Commit Graph

12677 Commits

Author SHA1 Message Date
Juliusz Sosinowicz d49038ae24 Fix overlapping sequence number error.
wolfSSL wants to use the same sequence number for the ServerHello as the ClientHello. This is an issue when this sequence number is already taken.
2020-11-11 15:35:05 +01:00
David Garske 68209f91fb Merge pull request #3465 from kaleb-himes/DOX_UPDATE_wc_RsaPublicEncrypt
Address report on issue #3161
2020-11-10 14:52:20 -08:00
David Garske fcd73135f5 Merge pull request #3479 from tmael/ocsp_NULL
Check <hash> input parameter in GetCA
2020-11-10 14:46:05 -08:00
Chris Conlon 7b50cddf8c Merge pull request #3387 from ethanlooney/27th_branch
Added unit test for evp.c
2020-11-10 13:27:33 -07:00
David Garske bfb6138fc5 Merge pull request #3480 from douzzer/fix-sniffer-printf-null-Wformat-overflow
TraceSetNamedServer() null arg default vals; FIPS wc_MakeRsaKey() PRIME_GEN_E retries; external.test config dependencies
2020-11-10 09:37:36 -08:00
Daniel Pouzzner 5625929c83 scripts/external.test: skip test when -UHAVE_ECC. 2020-11-10 01:27:45 -06:00
Daniel Pouzzner 196ae63eb2 scripts/external.test: skip test when -DWOLFSSL_SNIFFER (staticCipherList in client.c is incompatible). 2020-11-10 00:03:02 -06:00
Daniel Pouzzner bd38124814 ssl.c: refactor wolfSSL_RSA_generate_key() and wolfSSL_RSA_generate_key_ex() to retry failed wc_MakeRsaKey() on PRIME_GEN_E when -DHAVE_FIPS, matching non-FIPS behavior, to eliminate exposed nondeterministic failures due to finite failCount. 2020-11-09 21:24:34 -06:00
toddouska 3050f28890 Merge pull request #3467 from cconlon/rc2vs
rc2.c to Visual Studio projects, fix warnings
2020-11-09 13:52:03 -08:00
David Garske f02c3aab2e Merge pull request #3475 from ejohnstown/nsup
Hush Unused Param Warning
2020-11-09 11:04:05 -08:00
Daniel Pouzzner 4b1a779fcc tests: fix for fips-test -Wunused-variable on "rng" 2020-11-09 11:54:49 -06:00
David Garske 7e3efa3792 Merge pull request #3474 from douzzer/lighttpd-update-1.4.56
lighttpd support update for v1.4.56
2020-11-09 09:24:58 -08:00
Tesfa Mael a5caf1be01 Check for NULL 2020-11-09 08:45:48 -08:00
Daniel Pouzzner 22bcceb2d3 src/sniffer.c: guard against null arguments to TraceSetNamedServer(), to eliminate -Werror=format-overflow= warnings from gcc. 2020-11-06 17:40:12 -06:00
Kaleb Himes 937a7ce8ce Merge pull request #3448 from dgarske/crypto_cb
Improve the crypto callback for ASN
2020-11-06 15:26:11 -07:00
John Safranek 884a9b59ab Merge pull request #3461 from dgarske/fips_ready_wopensslextra
Fix for FIPS ready with openssl compat
2020-11-06 13:14:06 -08:00
Ethan Looney a6e0d3eb29 Changed hardcoded values to variables, changed where some variables were defined, etc 2020-11-06 14:04:27 -07:00
Chris Conlon ac4c8a0112 Merge pull request #3419 from ethanlooney/29th_branch
Added case for Logging.c unit test
2020-11-06 13:10:24 -07:00
toddouska 4110297b62 Merge pull request #3473 from embhorn/zd11198
wc_SetIssuerRaw should copy raw subject to issuer
2020-11-06 10:48:37 -08:00
toddouska b4e7f196df Merge pull request #3470 from SparkiDev/config_fix_3
TLS configurations fixes
2020-11-06 10:35:51 -08:00
toddouska 3f25cda354 Merge pull request #3469 from SparkiDev/cpuid_sp_asm
cpuid and SP ASM: ensure WOLFSSL_X86_64_BUILD is defined
2020-11-06 10:34:40 -08:00
John Safranek abd6f6ce18 Hush Unused Param Warning
Removed a guard check for NO_WOLFSSL_STUB from wolfSSL_X509_print_ex().
To recreate:

    $ ./configure --enable-opensslextra CPPFLAGS="-DNO_WOLFSSL_STUB"
    $ make
2020-11-06 10:30:47 -08:00
toddouska f3d961b1b1 Merge pull request #3453 from dgarske/ZD11159
Fix for possible memory leak when overriding error for verify callback
2020-11-06 10:18:52 -08:00
toddouska f9ec7c472a Merge pull request #3440 from ejohnstown/ntf3
Nightly Test Fix
2020-11-06 10:15:23 -08:00
Hayden Roche 2cad844d29 Merge pull request #3421 from dgarske/apache_httpd
Apache httpd w/TLS 1.3 support
2020-11-06 12:14:58 -06:00
David Garske 0d2e28ce80 Fix for error: unused function 'MonthStr' 2020-11-06 10:11:48 -08:00
Daniel Pouzzner dcff103c84 tests/api.c: fixes for compilability re NO_BIO 2020-11-05 22:19:16 -06:00
Daniel Pouzzner 4030523eb5 ssl.c: remove duplicate definition of wolfSSL_CTX_check_private_key(). 2020-11-05 21:57:33 -06:00
Glenn Strauss f9e48ee361 build updates for lighttpd: recommend -DNO_BIO
(cherry picked from commit bfe12839e18ccc3ab95cfc33b34c875ebe55c14a)
2020-11-05 20:40:43 -06:00
Glenn Strauss 92c3296e13 preprocessor -DNO_BIO to omit OpenSSL BIO API 2020-11-05 20:40:43 -06:00
Glenn Strauss 030eb9347c lighttpd: allow ssl3, tls1.0 if explicitly enabled 2020-11-05 20:40:43 -06:00
Glenn Strauss 7cee131e37 restore --enable-lighty with --enable-all
protect lighttpd recommendations (and recommended restrictions)
to when building wolfSSL specifically for use by lighttpd, and
omit these optional settings when building `--enable-all`
2020-11-05 20:40:43 -06:00
David Garske a9a495270c Fix to disable CRL monitor for single threaded or lighttpd. Do not set --enable-lighty with --enable-all. 2020-11-05 20:40:43 -06:00
Glenn Strauss daca327ba3 expose (get|set)_(app|ex)_data with HAVE_EX_DATA
when OPENSSL_EXTRA_X509_SMALL is set
2020-11-05 20:40:43 -06:00
Glenn Strauss d01616a357 unhide some non-fs funcs hidden by NO_FILESYSTEM 2020-11-05 20:40:43 -06:00
Glenn Strauss bcf1f0375b build updates for lighttpd: recommended flags 2020-11-05 20:40:43 -06:00
Glenn Strauss f4e2db831e enable SNI_Callback for lighttpd 2020-11-05 20:40:43 -06:00
Glenn Strauss be7592fb43 implement wolfSSL_dup_CA_list()
wolfSSL_dup_CA_list() duplicates a WOLF_STACK_OF(WOLFSSL_X509_NAME)

(replaces stub function)
2020-11-05 20:40:43 -06:00
Glenn Strauss e5ed227a87 build updates for lighttpd: -DOPENSSL_ALL
avoid potential for WolfSSL to silently omit expected functionality
2020-11-05 20:40:43 -06:00
Glenn Strauss 503de43cbd build updates for lighttpd
Update configure.ac and various #ifdefs to enable WolfSSL to
build features for use by lighttpd.

Change signature of wolfSSL_GetVersion() to take const arg.
Pass (const WOLFSSL*) to wolfSSL_GetVersion() for use with
SSL_CTX_set_info_callback(), where OpenSSL callback takes (const SSL *)
2020-11-05 20:40:43 -06:00
kaleb-himes 182a3e6bc2 Also addressing opensslall, pkcs7 and combinations 2020-11-05 17:29:30 -07:00
Ethan Looney 232ac03bbe Changed it to only the inverse 2020-11-05 14:38:23 -07:00
Ethan Looney 0aee4b78cd Changed md5 to sha256 in DigestFinal_ex function 2020-11-05 14:36:42 -07:00
Eric Blankenhorn a92e31f6cb Fix from review 2020-11-05 14:47:10 -06:00
David Garske d784bd61cd Merge pull request #3462 from kabuobeid/wolfrand_freescale_ecc_fix
Fix build issue when building wolfrand on a Freescale platform.
2020-11-05 12:29:49 -08:00
Ethan Looney 06f1a1870d Added inverse case 2020-11-05 13:05:15 -07:00
David Garske 1dc7293b19 Fix the return code. openssl uses void on these, but let's go ahead and do a return code. 2020-11-05 09:31:12 -08:00
David Garske 063fb2cfa0 Merge pull request #3455 from douzzer/linuxkm-install-rules
add "module", "modules_install", and "clean_module" rules for linuxkm
2020-11-05 09:09:35 -08:00
Kaleb Himes 648c5e4735 Merge pull request #3471 from douzzer/fix-scan-build-20201104
fix various possibly spurious scan-build null deref reports.
2020-11-05 09:36:42 -07:00
Eric Blankenhorn fa9a0a4b49 Copy raw subject to issuer 2020-11-05 09:06:02 -06:00