wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 10:12:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,151 Commits 12 Branches 184 Tags
fe9a5fcd425165b03dea6d5225fbdbf4e6450bdc
Commit Graph

24151 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
fe9a5fcd42 fixup! Code review and jenkins fixes 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
faa7b8dfaa wolfSSLReceive: Error return on interrupted connection 
Interrupted connection should return control to the user since they may want to handle the signal that caused the interrupt. Otherwise, we might never give back control to the user (the timeout would error out but that causes a big delay).

socat.yml: in test 475, the test would send a SIGTERM after 3 seconds. We would continue to ignore this signal and continue to call `recvfrom`. Instead we should error out and give control back to the user.
 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
a1ee953411 Protect peer access when WOLFSSL_RW_THREADED 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
4795e0d920 Refactor dtls pending peer processing 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
3ded2bc05d Code review and jenkins fixes 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
71337d2959 Client TLS: Set traffic decrypt keys when parsing Finished 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
daa57c492d DTLS: Add server side stateless and CID QoL API 
- wolfDTLS_accept_stateless - statelessly listen for incoming connections
- wolfSSL_inject - insert data into WOLFSSL object
- wolfSSL_SSL(Enable|Disable)Read - enable/disable reading from IO
- wolfSSL_get_wfd - get the write side file descriptor
- wolfSSL_dtls_set_pending_peer - set the pending peer that will be upgraded to regular peer when we successfully de-protect a DTLS record
- wolfSSL_dtls_get0_peer - zero copy access to the peer address
- wolfSSL_is_stateful - boolean to check if we have entered stateful processing
- wolfSSL_dtls_cid_get0_rx - zero copy access to the rx cid
- wolfSSL_dtls_cid_get0_tx - zero copy access to the tx cid
- wolfSSL_dtls_cid_parse - extract cid from a datagram/message
 2024-12-18 09:31:24 +01:00
Sean Parkinson
ba050d6a3f Merge pull request #8296 from douzzer/20241217-FIPS-v6-ENABLED_ARMASM_CRYPTO-fixes 
20241217-FIPS-v6-ENABLED_ARMASM_CRYPTO-fixes
 2024-12-18 15:27:08 +10:00
Daniel Pouzzner
60afdb557d Merge pull request #8273 from dgarske/no_tls 
Enable support for no TLS while allowing certificate manager
 2024-12-17 16:24:57 -06:00
David Garske
356889a528 Add --disable-tls option that can be used with --enable-all to disable TLS features and set NO_TLS. Useful for allowing certificate manager and crypto compatibility API's only. 2024-12-17 13:40:03 -08:00
Daniel Pouzzner
f23a2f2f48 wolfcrypt/src/aes.c: add missing WOLFSSL_ARMASM gate clause around wolfCrypt_FIPS_aes_ro_sanity, necessitated by 514a92d6ee/#8293. 2024-12-17 14:17:52 -06:00
Daniel Pouzzner
7b57ef4912 configure.ac: fix faulty logic in FIPS v6 feature calculation re ENABLED_ARMASM_CRYPTO, originally added in 6e0a90190f. 2024-12-17 12:21:47 -06:00
David Garske
6151160e58 Further fixes with NO_TLS to support use with compatibility layer. 2024-12-17 09:24:38 -08:00
Kaleb Himes
fcbea85ded Merge pull request #8291 from douzzer/20241213-fips-check-refactor-assoc-arrays 
20241213-fips-check-refactor-assoc-arrays
 2024-12-17 10:23:51 -07:00
David Garske
a2b5da8651 Fix nested NO_TLS. 2024-12-17 08:33:33 -08:00
David Garske
16b2884cf1 Fix issues in test_tls13_apis with no filesystem or no RSA/ECC. 2024-12-17 08:33:33 -08:00
David Garske
14e3372826 Enable support for using certificate manager only. Fixes for building without TLS enabled (NO_TLS). ZD 19054. Tested using ./configure --disable-tlsv12 --disable-tls13 CFLAGS="-DNO_TLS" && make check 2024-12-17 08:33:32 -08:00
Daniel Pouzzner
22e95081cd Merge pull request #8181 from gojimmypi/dev-compiler-message 
Initialize vars & change types to appease Windows/VS
 2024-12-16 23:19:05 -06:00
Daniel Pouzzner
058138eb00 Merge pull request #8286 from julek-wolfssl/hostap-action-update 
Use source hostap repo
 2024-12-16 23:07:05 -06:00
Daniel Pouzzner
5aeabbfa3c Merge pull request #8245 from julek-wolfssl/mbed-interop 
Add CID interop with mbedtls
 2024-12-16 23:04:19 -06:00
Daniel Pouzzner
9d7c02589f Merge pull request #8276 from SparkiDev/ed448_muladd_full_reduce 
EdDSA Ed448: sc_muladd now does full reduction
 2024-12-16 20:29:49 -06:00
Daniel Pouzzner
a1035cf8df Merge pull request #8294 from LinuxJedi/test_compile_issue 
Fix compile issue with NO_WOLFSSL_DIR
 2024-12-16 19:26:24 -06:00
Daniel Pouzzner
b5935f38d7 Merge pull request #8282 from SparkiDev/iphone_no_sha3_instrs 
MacOS: allow SHA-3 instructions to be explicitly not used
 2024-12-16 16:55:09 -06:00
Daniel Pouzzner
fd22bfc0b7 Merge pull request #8293 from SparkiDev/aarch64_no_crypto 
Aarch64: make code compile when no hardware crypto avail
 2024-12-16 14:57:53 -06:00
philljj
c5c607bc87 Merge pull request #8295 from douzzer/20241216-linuxkm-export-ns-quotes 
20241216-linuxkm-export-ns-quotes
 2024-12-16 12:37:21 -06:00
Daniel Pouzzner
6fbc18f0dc linuxkm/Kbuild and linuxkm/module_exports.c.template: on kernel >=6.13, add quotes around the namespace arg to EXPORT_SYMBOL_NS_GPL() (upstream change actually made in 6.13-rc2). 2024-12-16 11:43:26 -06:00
Andrew Hutchings
61cb5b479f Fix compile issue with NO_WOLFSSL_DIR 
`test_wolfSSL_CTX_load_system_CA_certs()` would try to use DIR functions
when `NO_WOLFSSL_DIR` was used.
 2024-12-16 17:23:49 +00:00
Sean Parkinson
514a92d6ee Aarch64: make code compile when no hardware crypto avail 
Detects availability of instructions for Aarch64.
 2024-12-16 17:46:08 +10:00
Sean Parkinson
e3876fcab7 Merge pull request #8287 from JacobBarthelmeh/sigfault 
fix for sig fault harden build
 2024-12-16 09:04:29 +10:00
Daniel Pouzzner
7c5451c742 fips-check.sh fixes + enhancements: 
* change default WOLFSSL_REPO to the canonical upstream.
* refactor tag calculation without bash associative arrays, for backward compat.
* add support for fetching FIPS tags/branches into a persistent fips repo if one is found at ../fips.
* use --shared in git clones where applicable.
* always check out the master FIPS branch, for its tooling, and always make sure it's up to date with $FIPS_REPO.
* after each fetch for a previously unknown tag, explicitly associate the tag with the FETCH_HEAD.
 2024-12-13 21:36:40 -06:00
Daniel Pouzzner
4bdccac584 Merge pull request #8290 from wolfSSL/revert-8277-aarch64_no_crypto 
Revert "Aarch64: make code compile when no hardware crypto avail"
 2024-12-13 20:43:01 -06:00
David Garske
71325a2a32 Revert "Aarch64: make code compile when no hardware crypto avail" 2024-12-13 13:52:53 -08:00
JacobBarthelmeh
d7e40e7413 Merge pull request #8264 from dgarske/various_20241206 
Various cleanups and fixes
 2024-12-13 13:48:10 -07:00
JacobBarthelmeh
68e85ef33a Merge pull request #8252 from anhu/use_srtp_retcode 
wolfSSL_CTX_set_tlsext_use_srtp() should return 1 on failure and 0 up…
 2024-12-13 13:35:49 -07:00
JacobBarthelmeh
e76e0e33fd Merge pull request #8283 from rlm2002/enableAlwaysKeepSNI 
WOLFSSL_ALWAYS_KEEP_SNI enabled by default with --enable-jni
 2024-12-13 13:32:47 -07:00
JacobBarthelmeh
a22176af40 fix for sig fault harden build 2024-12-13 10:34:23 -07:00
Juliusz Sosinowicz
3407f21e69 Use source hostap repo 2024-12-13 17:12:23 +01:00
David Garske
79d9b2d6c3 Merge pull request #8277 from SparkiDev/aarch64_no_crypto 
Aarch64: make code compile when no hardware crypto avail
 2024-12-12 15:49:57 -08:00
Sean Parkinson
24bb2b7fab Aarch64: make code compile when no hardware crypto avail 
Detects availability of instructions for Aarch64.
 2024-12-13 09:16:11 +10:00
Ruby Martin
b34a39a6bc WOLFSSL_ALWAYS_KEEP_SNI enabled by default with --enable-jni 2024-12-12 15:49:47 -07:00
Sean Parkinson
2aacc7cd87 MacOS: allow SHA-3 instructions to be explicitly not used 
Some iPads and iPhones don't support SHA-3 instructions.
Allow SHA-3 instructions to explicitly not be used for these devices.
 2024-12-13 08:25:39 +10:00
Sean Parkinson
65fc8f8d77 Merge pull request #8280 from kareem-wolfssl/zd19046 
Add support for the RFC822 Mailbox attribute.
 2024-12-13 08:07:46 +10:00
Kareem
d4af181593 Add support for the RFC822 Mailbox attribute. 2024-12-12 12:37:32 -07:00
Daniel Pouzzner
dd3012682a Merge pull request #8278 from JacobBarthelmeh/settings 
adjustments on sanity check of build
 2024-12-11 17:04:58 -06:00
Daniel Pouzzner
1f1e985d73 Merge pull request #8268 from bandi13/fixMemleak 
Fix memory leak
 2024-12-11 16:35:38 -06:00
Sean Parkinson
c9c28335ae EdDSA Ed448: sc_muladd now does full reduction 
sc_muladd was reducing to word boundary and not to order.
Now reduces to order as last step.
 2024-12-12 08:33:35 +10:00
Daniel Pouzzner
d825b08e16 Merge pull request #8275 from SparkiDev/aarch64_poly1305_fix 
Aarch64 Poly1305: fix corner case
 2024-12-11 16:24:36 -06:00
Daniel Pouzzner
88241f1a2c Merge pull request #8267 from ColtonWilley/pkcs11_cert_support 
PKCS11 cert support
 2024-12-11 16:04:58 -06:00
Daniel Pouzzner
ee4366acc5 Merge pull request #8162 from redbaron/find-threads 
CMAKE: look for pthreads when importing wolfSSL if required
 2024-12-11 14:36:04 -06:00
Colton Willey
2039d6371f Remove redundant NULL check 2024-12-11 12:25:35 -08:00