wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 21:29:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,718 Commits 12 Branches 184 Tags
da422eb4226400a1245d0904d8c3ef22bde9eb8d
Commit Graph

451 Commits

Author SHA1 Message Date
David Garske
8605195709 Support for asynchronous session ticket callback (can return WC_PENDING_E). Requires wolfAsyncCrypt support. ZD 14420. 2022-07-20 16:43:17 -07:00
Jacob Barthelmeh
8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Marco Oliverio
fd4836772b examples: support DTLS version downgrading 2022-07-06 16:18:44 +02:00
Marco Oliverio
80f3db6e1d fix: examples/server: dtls mode checking 
This fixes using ssl to check if we are using dtls or not, when ssl is not yet
valid.

Fix: 060dfe1a69
 2022-07-04 10:21:11 +02:00
David Garske
b87b255d52 Merge pull request #5295 from rizlik/dtls13_bugfix 
server: fix wrong minVersion setting when non in dtls
 2022-06-28 09:35:23 -07:00
Chris Conlon
14c65e0117 Merge pull request #5281 from miyazakh/example_japanese_translate 2022-06-28 10:08:06 -06:00
Marco Oliverio
060dfe1a69 server: fix wrong minVersion setting when non in dtls 2022-06-28 12:10:18 +02:00
Hideki Miyazaki
c34c32f621 translated Japanese messages 2022-06-24 08:09:28 +09:00
Daniel Pouzzner
a5250482ce examples/: refactor a couple help strings to avoid hitting clang-tidy bugprone-suspicious-missing-comma. 2022-06-23 15:25:23 -05:00
Marco Oliverio
fdc4cdf5ec examples: update usage() with DTLSv1.3 version 2022-06-22 18:50:18 +02:00
Marco Oliverio
12a3efeca8 client/server: tolerate WANT_WRITE errors 2022-06-15 10:46:43 -07:00
Marco Oliverio
4e112419f5 examples: client/server: support DTLSv1.3 (-u -v4) 
This commits add some new options to examples/[server,client] to support testing
of DTLS v1.3.

client: add waitTicket option

If this option is used, the client will wait until it receives a sessionTicket
from the server. This is useful when testing DTLS retransmission.

client: add waitKeyUpdate option

When this option is set, the client waits until the UpdateKey message is
acknowledged by the server. This is useful to test DTLS retransmission logic
 2022-06-15 10:46:43 -07:00
Marco Oliverio
c1dc90d9b0 server: request cert only once if doing post-handshake auth 2022-06-15 10:46:43 -07:00
David Garske
9cfcdfc7aa Merge pull request #5149 from julek-wolfssl/store-frags-v2 
Re-use async to support WANT_WRITE while sending fragments
 2022-06-01 10:52:54 -07:00
Sean Parkinson
be743b2204 TLS 1.3: send ticket 
Can send a new session ticket any time after handshake is complete with
TLS v1.3.
Added API for server application to do this.
Added tests.
 2022-06-01 10:36:01 +10:00
Juliusz Sosinowicz
6245395f34 Simulate WANT_WRITE only with async I/O support 2022-05-27 23:23:18 +02:00
Juliusz Sosinowicz
50c0b3d2a2 Add testing/docs for blocking write 
- Fix case where message grouping can make CheckAvailableSize return a WANT_WRITE
- CheckAvailableSize in tls13.c will not return a WANT_WRITE since it only does so for DTLS <=1.2
 2022-05-27 21:26:55 +02:00
Daniel Pouzzner
c4920021d8 print errors to stderr, not stdout; 
fix whitespace in internal.c;

add missing error handling in examples/server/server.c around recvfrom().
 2022-05-12 13:07:32 -05:00
Juliusz Sosinowicz
44be4e1cc8 Reset ret in client and server after wolfSSL_dtls_got_timeout() 
- Do UDP connect only with simulateWantWrite to accommodate macOS that doesn't like sendto being called on connected UDP sockets
- Call wolfSSL_dtls_get_current_timeout only on a DTLS connection
 2022-05-12 16:48:04 +02:00
Juliusz Sosinowicz
9914da3046 Fix resumption failure and use range in connect state logic 2022-05-12 15:46:08 +02:00
Juliusz Sosinowicz
a31b76878f DTLS fixes with WANT_WRITE simulations 
- WANT_WRITE could be returned in unexpected places. This patch takes care of that.
- Change state after SendBuffered only if in a sending state to begin with.
- Adapt client and server to simulate WANT_WRITE with DTLS
 2022-05-12 15:46:08 +02:00
John Safranek
798d81723b Merge pull request #5128 from rizlik/dtls_bidrectional_shutdown 
Support DTLS bidirectional shutdown in the examples
 2022-05-11 17:00:44 -07:00
Juliusz Sosinowicz
257c55a311 examples: allow bidirectional shutdown in UDP 
This commit allows the examples to perform a bidirectional shutdown also when
using UDP. It is useful to test DTLS retransmission.

Signed-off-by: Marco Oliverio <marco@wolfssl.com>
 2022-05-11 13:27:24 +02:00
Daniel Pouzzner
26673a0f28 where appropriate, use strcmp/strcasecmp, not strncmp/strncasecmp; 
add macro XSTRCASECMP();

update XSTRNCASECMP() for XC32 >= 1.00 to use strncasecmp.
 2022-05-10 12:20:12 -05:00
Marco Oliverio
d133fa6143 server: check that the first packet of udp connection is clientHello 
Used to allow for bi-directional shutdown tests with UDP and DTLS
 2022-05-09 13:45:27 +02:00
elms
29392ac6b3 spell fix: OSCP -> OCSP 2022-04-19 15:11:08 -07:00
David Garske
dd8fb41f66 Fixes for TLS v1.3 early data with async. 2022-03-11 14:03:46 -08:00
David Garske
3839b0e675 Fixes for building wolfSSL along side openssl. 2022-03-04 12:06:24 -08:00
David Garske
6dd7a289e7 Fix for "set but not used". 2022-02-24 13:43:56 -08:00
Juliusz Sosinowicz
ceff401269 Fixes for Jenkins tests 
- Move test to `HAVE_IO_TESTS_DEPENDENCIES`
- Implement `wolfSSL_trust_peer_cert`
- have{cipher} options weren't being set with only RSA enabled
 2022-02-23 09:47:34 +01:00
Daniel Pouzzner
6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes). 
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
 2022-01-21 01:25:48 -06:00
Marco Oliverio
231a0bbb84 dtls-srtp: no ekm cross check on single threaded/no pthread conf 2022-01-20 16:12:04 +01:00
David Garske
8e0ece920b Test cleanups. Fix possible leak in TLSX_UseSRTP. 2022-01-19 09:22:02 -08:00
Marco Oliverio
86ba0ef643 tests: support test for SRTP 
the test will check that the same Exported Keying Material is generated between
client and server
 2022-01-19 13:35:29 +01:00
David Garske
eade8ecdf1 DTLS SRTP improvements. Added support for client to send list of profiles. Added support for more SRTP profiles. 2022-01-14 13:43:29 -08:00
David Garske
6ccbd8776f DTLS SRTP (RFC5764) support (adds --enable-srtp). Used with WebRTC to agree on profile for new real-time session keys. 2022-01-14 07:35:45 -08:00
Anthony Hu
7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC 
AKA: The Great Rename of December 2021
 2021-12-20 11:48:03 -05:00
Daniel Pouzzner
0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
Juliusz Sosinowicz
6d89de4f11 Check correct var for server.c echo return. 2021-11-05 16:10:17 +01:00
Jacob Barthelmeh
1d91ccb41b remove exe bit on example.c and server.c 2021-10-29 13:12:43 -06:00
David Garske
0a26335243 Merge pull request #4446 from ejohnstown/dtls-sizing 
DTLS Sizing
 2021-10-28 14:15:36 -07:00
Juliusz Sosinowicz
adee6a86d1 Return the close notify error when expecting an error. 2021-10-28 20:53:58 +02:00
Juliusz Sosinowicz
894303be59 Make the wolfSSL_GetMaxFragSize parameter meaning consistent 
- Add testing for sending as much app data as possible in a single DTLS record
 2021-10-28 14:46:15 +02:00
David Garske
c16f0db1b5 Fixes for handling WC_PENDING_E async responses in API unit test and examples. Resolves all issues with --enable-all --enable-asynccrypt --with-intelqa=. 2021-10-27 15:08:39 -07:00
John Safranek
976402e04b RNG Update 
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
   as a default callback.
2. Modify all the tests and examples to use the default seed callback if
   the seed callback is enabled.
 2021-10-26 20:24:25 -05:00
Sean Parkinson
6070981366 Merge pull request #4490 from dgarske/static_mem_unittest 
Add CTX static memory API unit tests
 2021-10-26 09:52:14 +10:00
kaleb-himes
5859779ddf Check-in non-FIPS specific porting changes for OE22 
Fix no new line

Change comment style in testsuite.c

Add include for proper socket header in wolfio.h

Add dc_log_printf support to benchmark application

Pull in changes for examples

Refector NETOS check in test.c

Fix format and remove settings used only for validation testing

Implement peer review feedback

Address last items noted in peer review

Add new README to include.am

Adjust comment style on TODO

Gate changes in client and server properly

Add static on customer feedback

Fix settings include

Update latest peer feedback
 2021-10-22 15:01:14 -06:00
David Garske
f17187aad9 Fixes for static memory testing. Fix clang memory sanitizer warnings. 2021-10-21 16:33:57 -07:00
David Garske
911d95e5e4 Add CTX static memory API unit tests. Expanded crypto callback TLS tests to older SSL/TLS and DTLS. 2021-10-21 11:47:00 -07:00
David Garske
37a976b4bf Fix example server to support option 7 (which exists). Fix static mem size required with session cert (matches client now). 2021-10-21 11:41:30 -07:00