mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
13,550 Commits 5 Branches 162 Tags
Commit Graph

1553 Commits

Author SHA1 Message Date
toddouska
94a23c1d48
Merge pull request #3646 from julek-wolfssl/nginx-1.19.6 
Add support for Nginx 1.19.6
 2021-02-24 12:21:51 -08:00
toddouska
5eba89c3ca
Merge pull request #3742 from julek-wolfssl/error-queue-per-thread 
Add --enable-error-queue-per-thread
 2021-02-23 12:02:16 -08:00
Juliusz Sosinowicz
d074e7443f Remove default ticket cb as this will be added in another PR 2021-02-23 10:06:11 +01:00
Sean Parkinson
fa7b5f55ee TLS 1.3: add API to tell if a KeyUpdate response is required 2021-02-19 10:21:08 +10:00
Eric Blankenhorn
d31f184c49 Adding tests 2021-02-17 13:34:38 -06:00
Juliusz Sosinowicz
b8f841599c Add --enable-error-queue-per-thread 2021-02-16 16:08:13 +01:00
Juliusz Sosinowicz
0ae1a8b8c5 Jenkins fixes 
- Change pushCAx509Chain to an iterative implementation
- Fix variable names shadowing global names
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
26df833074 Compat layer session tickets 
- OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL.
- Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
9a1e54cfd5 Nginx 1.19.6 Fixes 2021-02-16 14:25:45 +01:00
Sean Parkinson
ba1c67843a
Merge pull request #3752 from JacobBarthelmeh/Jenkins 
changes from nightly Jenkins test review
 2021-02-15 16:32:40 +10:00
toddouska
fc005f941c
Merge pull request #3750 from embhorn/buffer_conflict 
Fix use of 'buffer' in test
 2021-02-12 13:59:18 -08:00
Jacob Barthelmeh
1c852f60ab fix for g++ build 2021-02-12 23:26:54 +07:00
Jacob Barthelmeh
a49c867b38 increase test buffer size for updated pkcs7 bundle 2021-02-12 23:16:04 +07:00
Eric Blankenhorn
2ac826c37e Fix use of 'buffer' in test 2021-02-11 15:58:26 -06:00
toddouska
81dcf0d28b
Merge pull request #3640 from tmael/evp_rsa2 
Remove EVP_PKEY_RSA2
 2021-02-11 13:51:46 -08:00
toddouska
39cb84de25
Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff 
OpenVPN master additions
 2021-02-11 08:56:45 -08:00
toddouska
032cc1645c
Merge pull request #3713 from SparkiDev/tls_def_sess_ticket_cb 
TLS Session Ticket: default encryption callback
 2021-02-10 16:13:33 -08:00
toddouska
67b1280bbf
Merge pull request #3545 from kabuobeid/smime 
Added support for reading S/MIME messages via SMIME_read_PKCS7.
 2021-02-10 15:59:32 -08:00
Sean Parkinson
0403f5f18d
Merge pull request #3744 from JacobBarthelmeh/Certs 
run renewcerts.sh script
 2021-02-11 09:43:49 +10:00
Jacob Barthelmeh
41e5e547c4 run renewcerts.sh script 2021-02-11 03:12:54 +07:00
Jacob Barthelmeh
3c0563908f openssl x509 small with req cert gen 
add test for build case with x509small and add back in function

adjust macro guard for i2d_X509_NAME implementation

add macro guard on test case
 2021-02-10 21:48:29 +07:00
Sean Parkinson
794cb5c7a9 TLS Session Ticket: default encryption callback 
Encrypts with ChaCha20-Poly1305 or AES-GCM.
Two keys in rotation.
Key used for encryption until ticket lifetime goes beyond expirary
(default 1 hour). If key can still be used for decryption, encrypt with
other key.
Private random used to generate keys.
 2021-02-10 14:31:54 +10:00
Chris Conlon
012841bba3
Merge pull request #3738 from embhorn/cmp_layer_high 
Compatibility layer API
 2021-02-09 08:33:41 -07:00
Chris Conlon
71b495c422
Merge pull request #3712 from miyazakh/RND_bytes 
handle size greater than RNG_MAX_BLOCK_LEN
 2021-02-09 08:26:30 -07:00
Kareem Abuobeid
a4e819c60a Added support for reading S/MIME messages via SMIME_read_PKCS7. 2021-02-08 17:14:37 -07:00
toddouska
f14f1f37d2
Merge pull request #3673 from elms/ssl_api/get_verify_mode 
SSL: add support for `SSL_get_verify_mode`
 2021-02-08 15:40:19 -08:00
Eric Blankenhorn
de47b9d88a Adding X509_VERIFY_PARAM API 2021-02-08 08:25:14 -06:00
Hideki Miyazaki
431e1c8ffe
handle size greater than RNG_MAX_BLOCK_LEN 2021-02-03 12:23:36 +09:00
Juliusz Sosinowicz
542e0d79ec Jenkins Fixes 
- explicit conversions
- not all curves available for wolfSSL_CTX_set1_groups_list
- group funcs depend on HAVE_ECC
- `InitSuites` after `ssl->suites` has been set
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
69dca4fd08 Rebase fixes 
- wolfSSL_CTX_set1_groups_list and wolfSSL_set1_groups_list should use wolfSSL_CTX_set1_groups and wolfSSL_set1_groups respectively because it converts to correct groups representation
- Change to using "SHA1" as main name for SHA1
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
c18701ebe7 Implement RFC 5705: Keying Material Exporters for TLS 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz
3494218d98 Implement missing functionality for OpenVPN 2.5 2021-02-02 12:06:11 +01:00
toddouska
6e0e507dad
Merge pull request #3660 from dgarske/sess_ticket_aes_gcm 
Added support for AES GCM session ticket encryption
 2021-01-25 15:00:03 -08:00
toddouska
f91dcb950c
Merge pull request #3670 from dgarske/keil 
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
 2021-01-25 14:57:05 -08:00
toddouska
27ef5b9a3d
Merge pull request #3675 from SparkiDev/tls_no_ticket 
TLS Session Ticket: Option to disable for TLS 1.2 and below
 2021-01-25 14:54:10 -08:00
toddouska
cf9e4f0caf
Merge pull request #3518 from julek-wolfssl/openssh-fixes-v2 
Fixes for openssh
 2021-01-25 14:45:56 -08:00
David Garske
05e1ee1694 Cleanup to use fixed sizes from defines for DECLARE_VAR. Resolves issue with Visual Studio and using a variable (even const) to declare an array size. 2021-01-25 09:14:12 -08:00
Tesfa Mael
d29518ecac Remove duplicate macro 2021-01-22 13:02:30 -08:00
Elms
21ac86adb3 SSL: refactor SSL verify mode to be more compatible 
This follows the bit flag pattern closer. Still doesn't support
`SSL_VERIFY_CLIENT_ONCE` and maybe other flags.
 2021-01-22 12:17:07 -08:00
David Garske
13468d34e3 Apply same VS fixes to api.c as well. 2021-01-22 10:50:18 -08:00
Sean Parkinson
a84f1c813a TLS Session Ticket: Option to disable for TLS 1.2 and below 
Customer may want session ticket supported with TLS 1.3 but not TLS 1.2
and below.
 2021-01-22 13:19:29 +10:00
David Garske
9012317f5b Fix copy/paste typo. 2021-01-21 17:41:11 -08:00
David Garske
1ee40ad7bd Fix to always init the variable (not just when from heap). Cleanup of the DECLARE_ uses to make sure all allocations succeeded. 2021-01-21 17:12:29 -08:00
David Garske
830b3cb676
Merge pull request #3653 from kojo1/fopen_binMode 
binary mode, fopen
 2021-01-21 16:20:07 -08:00
Elms
95d83c9856 SSL: refactor to allow session override or mode 2021-01-21 16:03:02 -08:00
Elms
7112a6dd78 SSL: add test and fix SSL_get_verify_mode 2021-01-21 14:20:27 -08:00
David Garske
17f101ef13 Fix for ARM Keil MDK compiler issue with DECLARE_VAR_INIT. 2021-01-20 16:57:30 -08:00
David Garske
219cbd47eb Added support for AES GCM session ticket encryption. If ChaCha/Poly is disabled it will use AES GCM. Thanks Sean for the code in ZD 11511. 2021-01-19 07:53:36 -08:00
toddouska
279c3f4c1b
Merge pull request #3614 from SparkiDev/aes_test_fix 
AES test: Remove unneeded loop
 2021-01-18 15:22:06 -08:00
toddouska
1e9394d5a8
Merge pull request #3627 from elms/EVP/ofb_rc4_size 
EVP: return proper cipher type and block size
 2021-01-18 15:13:55 -08:00