David Garske
e38a120043
Merge pull request #10387 from Frauschi/fix-windows-tcp-bind-flaky
...
Fix flaky tcp bind on Windows test runs
2026-05-05 12:06:44 -07:00
David Garske
63bda771fe
Merge pull request #10305 from holtrop-wolfssl/rust-crate-updates
...
Rust wrapper: add password-hash, kem, mac traits; fix a few Fenrir findings
2026-05-05 12:05:29 -07:00
David Garske
3a1f51d2e6
Merge pull request #10388 from Frauschi/slh-dsa_Wconversion
...
SLH-DSA Wconversion fixes
2026-05-05 12:04:22 -07:00
David Garske
da038c6d51
Merge pull request #10299 from Frauschi/pqc_key_share_fix
...
Fix PQC key exchange with multiple KEM key shares
2026-05-05 12:03:32 -07:00
David Garske
15b10454bc
Merge pull request #10340 from JeremiahM37/fenrir-3
...
harden falcon key handling
2026-05-05 11:57:41 -07:00
David Garske
c3cd71ea02
Merge pull request #9965 from kojo1/mldsa
...
Add ML-DSA to X509_get_pubkey and EVP_PKEY_base_id
2026-05-05 11:57:06 -07:00
David Garske
519c08ae32
Merge pull request #10121 from JacobBarthelmeh/bench
...
use heap hints where possible in benchmark
2026-05-05 11:56:04 -07:00
David Garske
309ada27a7
Merge pull request #10370 from cconlon/setAKID
...
Fix malformed AKID extension from wolfSSL_X509_set_authority_key_id()
2026-05-05 11:55:38 -07:00
David Garske
d4d1f03fef
Merge pull request #10333 from JacobBarthelmeh/oss-fuzz
...
change call to GetSigAlg in ASN original to sanity check length
2026-05-05 11:55:21 -07:00
David Garske
87536214bf
Merge pull request #10375 from LinuxJedi/STSAFEA120Sim
...
Add STSAFE A120 CI support
2026-05-05 11:53:29 -07:00
David Garske
5074cf3726
Merge pull request #10366 from embhorn/zd21744
...
Fix CUDA with WOLFSSL_AES_SMALL_TABLES
2026-05-05 11:51:01 -07:00
David Garske
a7379fa811
Merge pull request #10355 from miyazakh/rx72n_fix_usersettings
...
[Renesas RX72N] Fix SP_MATH and SP_MATH_ALL conflict in user_settings.h
2026-05-05 11:48:32 -07:00
David Garske
5266329c9a
Merge pull request #10352 from embhorn/zd21724
...
Fix static / mem tracker build error
2026-05-05 11:48:16 -07:00
David Garske
644f6171ab
Merge pull request #10290 from LinuxJedi/emnet
...
Fix emNET support and add tests
2026-05-05 11:46:15 -07:00
David Garske
9b1167772d
Merge pull request #10350 from LinuxJedi/ATECC608Sim
...
Add ATECC608 CI tests
2026-05-05 11:45:45 -07:00
David Garske
8e46221428
Merge pull request #10336 from julek-wolfssl/wolfSSL_PEM_read_bio_X509_CRL-multi-crl-fix
...
src/x509.c: refactor wolfSSL_PEM_read_bio_X509_CRL onto the per-block reader
2026-05-05 11:42:00 -07:00
David Garske
3b7ac9fd25
Merge pull request #10327 from embhorn/zd21704
...
Hardening in TLSX_KeyShare_ProcessPqcHybridClient
2026-05-05 11:41:43 -07:00
David Garske
678ddd6c73
Merge pull request #10339 from embhorn/zd21707
...
Fix handling of otherName in ConfirmNameConstraints
2026-05-05 11:41:28 -07:00
David Garske
b0fca9df10
Merge pull request #10276 from padelsbach/asn1-time-chars-check
...
Add checks for ascii digits in time decode functions
2026-05-05 11:38:47 -07:00
David Garske
bc15131f60
Merge pull request #10338 from gasbytes/cert-ext-offered-list-fix
...
reject extensions in a TLS 1.3 Certificate message that were not offered in the prior ClientHello/CertificateRequest
2026-05-05 11:38:25 -07:00
David Garske
403f0fe637
Merge pull request #10230 from julek-wolfssl/fenrir/20260415
...
Fenrir fixes
2026-05-05 11:34:43 -07:00
David Garske
aaca0948e8
Merge pull request #10335 from julek-wolfssl/pkcs11-hmac-session
...
wolfcrypt/src/wc_pkcs11.c: cache PKCS#11 session across multi-call HMAC
2026-05-05 11:33:10 -07:00
David Garske
04984a5d5e
Merge pull request #10346 from Frauschi/ecc_leak_fix
...
Prevent ECC tmp key leak and UB
2026-05-05 11:32:48 -07:00
David Garske
7e9635df19
Merge pull request #10208 from ColtonWilley/bio-io-negative-length-checks
...
Guard against negative length in BIO, I/O callbacks and PKCS12 PBKDF
2026-05-05 11:32:21 -07:00
David Garske
c278b614dd
Merge pull request #10337 from embhorn/zd21709
...
Fix DupSSL issue with Poly1305 auth
2026-05-05 11:26:29 -07:00
David Garske
d793452264
Merge pull request #10353 from julek-wolfssl/dtls-13-client-only
...
DTLS 1.3 client-only minimum: WOLFSSL_DTLS_ONLY + autoconf cascade
2026-05-05 11:24:44 -07:00
David Garske
80c9d3f048
Merge pull request #10183 from douzzer/20260409-IsValidFQDN
...
20260409-IsValidFQDN
2026-05-05 11:22:51 -07:00
David Garske
c0bc5efe31
Merge pull request #10307 from padelsbach/nxp-aes-multiblock
...
Fix AES multiblock issues for NXP DCP
2026-05-05 10:56:21 -07:00
David Garske
401e9e23a6
Merge pull request #10298 from LinuxJedi/bot-block-update
...
Update blocking PR check
2026-05-05 10:55:19 -07:00
David Garske
f14b4e06b4
Merge pull request #10284 from ColtonWilley/security_policy_and_report_template
...
Publish wolfSSL Security Policy and Vulnerability Report Template
2026-05-05 10:46:49 -07:00
David Garske
6fb7cb3980
Merge pull request #10277 from kareem-wolfssl/zd21664_5
...
Add some missing length checks and fix length calculation.
2026-05-05 10:39:22 -07:00
David Garske
a629ef1fdf
Merge pull request #10356 from space88man/fix-rhel10-lto
...
rpm packaging: RHEL10 + LTO needs gcc-toolset-15
2026-05-05 09:14:22 -07:00
David Garske
f7d3a486c3
Merge pull request #10029 from danielinux/wolfboot-integration-tests
...
Add github workflow to check for wolfboot regressions
2026-05-05 08:38:32 -07:00
Daniele Lacamera
59a0ec4a94
Correctly detect expected failures
2026-05-05 15:10:56 +02:00
Daniele Lacamera
d633a76de3
Properly copy wolfssl as wolfBoot lib/ submodule
2026-05-05 14:18:39 +02:00
Daniele Lacamera
8b9bb6b3c6
Migrate wolfboot integration tests to new wolfboot-ci container
2026-05-05 14:01:49 +02:00
Daniele Lacamera
e8ccb5c8a2
Address more comments, pin renode to v 1.15.3
2026-05-05 13:03:42 +02:00
Daniele Lacamera
cc85d5a656
Addressed copilot's comment
2026-05-05 13:03:42 +02:00
Daniele Lacamera
c7684acb6c
Renode docker: fixed permission
2026-05-05 13:03:42 +02:00
Daniele Lacamera
2c7bc0d1b3
Removed toLower
2026-05-05 13:03:42 +02:00
Daniele Lacamera
b695dd37b4
Remove artifact upload, address copilot's, fix docker boundary
2026-05-05 13:03:42 +02:00
Daniele Lacamera
b69ea6659b
Add github workflow to check for wolfboot regressions
2026-05-05 13:03:41 +02:00
David Garske
02dfd12466
Merge pull request #10376 from rlm2002/coverity
...
20260501 Coverity Fixes
2026-05-04 15:15:11 -07:00
Daniel Pouzzner
5ffdb9f6b9
Merge pull request #10295 from lealem47/hal_xtime
...
Allow custom time functions on STM32
2026-05-04 13:22:50 -05:00
Tobias Frauenschläger
bbcfa97144
SLH-DSA Wconversion fixes
2026-05-04 13:58:00 +02:00
Tobias Frauenschläger
1093a36bc3
Fix flaky tcp bind on Windows test runs
...
Windows test code pre-picked a random port via GetRandomPort() (returning
a value in [49152, 65535]) before calling bind(), with no check that the
port was free and no retry on collision. Under load this occasionally
collided with an already-bound port and aborted the test with
"tcp bind failed", producing intermittent Jenkins failures (e.g. PRB
windows-test-v2 #17140 in the OCSP responder test).
The Unix path already does the right thing: bind to port 0 (OS-assigned
ephemeral) and read the port back via getsockname(). The same primitives
exist in Winsock 1.1, so drop the USE_WINDOWS_API guard around the
getsockname block in tcp_listen()/udp_accept() and remove the per-caller
GetRandomPort() workarounds in the OCSP responder, server example, and
the api.c / test_ossl_bio.c test sites. socklen_t is already typedef'd
as int on Windows in test.h.
GetRandomPort() itself is left in place since it is a static inline in a
shipped public test header.
2026-05-04 10:35:04 +02:00
Tobias Frauenschläger
3524ece54e
Fix PQC key exchange with multiple KEM key shares
2026-05-04 10:32:45 +02:00
Takashi Kojo
582f505abf
test_mldsa_x509_pubkey_sigtype to TEST_MLDSA_DECLS
2026-05-02 08:19:19 +09:00
Takashi Kojo
048a2e66e1
check candidate runnability before probing ML-DSA support
2026-05-02 08:15:22 +09:00
Takashi Kojo
69854c1cfd
Fix for the comments
2026-05-02 08:15:22 +09:00