.2 part1
2021-04-20 10:02:27 -06:00
Juliusz Sosinowicz 70a3857ae8 Fragmentation for ServerKeyExchange and CeriticateVerify
- The `ssl->dtlsMtuSz` value is the maximum possible size of the DTLS record layer. We read `ssl->dtlsMtuSz + 100` in case peer has slightly different MTU set.
- The `-u` option in the examples takes the value of the MTU size.
- MTU tests are added in `tests/test-dtls-mtu.conf`
2021-04-16 17:30:51 +02:00
Hideki Miyazaki 5a1d171236 fixed unit test failure 2021-04-14 21:25:50 +09:00
Hideki Miyazaki 03cfc3dc8f addressed review comments part1 2021-04-14 11:15:23 +09:00
TakayukiMatsuo f245ba0ca1 Merge remote-tracking branch 'upstream/master' into tk11899
# Conflicts:
#	tests/api.c
2021-04-14 06:13:46 +09:00