wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 10:30:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,334 Commits 12 Branches 184 Tags
d290caa848aa5ec2d1fe73561dd53afa9e25cd44
Commit Graph

3262 Commits

Author SHA1 Message Date
David Garske
d290caa848 Merge pull request #9608 from Frauschi/typo_fix 
Fix for WOLFSSL_BLIND_PRIVATE_KEY and WOLFSSL_DUAL_ALG_CERTS
 2026-01-08 10:23:30 -08:00
Sean Parkinson
5343cb386a Merge pull request #9588 from kareem-wolfssl/ghAlerts 
Fix incorrect alerts.
 2026-01-06 20:22:51 +10:00
Tobias Frauenschläger
116260762f Fix for WOLFSSL_BLIND_PRIVATE_KEY and WOLFSSL_DUAL_ALG_CERTS 2026-01-05 17:26:11 +01:00
Juliusz Sosinowicz
f2d24404c8 Fix Coverity (D)TLS fragmentation size checks 
Add MAX_RECORD_SIZE-based bounds checks in SendHandshakeMsg and Dtls13SendFragmentedInternal to prevent negative/overflowed fragment sizes from reaching memcpy/BuildMessage/DtlsMsgPoolSave.
 2025-12-29 17:16:04 +01:00
Kareem
a7b83b06c1 Alert on out of order message with unexpected_message. 
Fixes #9531.
 2025-12-26 15:23:23 -07:00
David Garske
1744c11686 Merge pull request #9570 from kareem-wolfssl/variousFixes 
Add SSL_get_rfd and SSL_get_wfd.  Various documentation updates.
 2025-12-26 07:47:17 -08:00
David Garske
2354ea196b Merge pull request #9513 from rizlik/dtls_header_fix 
fix DTLS header headroom accounting
 2025-12-23 17:20:12 -08:00
David Garske
0fae0a7ba6 Merge pull request #9397 from rizlik/earlydata_want_write_fixes 
wolfssl: preserve early-data handling across WANT_WRITE retries
 2025-12-23 17:19:39 -08:00
David Garske
57ef8a7caf Merge pull request #9574 from anhu/dtls_guard 
Guard a bit of DTLS code.
 2025-12-23 15:03:46 -08:00
Marco Oliverio
149bf19b4c split overlong line 2025-12-23 23:41:52 +01:00
Marco Oliverio
2e63845531 use wolfssl_local as local functions prefix 2025-12-23 23:39:07 +01:00
Marco Oliverio
bafb8e56d5 use wolfssl_local_ as local functions prefix 2025-12-23 23:32:08 +01:00
David Garske
d36bfabe18 Merge pull request #9560 from JacobBarthelmeh/clang 
fix for shadows global declaration warning
 2025-12-23 08:54:50 -08:00
Sean Parkinson
b766f11e7b TLS 1.3, plaintext alert: ignore when expecting encrypted 
In TLS 1.3, ignore valid unencrypted alerts that appear after encryption
has started.
Only ignore WOLFSSL_ALERT_COUNT_MAX-1 alerts.
 2025-12-23 09:09:06 +10:00
Anthony Hu
cb2a80bf53 Guard a bit of DTLS code. 2025-12-22 17:05:47 -05:00
Marco Oliverio
8cbc4047df internal: rename to use wolfssl internal prefix 2025-12-22 13:41:33 +01:00
Marco Oliverio
aa4fb5d3e5 internal: GetMaxPlainTextSize: precise pad size when adjusting for MTU 2025-12-22 13:41:33 +01:00
Marco Oliverio
1200efdeb3 internal: GetRecordSize: precise header computation on fallback path 2025-12-22 13:41:33 +01:00
Marco Oliverio
75e7d5e9bd fix: split message > MTU on WOLFSSL_NO_DTLS_SIZE_CHECK 2025-12-22 12:49:31 +01:00
Marco Oliverio
14b124769a use wolfssl internal prefix for MaybeCheckAlertOnErr 2025-12-22 10:04:50 +01:00
Marco Oliverio
12c2cdafaf rename wolfSSL_MaybeCheckAlertOnErr in wolfMaybeCheckAlertOnErr 2025-12-22 09:51:06 +01:00
Marco Oliverio
f4c48c19c1 fix: abide unused arguments when WOLFSSL_CHECK_ALER_ON_ERR is disabled 2025-12-22 09:51:06 +01:00
Marco Oliverio
38d8eb6f0d address reviewer's comments 2025-12-22 09:51:06 +01:00
Marco Oliverio
57282140a9 WOLFSSL_CHECK_ALERT_ON_ERR: ignore non fatal errors 2025-12-22 09:51:06 +01:00
Kareem
7c4feb5e87 Improve the error message returned by BAD_KEY_SHARE_DATA. 
Fixes #9084.
 2025-12-19 17:17:33 -07:00
JacobBarthelmeh
a3072c7a8d fix for shadows global declaration warning 2025-12-18 17:18:39 -07:00
Daniel Pouzzner
8a8ef3512e src/internal.c: in FreeSSL_Ctx(), use wolfSSL_RefWithMutexFree(&ctx->ref), matching refactor in #8187. 2025-12-18 11:48:31 -06:00
Marco Oliverio
988ba340ba address reviewer's comments 2025-12-18 10:28:54 +01:00
Daniel Pouzzner
fc7d4ffad4 PR#9545 20251211-DRBG-SHA2-smallstackcache-prealloc addressing peer review: clear dest if necessary in InitHandshakeHashesAndCopy(), style tweaks in random.c, explanatory comments in sha512.c. 2025-12-17 11:07:22 -06:00
Daniel Pouzzner
dc0fe803a5 src/internal.c: in InitHandshakeHashesAndCopy(), don't call InitHandshakeHashes(), to avoid leaking in the later wc_FooCopy() operation. 2025-12-17 11:01:10 -06:00
JacobBarthelmeh
75fdf959c1 Merge pull request #9514 from kareem-wolfssl/zd20936 
Fix uninitialized variable, fix potentially undefined printf reference in HASH_DRBG_Generate.
 2025-12-16 14:48:17 -07:00
Marco Oliverio
0fa0fd2317 (d)tls: refactor wolfSSL_GetMaxFragSize(), simplify length computations 2025-12-16 10:46:29 +01:00
Kareem
968662063d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-15 14:06:18 -07:00
Sean Parkinson
d3863e5fa3 TLS 1.3: duplicate extension alert code fix 
The specification states to return illegal_parameter when a message is
syntactically correct but semantically invalid. (RFC 8446 section 6,
Paragraph 5)
 2025-12-15 10:00:56 -08:00
Lealem Amedie
61e58f0f04 Fix for analyzer null dereference 2025-12-12 12:31:07 -07:00
Kareem
3797c03e6c Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:34 -07:00
Kareem
63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Marco Oliverio
33a518958c internal.c: fix comment to be more precise 2025-12-10 14:11:07 +01:00
Sean Parkinson
2b726ebf0b Merge pull request #9386 from sebastian-carpenter/oss-fuzz-fix-442261624 
fixed oss-fuzz warnings
 2025-12-04 15:28:18 +10:00
David Garske
8741805e9d Merge pull request #9476 from embhorn/zd20515 
Fix Coverity dead code report
 2025-12-01 13:59:21 -08:00
Sean Parkinson
6c8b9054a0 Merge pull request #9443 from holtrop/report-rsa_pss_pss-sig-algo 
TLSv1.3 certificate verify: report rsa_pss_pss_* signature algorithm when supported
 2025-11-27 09:12:58 +10:00
Josh Holtrop
36418aca76 Set useRsaPss flag in both SSL and CTX structures 2025-11-26 10:30:38 -05:00
Eric Blankenhorn
6de31e95fc Fix Coverity dead code report 2025-11-25 13:53:36 -06:00
Sean Parkinson
7c8d7dff5e Merge pull request #9348 from effbiae/ExportEccTempKey 
Refactor: Extract ExportEccTempKey, DhSetKey, and other helper functions from SendServerKeyExchange
 2025-11-25 09:31:20 +10:00
David Garske
658ea305d1 Fix issue with poorly written macros 2025-11-18 14:15:22 -08:00
sebastian-carpenter
7fdd177233 fixed oss-fuzz warnings 2025-11-18 13:28:51 -07:00
Daniel Pouzzner
c29abccc9f src/internal.c: peer review: refactor wolfssl_priv_der_unblind() and wolfssl_priv_der_unblind_free() to use AllocDer() and FreeDer(). 2025-11-14 18:13:44 -06:00
Daniel Pouzzner
dee0658e8a fix races around WOLFSSL_CTX.{privateKey,privateKeyMask,altPrivateKey,altPrivateKeyMask} in WOLFSSL_BLIND_PRIVATE_KEY code paths: 
* rename wolfssl_priv_der_unblind() to wolfssl_priv_der_blind_toggle(),
* add wolfssl_priv_der_unblind() that allocates a temp copy,
* add wolfssl_priv_der_unblind_free(),
* in wolfssl_priv_der_blind_toggle(), make mask a const arg;

restore const attribute to ctx arg to wolfSSL_CTX_get0_privatekey(), and add explanatory comment.
 2025-11-14 18:13:43 -06:00
jackctj117
0767cb84bf Removed trailing white space 2025-11-14 09:03:51 -07:00
jackctj117
5e2fd78113 Suppress unused parameter warning 2025-11-13 18:32:00 -07:00