wolfssl

mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 19:09:54 +01:00

Files

Stefan Eissing 78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake.

This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.

2022-12-15 09:33:01 +01:00

api.c

Fix wolfSSL_set_SSL_CTX() to be usable during handshake.

2022-12-15 09:33:01 +01:00

CONF_FILES_README.md

Cleanup markdown documentation

2021-10-13 16:39:46 +01:00

hash.c

update copyright year to 2022

2022-07-19 10:44:31 -06:00

include.am

New files so add them to include.am

2022-12-14 13:28:20 -05:00

NCONF_test.cnf

Internal unit tests

2020-12-17 14:26:49 +01:00

quic.c

fixes for warnings and defects around QUIC and ALPN -- fixes for clang-diagnostic-gnu-zero-variadic-macro-arguments, clang-analyzer-deadcode.DeadStores, clang-analyzer-core.UndefinedBinaryOperatorResult, clang-analyzer-security.insecureAPI.strcpy, and an overrun prevention assert in wolfSSL_ALPN_GetPeerProtocol().

2022-10-26 11:32:06 -05:00

README

re-format test-psk-no-id.conf add README

2015-08-03 11:04:18 -06:00

srp.c

update copyright year to 2022

2022-07-19 10:44:31 -06:00

suites.c

Kyber with DTLS 1.3 tests

2022-12-14 12:46:24 -05:00

test-altchains.conf

Fix to catch the issue in this PR with alt cert chains, which only happens if the verify callback is used and the chain is long enough. Cleanup of the myVerify callback to allow specific actions. Fix the suites.c to not crash if no newline at end of file. Added helpful debug message to show that a CA was found.

2020-06-18 09:26:50 -07:00

test-chains.conf

Fix for tests/test-chains.conf with new intermediate CA.

2020-06-18 08:33:59 -07:00

test-dhprime.conf

Fix for DH prime test (extra leading spaces). Fix for new chain tests with CRL enabled. The current way of testing chain only loads root CA as trusted. The intermediate CA CRL isn't trusted or loaded and causes error.

2018-12-21 12:36:47 -08:00

test-dtls13-cid.conf

add basic ConnectionID DTLS tests

2022-08-23 16:58:24 +02:00

test-dtls13-downgrade-fails.conf

tests: add negative version negotation tests

2022-09-28 18:42:38 +02:00

test-dtls13-downgrade.conf

tests: add dtls downgrade tests

2022-07-06 16:18:44 +02:00

test-dtls13-pq-2.conf

Kyber with DTLS 1.3 tests

2022-12-14 12:46:24 -05:00

test-dtls13-pq.conf

Kyber with DTLS 1.3 tests

2022-12-14 12:46:24 -05:00

test-dtls13-psk.conf

fix: wrong size using DTLSv1.3 in RestartHandshakeHashWithCookie

2022-10-13 17:42:58 +02:00

test-dtls13.conf

server: add optional argument to -J disable hrr cookie

2022-09-01 09:37:35 +02:00

test-dtls-downgrade.conf

tests: add dtls downgrade tests

2022-07-06 16:18:44 +02:00

test-dtls-fails-cipher.conf

Correctly reset the Tx sequence number

2021-03-09 18:30:10 +01:00

test-dtls-fails.conf

Added a suite test use case to cover the new error check. Also fixed and issue with passing a couple flags to the test case runner, and some other changes to support the new test.

2020-07-22 13:20:23 -07:00

test-dtls-group.conf

Purge IDEA cipher

2022-01-31 15:29:25 -05:00

test-dtls-mtu.conf

Merge pull request #5149 from julek-wolfssl/store-frags-v2

2022-06-01 10:52:54 -07:00

test-dtls-reneg-client.conf

Purge IDEA cipher

2022-01-31 15:29:25 -05:00

test-dtls-reneg-server.conf

Add testing/docs for blocking write

2022-05-27 21:26:55 +02:00

test-dtls-resume.conf

tests: add bidirectional shutdown UDP tests

2022-05-11 13:27:37 +02:00

test-dtls-sha2.conf

Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes

2019-09-06 09:31:14 +10:00

test-dtls-srtp-fails.conf

tests: support test for SRTP

2022-01-19 13:35:29 +01:00

test-dtls-srtp.conf

tests: support test for SRTP

2022-01-19 13:35:29 +01:00

test-dtls.conf

tests: add bidirectional shutdown UDP tests

2022-05-11 13:27:37 +02:00

test-ecc-cust-curves.conf

Added TLS v1.2 and v1.3 test cases for ECC Koblitz and Brainpool curves (both server auth and mutual auth). Cipher suites: ECDHE-ECDSA-AES128-GCM-SHA256, ECDH-ECDSA-AES128-GCM-SHA256 and TLS13-AES128-GCM-SHA256.

2020-11-10 09:47:36 -08:00

test-ed448.conf

Update OpenSSL interopability testing

2020-08-11 16:44:45 +10:00

test-ed25519.conf

ECC: Disable ECC but have Curve25519/448 and PK callbacks fix

2021-05-10 10:32:55 +10:00

test-enckeys.conf

New tests for cert chains, alternate cert chains, trusted peer certs and DH prime cleanup:

2018-12-21 09:54:55 -08:00

test-fails.conf

Verify Callback Fix

2020-11-24 11:46:10 -08:00

test-maxfrag-dtls.conf

New tests for cert chains, alternate cert chains, trusted peer certs and DH prime cleanup:

2018-12-21 09:54:55 -08:00

test-maxfrag.conf

Add testing/docs for blocking write

2022-05-27 21:26:55 +02:00

test-p521.conf

TLS 1.3: Fix P-521 algorithm matching

2020-09-18 10:51:55 +10:00

test-psk-no-id-sha2.conf

Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes

2019-09-06 09:31:14 +10:00

test-psk-no-id.conf

Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes

2019-09-06 09:31:14 +10:00

test-psk.conf

Add TLS 1.2 ciphersuite ECDHE_PSK_WITH_AES_128_GCM_SHA256 from RFC 8442

2022-05-27 11:05:55 -04:00

test-rsapss.conf

handle certificates with RSA-PSS signature that have RSAk public keys

2022-09-21 08:24:09 -06:00

test-sctp-sha2.conf

SCTP Test

2020-07-20 15:03:48 -07:00

test-sctp.conf

Purge IDEA cipher

2022-01-31 15:29:25 -05:00

test-sha2.conf

Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes

2019-09-06 09:31:14 +10:00

test-sig.conf

add wolfSSL_get_cipher_suite_from_name(); add flags arg to GetCipherSuiteFromName(); fix GetCipherSuiteFromName() to prevent spurious substring matching; add SUITE_ALIAS() macros for use defining CipherSuiteInfo, and add CipherSuiteInfo.flags slot and associated logic, to allow alternative cipher names to be recognized; add "CCM8" cipher name variants wherever applicable, including the unit.test conf files, to recognize and test the OpenSSL variants; add tests in client_test() and server_test() to confirm correct forward and backward mapping of cipher names/aliases.

2020-11-11 22:47:47 -06:00

test-tls13-down.conf

update test conf to fix jenkins failures

2021-06-25 16:31:49 +09:00

test-tls13-ecc.conf

2020-11-11 22:47:47 -06:00

test-tls13-pq-2.conf

Remove kyber-90s and route all kyber through wolfcrypt.

2022-11-30 17:17:28 -05:00

test-tls13-pq.conf

Kyber: Add option to build Kyber API

2022-09-13 10:07:27 -04:00

test-tls13-psk.conf

TLS 1.3 PSK: use the hash algorithm to choose cipher suite

2021-06-10 09:55:27 +10:00

test-tls13.conf

TLS 1.3: send ticket

2022-06-01 10:36:01 +10:00

test-tls-downgrade.conf

Check for TLS downgrade

2021-04-23 14:45:35 -07:00

test-trustpeer.conf

stunnel 5.61 support

2022-02-23 09:47:34 +01:00

test.conf

Add testing/docs for blocking write

2022-05-27 21:26:55 +02:00

TXT_DB.txt

Internal unit tests

2020-12-17 14:26:49 +01:00

unit.c

Unit test: rework to be able to run API tests individually

2022-11-29 12:37:20 +10:00

unit.h

Unit test: rework to be able to run API tests individually

2022-11-29 12:37:20 +10:00

w64wrapper.c

2022-07-19 10:44:31 -06:00

README

Before creating any new configure files (.conf) read the CONF_FILES_README.md