mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
13,030 Commits 5 Branches 162 Tags
Commit Graph

732 Commits

Author SHA1 Message Date
Sean Parkinson
75c062a298 cppcheck: fixes 2020-12-16 17:28:20 +10:00
toddouska
367f28b917
Merge pull request #3443 from SparkiDev/tls13_psk_no_dhe 
TLS 1.3: PSK only
 2020-12-09 09:45:34 -08:00
Hayden Roche
5fdc4cf6e1 Fix RX/TX throughput reporting in example server. 
- I observed that client TX throughput < client RX throughput, but server TX
  throughput > server RX throughput. Turns out this is just a typo in the
  printing of the stats. The RX stat was being printed as the TX stat and vice-
  versa.
- I added a note to scripts/benchmark.test about a 2 second sleep we do waiting
  for the server to come up. If you were to time this script with the time
  command, you'll see that 2 seconds in the result, which might be confusing
  if you didn't realize the sleep was there.
 2020-12-08 16:49:09 -06:00
Sean Parkinson
91d23d3f5a Implement all relevant mp functions in sp_int 2020-11-19 11:58:14 +10:00
toddouska
b0979f4225
Merge pull request #3476 from dgarske/sniffer_hrr 
Fixes for TLS sniffer with v1.3 (HRR and Certs)
 2020-11-18 16:07:11 -08:00
toddouska
9183c35fb8
Merge pull request #3446 from haydenroche5/client_want_write_sim 
Add an option to the example client to simulate WANT_WRITE errors.
 2020-11-18 15:54:09 -08:00
toddouska
9bde34ef5b
Merge pull request #3438 from douzzer/harmonize-CCM8-cipher-names 
add "CCM8" variants to cipher_names "CCM-8" ciphers, for OpenSSL compat
 2020-11-18 15:52:52 -08:00
Sean Parkinson
d8b58286d1 TLS 1.3: PSK only 
Support building with only TLS 1.3 and PSK without code for (EC)DHE and
certificates.
Minimise build size for this configuration.
 2020-11-19 09:21:24 +10:00
Hayden Roche
2fc594d319 Modify example server to be resilient to WANT_WRITE errors. 2020-11-13 10:33:10 -06:00
Hayden Roche
e035eb8f8a Add an option to the example client to simulate WANT_WRITE errors. 
- Add this option as "-6."
- Turn on non-blocking mode if WANT_WRITE simulation is enabled.
- Create a send IO callback that gets registered when this option is turned on.
  This callback alternates between letting the TX through and returning a
  WANT_WRITE error.
 2020-11-13 10:30:24 -06:00
John Safranek
e996a7d15b
Scan-Build Fixes 
1. Fixed a couple possible 0 byte allocations.
2. Fixed a couple missed frees due to error conditions.
3. Fixed a possible double free.

To recreate:
    $ scan-build ./configure --disable-shared --enable-opensslextra=x509small --disable-memory
    $ scan-build ./configure --disable-shared --enable-opensslextra --disable-memory
 2020-11-12 09:06:59 -08:00
David Garske
71d9f1e9bd Static ephemeral refactor to support loading both DHE and ECDHE keys. Added ability to specify key using snifftest input at run-time. Improved snifftest key loading for named keys and static ephemeral. 2020-11-12 08:59:11 -08:00
Daniel Pouzzner
7850d71ccb add wolfSSL_get_cipher_suite_from_name(); add flags arg to GetCipherSuiteFromName(); fix GetCipherSuiteFromName() to prevent spurious substring matching; add SUITE_ALIAS() macros for use defining CipherSuiteInfo, and add CipherSuiteInfo.flags slot and associated logic, to allow alternative cipher names to be recognized; add "CCM8" cipher name variants wherever applicable, including the unit.test conf files, to recognize and test the OpenSSL variants; add tests in client_test() and server_test() to confirm correct forward and backward mapping of cipher names/aliases. 2020-11-11 22:47:47 -06:00
Glenn Strauss
92c3296e13 preprocessor -DNO_BIO to omit OpenSSL BIO API 2020-11-05 20:40:43 -06:00
Daniel Pouzzner
fda84576b0 name the new introspection routines wolfSSL_configure_args() and wolfSSL_global_cflags() for consistency, and move the prototypes to logging.h. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
94d4ea3a57 examples/client/client.c:client_usage_msg[][]: add correct sensing and reporting of WOLFSSL_SP_4096. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
1ba0883f4c introspection tweaks: rename wolfcrypt/src/debug.c to wolfcrypt/src/wc_debug.c; restore BUILD_WC_DEBUG gating for autotools inclusion of wc_debug.o and disable opportunistically when ENABLED_LEANTLS, ENABLED_LEANPSK, or ENABLED_LOWRESOURCE; add HAVE_WC_INTROSPECTION gate for libwolfssl_configure_args() and libwolfssl_global_cflags(). 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
b918e1fd4c examples/: add -@ and -# flags to client and server, printing libwolfssl_configure_args() and libwolfssl_global_cflags() respectively. 2020-10-28 17:28:05 -05:00
John Safranek
d2dac8e4b8
Example Client OCSP Option Fix 
1. Before checking to see if the must staple flag is on the 'W' option,
   check the length of myoptarg.
 2020-10-21 13:30:51 -07:00
toddouska
1e43d65d2a
Merge pull request #3392 from SparkiDev/ocsp_must_staple 
TLS OCSP Stapling: MUST staple option
 2020-10-20 15:07:08 -07:00
toddouska
7c89d10e53
Merge pull request #3260 from julek-wolfssl/non-blocking-scr 
(D)TLS non-blocking SCR with example
 2020-10-20 13:45:19 -07:00
Sean Parkinson
60b0b0170b TLS OCSP Stapling: MUST staple option 
Can enable OCSP Must Staple option to mean that if the client sends a
request for an OCSP Staple then it must receive a response.
 2020-10-16 09:03:27 +10:00
David Garske
b68828d3c9
Merge pull request #3361 from tmael/ocsp-nocheck 
Add support for id-pkix-ocsp-nocheck
 2020-10-13 15:46:02 -07:00
David Garske
048a3a8d5b
Merge pull request #3374 from JacobBarthelmeh/Testing 
NO_FILESYSTEM build on Windows
 2020-10-13 13:26:46 -07:00
Jacob Barthelmeh
6aa0eacc62 use correct key buffer for example private key 2020-10-13 09:26:54 -06:00
Tesfa Mael
a4bfa0dec7 Add support for id-pkix-ocsp-nocheck 2020-10-11 19:47:50 -07:00
JacobBarthelmeh
bfb10ddfb5 NO_FILESYSTEM build on Windows 2020-10-09 09:45:00 -07:00
Daniel Pouzzner
570f55a0e3 wolfSSL_get_ocsp_producedDate*(): gate on !defined(NO_ASN_TIME), and in client_test(), gate call to strftime() on HAVE_STRFTIME and add fallback code; add HAVE_STRFTIME test to configure.ac. 2020-10-08 23:26:28 -05:00
Daniel Pouzzner
7a77b6d990 rename wolfSSL_get_ocsp_producedDate(WOLFSSL *, struct tm *) to wolfSSL_get_ocsp_producedDate_tm(), and add wolfSSL_get_ocsp_producedDate() accessing the raw ASN.1 producedDate; fix location of prototypes in ssl.h to obtain proper conditionalization; omit frivolous nullness test on ssl->ocspProducedDate (always true). 2020-10-08 22:47:16 -05:00
Daniel Pouzzner
e162d0f889 add wolfSSL_get_ocsp_producedDate(). 2020-10-08 22:47:16 -05:00
Juliusz Sosinowicz
a7fdfbaf40 Passing scr-app-data in to -i to client sends a message during SCR 
Modify mygetopt so that if an argument expects a value and that value is the next argument then myoptarg is set to a NULL pointer.
 2020-10-06 17:28:23 +02:00
Juliusz Sosinowicz
84f0fc56ef check ClientWrite return 2020-09-25 11:35:23 +02:00
Daniel Pouzzner
10bf7a2086 examples/: fix undersized array lengths in client_usage_msg and server_usage_msg. 2020-09-23 18:32:16 -05:00
toddouska
1c07de883c
Merge pull request #3306 from SparkiDev/tls13_pha_psk 
TLS 1.3: Post-handshake Authentication and resumption secret
 2020-09-23 16:06:55 -07:00
Sean Parkinson
4ed3438be0 TLS 1.3: Post-handshake Authentication and resumption secret 
The master secret in arrays is not available post-handshake.
Use the master secret in the session when calculating resumption secret.
 2020-09-23 17:09:06 +10:00
John Safranek
30443dbf23
Fix Client Usage 
A string in the client's usage text was made optional depending on the
NO_PSK option, but there was still an attempt to print it. This lead to
a NULL being printed instead. Fixed the print statement.
 2020-09-16 13:37:01 -07:00
Juliusz Sosinowicz
04b4ef3e3b Don't send null byte 2020-09-16 14:02:51 +02:00
Juliusz Sosinowicz
a65ffe15bc Implement non-blocking SCR on server side 2020-09-09 21:41:20 +02:00
Sean Parkinson
db864be6a4 TLS 1.3 Early Data: fix 
Will process early data packets now.
Added test to check output of server for early data being received.
 2020-08-31 09:03:05 +10:00
Juliusz Sosinowicz
605b274442 Jenkins fixes 2020-08-28 12:04:11 +02:00
Juliusz Sosinowicz
52df9d6c69 TLS and DTLS both need to support APP DATA during SCR 
Also some misc fixes
 2020-08-27 21:13:19 +02:00
Juliusz Sosinowicz
8b934624f5 DTLS non-blocking scrwith example 2020-08-25 11:26:20 +02:00
John Safranek
362e328180
NTRU fixes 
1. When configuring for NTRU, enable static RSA.
2. The echoserver should not try to use NTRU with TLSv1.3.
 2020-08-19 10:46:03 -07:00
toddouska
1724347f7a
Merge pull request #3091 from julek-wolfssl/sess-serialization 
Expose session serialization outside of `OPENSSL_EXTRA`
 2020-08-07 15:41:27 -07:00
JacobBarthelmeh
1034139214
Merge pull request #3081 from kaleb-himes/GH2998_REWORK_FOLLOWUP 
Cleanup of example client/server buffer sizes
 2020-08-05 09:31:30 -06:00
David Garske
4f91d60d22 Fixes for build issues without OPENSSL_EXTRA defined. 2020-07-31 15:25:58 -07:00
David Garske
776b1a2d17 Fix for ED25519 with user_settings.h. Fixes for build warnings. Fix spelling error. Added template for wolfBoot key/sign tools. 2020-07-31 15:17:53 -07:00
David Garske
71cc5381ad Added new examples/config area with template user_settings.h files and instructions for using. 2020-07-31 11:01:58 -07:00
Kaleb Himes
d96f86fcd9
Merge branch 'master' into GH2998_REWORK_FOLLOWUP 2020-07-30 09:47:48 -06:00
John Safranek
397d1ab19c
DTLS Test Speed Fix Redux 
1. Fix the check for XSLEEP_US in the client.
2. Added XSLEEP_MS to mirror XSLEEP_US, in terms of XSELECT().
 2020-07-29 16:51:08 -07:00