wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 02:32:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,940 Commits 12 Branches 184 Tags
ea432f45cdc51373abd004cd3df6e28fd4ca51d1
Commit Graph

5803 Commits

Author SHA1 Message Date
David Garske
af0bcef0ef Merge pull request #4648 from embhorn/zd13365 
Fix - wolfSSL_init should cleanup on failure of a component
 2021-12-21 17:17:16 -08:00
Sean Parkinson
bb306d14b7 Merge pull request #4643 from kareem-wolfssl/zd13328 
Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined.
 2021-12-21 08:02:17 +10:00
Anthony Hu
7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC 
AKA: The Great Rename of December 2021
 2021-12-20 11:48:03 -05:00
David Garske
ab9eda636a Merge pull request #4671 from lealem47/remove-n 
Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER
 2021-12-17 14:04:42 -08:00
David Garske
97830b81d6 Merge pull request #4674 from anhu/uninitialized 
Fix unitialized usage
 2021-12-17 10:51:43 -08:00
Anthony Hu
9cc1624023 Fix unitialized usage 2021-12-17 11:55:08 -05:00
Lealem Amedie
a79440b95a Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER 2021-12-16 13:30:43 -07:00
Daniel Pouzzner
f889916fae ssl.c: fix C++ invalid conversion in wolfSSL_sk_X509_INFO_value(). 2021-12-16 13:29:17 -06:00
David Garske
dec78169bf Merge pull request #4658 from julek-wolfssl/apache-2.4.51 
Add Apache 2.4.51 support
 2021-12-16 08:52:10 -08:00
Eric Blankenhorn
44cc9e4824 Fix - wolfSSL_init should cleanup on failure of a component 2021-12-16 09:50:50 -06:00
Juliusz Sosinowicz
afa6237f56 Add WOLFSSL_FORCE_AUTO_RETRY option: force retrying of network reads 2021-12-16 15:33:30 +01:00
Juliusz Sosinowicz
017d6cf464 Simplify error queue macros 2021-12-16 12:39:58 +01:00
Juliusz Sosinowicz
e78f7f734e Add Apache 2.4.51 support 
- Define `OPENSSL_COMPATIBLE_DEFAULTS` and `WOLFSSL_NO_OCSP_ISSUER_CHECK` for Apache config
- Fix `SSL_set_timeout` to match OpenSSL signature
- Implement `pkey` in `X509_INFO`
- Detect attempt to connect with plain HTTP
- Implement `wolfSSL_OCSP_request_add1_nonce`
- Set `ssl->cipher.bits` when calling `wolfSSL_get_current_cipher`
- Use custom flush method in `wolfSSL_BIO_flush` when set in BIO method
- Set the TLS version options in the `ssl->options` at the end of ClientHello parsing
- Don't modify the `ssl->version` when in a handshake (`ssl->msgsReceived.got_client_hello` is set)
- `wolfSSL_get_shutdown` returns a full bidirectional return when the SSL object is cleared. `wolfSSL_get_shutdown` calls `wolfSSL_clear` on a successful shutdown so if we detect a cleared SSL object, assume full shutdown was performed.
 2021-12-16 12:39:38 +01:00
David Garske
caf9024984 Merge pull request #4652 from douzzer/no-rsa-no-dh-no-dsa 
WOLFSSL_ECC_NO_SMALL_STACK etc
 2021-12-13 10:12:14 -08:00
Daniel Pouzzner
355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Anthony Hu
4c12f0be95 Only one call to wc_falcon_init() and comment on 300. 2021-12-10 16:40:41 -05:00
Anthony Hu
1d8ff70900 In d2iGenericKey(), if a falcon key is encountered, make a dummy pkey. 
This allows apache-httpd to work without PQ-specific patch along with a previous
pull request.
 2021-12-10 14:18:42 -05:00
David Garske
b921161309 Merge pull request #4633 from SparkiDev/tls13_expired 
TLS13: Skip if expired rather than turning off resuming
 2021-12-09 14:10:42 -08:00
Sean Parkinson
32014c69fd TLS 13 session ticket timeout: fixup checks 
Check difference between now and ticket seen from encrypted ticket
against timeout.
 2021-12-09 12:43:30 +10:00
Kareem
376be0f66a Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined. 2021-12-08 16:51:51 -07:00
Sean Parkinson
cf0d3263ac Merge pull request #4628 from julek-wolfssl/issue-4623 
Handle an `EPIPE` error from the socket
 2021-12-09 08:08:56 +10:00
Sean Parkinson
85ec6054c6 TLS13: Skip if expired rather than turning off resuming 2021-12-07 13:58:38 +10:00
Sean Parkinson
9f6aa36866 Merge pull request #4629 from dgarske/zd13337 
Additional checking for side on TLS messages
 2021-12-07 10:13:44 +10:00
Sean Parkinson
d5c27fca7d Merge pull request #4626 from JacobBarthelmeh/certs 
add human readable string of IP
 2021-12-07 08:23:31 +10:00
Chris Conlon
e45c33a771 Merge pull request #4624 from miyazakh/jenkins_qt_failure 2021-12-06 09:53:34 -07:00
David Garske
54c3e0ac73 Additional checking for side on TLS messages. ZD13337 2021-12-03 11:49:08 -08:00
Juliusz Sosinowicz
e4bd5d9046 Handle an EPIPE error from the socket 
Issue reported in https://github.com/wolfSSL/wolfssl/issues/4623
 2021-12-03 17:44:53 +01:00
Jacob Barthelmeh
1ec86ee4cc add human readable string of IP 2021-12-02 16:04:58 -07:00
David Garske
b4c6140b64 Merge pull request #4442 from julek-wolfssl/kerberos 
Add Kerberos 5 support
 2021-12-02 09:07:34 -08:00
Hideki Miyazaki
a5bd6cde8d fix nigtly jenkins Qt Job failure 2021-12-02 16:37:48 +09:00
David Garske
9f611e8b80 Merge pull request #4589 from JacobBarthelmeh/native-lwip 
Native LwIP support update
 2021-12-01 10:37:13 -08:00
Sean Parkinson
d06ada2ccc Merge pull request #4610 from julek-wolfssl/nginx-1.21.4 
Add support for Nginx 1.21.4
 2021-12-01 22:27:12 +10:00
Juliusz Sosinowicz
aac1b406df Add support for Nginx 1.21.4 
- Add KEYGEN to Nginx config
- Check for name length in `wolfSSL_X509_get_subject_name`
- Refactor `wolfSSL_CONF_cmd`
- Implement `wolfSSL_CONF_cmd_value_type`
- Don't forecfully overwrite side
- `issuerName` should be `NULL` since the name is empty
 2021-12-01 09:49:52 +01:00
David Garske
a0300f7ab0 Fixes for ECDSA_Size. If group is unknown set to -1, otherwise defaults to first ECC index. Fix the signature size calculation to use our existing enum and calculation logic. ZD13303 2021-11-30 12:33:49 -08:00
David Garske
29517fd617 Merge pull request #4609 from danielinux/tls13_hkdf_callback 
TLS 1.3: Add HKDF extract callback
 2021-11-30 10:59:44 -08:00
Daniele Lacamera
c3b1d9f9e7 Cosmetic and prototypes changes after reviewer's comments 2021-11-30 10:06:54 +01:00
Daniel Pouzzner
a33ae21801 whitespace cleanups and portability/pedantic fixes 2021-11-29 23:58:39 -06:00
Jacob Barthelmeh
f7c34d22e6 add calls to user callback and adjust formating 2021-11-29 15:56:00 -07:00
Chris Conlon
7221e06ff7 Merge pull request #4588 from miyazakh/sce_protect_mode_e2studio 2021-11-29 15:32:48 -07:00
Daniele Lacamera
57fb5453cb Support for HKDF Extract callback 2021-11-29 14:51:13 +01:00
Hideki Miyazaki
fb4e39f00a addressed review comments prt1 2021-11-26 16:03:42 +09:00
David Garske
dcc2a2852c Merge pull request #4590 from JacobBarthelmeh/fuzzing 
sanity check on pem size
 2021-11-22 16:09:13 -08:00
Juliusz Sosinowicz
0de4136ad6 Rebase fixes 2021-11-22 13:10:55 +01:00
Juliusz Sosinowicz
5fc2dadde1 Fix issue in wolfSSL_BN_rand_range causing random errors 2021-11-22 11:48:31 +01:00
Juliusz Sosinowicz
1d7b2de074 Code review changes 2021-11-22 11:48:31 +01:00
Juliusz Sosinowicz
3da810cb1b Implement OpenSSL API's 
- `OBJ_DUP`
- `i2d_PKCS7`
- `BN_rshift1
- `BN_rshift` testing
- Add `--enable-krb`
 2021-11-22 11:47:58 +01:00
Juliusz Sosinowicz
e7c5f137be Implement BN_rand_range 2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
82a9f74476 Compat updates 
- implement `wolfSSL_PEM_X509_INFO_read`
- `wolfSSL_EVP_CipherUpdate` no-ops on `NULL` input
- add md4 support to `wolfSSL_EVP_MD_block_size` and `wolfSSL_EVP_MD_size`
 2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
ccbe184434 Implement CTS 
Ciphertext stealing on top of CBC is implemented with `wolfSSL_CRYPTO_cts128_encrypt` and `wolfSSL_CRYPTO_cts128_decrypt` APIs
 2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
fa662c2ab1 AES_cbc_encrypt enc parameter flipped. 1 = encrypt 0 = decrypt 
This change makes the `enc` parameter of `AES_cbc_encrypt` consistent with OpenSSL. This commit flips the meaning of this parameter now.
 2021-11-22 11:45:27 +01:00