mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,914 Commits 5 Branches 162 Tags
Commit Graph

18914 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
53b2be06d3 DtlsMsgPoolSend: Use correct sendSz 
pool->sz is the size without the record header. The handshake header is present already.

Reproducible with
  ./udp_proxy -p 12345 -s 127.0.0.1:11111 -x 1:3 -S server
or
  ./udp_proxy -p 12345 -s 127.0.0.1:11111 -x 1:3 -S server
and
  ./examples/server/server -l ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305 -u -i
  ./examples/client/client -l ECDHE-RSA-AES256-GCM-SHA384 -u -R -p 12345 -i
 2022-12-19 17:07:37 +01:00
gojimmypi
64a7d511b8 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into BenchmarkEnhancements 2022-12-16 14:00:16 -08:00
JacobBarthelmeh
3d1775320b
Merge pull request #5900 from icing/tls12-no-tickets 
WOLFSSL_OP_NO_TICKET fix for TLSv1.2
 2022-12-16 14:42:50 -07:00
JacobBarthelmeh
91f8b5e58e
Merge pull request #5903 from douzzer/20221216-fix-benchmark 
20221216-fix-benchmark
 2022-12-16 14:35:12 -07:00
JacobBarthelmeh
c6aaa1310e end of year certificate update 2022-12-16 13:32:37 -08:00
Kaleb Himes
b90c07900b
Merge pull request #5904 from anhu/FIPS_fix 
ENABLED_FIPS doesn't hold the version; FIPS_VERSION does.
 2022-12-16 14:16:47 -07:00
Andras Fekete
8d372b2c6f Start an FAQ in the README.md 2022-12-16 15:45:29 -05:00
gojimmypi
c370529975 manual merge with upstream 2022-12-16 11:28:04 -08:00
Anthony Hu
24d7f85016 ENABLED_FIPS doesn't hold the version; FIPS_VERSION does. 
Found with:

./configure --enable-engine=fips=v2
 2022-12-16 14:06:43 -05:00
Daniel Pouzzner
04b31518ba wolfcrypt/benchmark/benchmark.c: fix calculation of outer iteration constant in bench_aesecb_internal(); fix .c.h clash in argument name ("useDevId" vs "useDeviceID"). 2022-12-16 12:55:37 -06:00
Andras Fekete
d0f0d66b80 Add in changes to wolfssl_server 2022-12-16 11:55:53 -05:00
Andras Fekete
814ad9fc38 Better fixes 2022-12-16 11:55:28 -05:00
Andras Fekete
b9e69f1795 Fixes for wolfssl_client example 2022-12-16 10:23:09 -05:00
David Garske
5c21e40bce
Merge pull request #5899 from SparkiDev/regression_fixes_5 
Fixes from regression testing.
 2022-12-16 06:54:26 -08:00
David Garske
07dcd5270e
Merge pull request #5898 from cconlon/androidSystemCa 
Add Android CA certs path for wolfSSL_CTX_load_system_CA_certs()
 2022-12-16 06:12:24 -08:00
Stefan Eissing
9d0b16097e Fix builds without session tickets. 2022-12-16 09:40:51 +01:00
Stefan Eissing
dccabc60a5 Disabling TLSv1.2 session tickets when WOLFSSL_OP_NO_TICKET is being set. 
There seems to have been a misunderstanding that WOLFSSL_OP_NO_TICKET would only disable tickets
for TLS version lower than 1.2. But it includes 1.2 as well.
 2022-12-16 09:29:44 +01:00
Sean Parkinson
45e3c721b3 Fixes from regression testing. 
Fix random prime generation for big endian to set low bits after
shifting top word.
Allow SP_MATH to be built without RSA, DH and ECC - needed for PKCS#12.
Add DH 2048 bit parameters to cert_test.c for test.c when NO_ASN and
WOLFSSL_SP_MATH.
 2022-12-16 14:43:29 +10:00
David Garske
502fd843ec
Merge pull request #5897 from gojimmypi/gojimmypi-initialize-resp_length 
initialize resp_length = 0 in tls.c
 2022-12-15 17:23:48 -08:00
Chris Conlon
f9bd8f76de add Android system CA certs path for to wolfSSL_CTX_load_system_CA_certs() usage 2022-12-15 16:39:48 -07:00
Sean Parkinson
4434d898a1
Merge pull request #5894 from kaleb-himes/fix-leak 
Fix a quick leak in the test apps
 2022-12-16 08:04:50 +10:00
JacobBarthelmeh
aa784397b0
Merge pull request #5896 from cconlon/atexitOSX 
AC_CHECK_DECLS for atexit needs stdlib.h on OSX
 2022-12-15 15:00:29 -07:00
Andras Fekete
b823da9bb9 Fix build issues with the latest ESP-IDF 2022-12-15 16:11:39 -05:00
gojimmypi
e0c9586b79 initialize resp_length = 0 in tls.c 2022-12-15 12:51:33 -08:00
Andras Fekete
3ba8c918f2 Use standard naming 2022-12-15 15:30:22 -05:00
Andras Fekete
6a2673f5f7 Adding Docker files to distribution 2022-12-15 15:11:14 -05:00
Andras Fekete
995e3bd009 Allow for existing group 2022-12-15 14:30:13 -05:00
kaleb-himes
b23db16ff8 Refactor the double-free fix 2022-12-15 12:21:08 -07:00
David Garske
668efea464
Merge pull request #5884 from icing/ssl-set-ssl-ctx 
Fix wolfSSL_set_SSL_CTX() to be usable during handshake.
 2022-12-15 10:59:54 -08:00
Chris Conlon
8c54bd0fb1 check for atexit needs stdlib.h on OSX, fixes configure sed error 2022-12-15 11:23:37 -07:00
David Garske
908744dc0f
Merge pull request #5646 from JacobBarthelmeh/caam 
benchmark devid changes, CCM with SECO fix, set IV on AES import into SECO
 2022-12-15 10:01:01 -08:00
Andras Fekete
c1cf8a8f34 Add in README.md 2022-12-15 12:54:21 -05:00
David Garske
d9ca5f6d3a
Merge pull request #5893 from kaleb-himes/mtu-with-static-mem 
Add alt case for unsupported static memory API
 2022-12-15 09:22:21 -08:00
Andras Fekete
9c135e59dc Script can run from an arbitrary folder 2022-12-15 12:22:05 -05:00
David Garske
d46813953d
Merge pull request #5892 from tatowicz/decodealtnames-fuzz-fix 
Add Overflow check to DecodeAltNames input buffer access
 2022-12-15 09:21:37 -08:00
Andras Fekete
64d39dbd74 Cleaner base image 2022-12-15 12:10:48 -05:00
Andras Fekete
c1ad3457f3 Run as non-root local user 2022-12-15 12:10:25 -05:00
Andras Fekete
be1b3ec007 Fix issue with multiple command arguments 2022-12-15 11:25:43 -05:00
kaleb-himes
46c47e4adc Fix a quick leak in the test apps 
Fix a double-free scenario also
 2022-12-15 09:13:45 -07:00
Stefan Eissing
78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake. 
This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.
 2022-12-15 09:33:01 +01:00
gojimmypi
d8c9a5aa17 return benchmark to auto-scale units by default 2022-12-14 20:45:44 -08:00
gojimmypi
8831fbd22e fix csv math, units/sec, PQ cycle header 2022-12-14 20:27:15 -08:00
JacobBarthelmeh
8924487f27 fix warning for builds using cmac and not devID 2022-12-14 15:38:08 -08:00
JacobBarthelmeh
89c993eff3 fix AES-CCM enc/dec for SECO (passes nonce directly) 2022-12-14 15:20:03 -08:00
JacobBarthelmeh
b79879d106 fix setting IV when importing AES key into SECO 2022-12-14 15:20:03 -08:00
JacobBarthelmeh
9f77210b0b update benchmark for devID builds 2022-12-14 15:20:03 -08:00
kaleb-himes
ed17524793 Add alt case for unsupported static memory API 2022-12-14 16:02:35 -07:00
Sean Parkinson
a3f3c76faa
Merge pull request #5890 from anhu/fix_iv_size 
Fix the wrong IV size.
 2022-12-15 08:43:25 +10:00
Sean Parkinson
3d8f25ab7d
Merge pull request #5430 from dgarske/sniffer_multithread 
Support for multi-threaded sniffer
 2022-12-15 08:18:49 +10:00
David Garske
3fd2292d11
Merge pull request #5889 from anhu/dtls13_pqtests 
Kyber with DTLS 1.3 tests
 2022-12-14 13:20:32 -08:00