- Use unions for type punning in xor API
- Initialise potentially uninitialised variables
- Use `LL` suffix to specify a larger integer type
- Don't use `max` as it can shadow other definitions
Add support for compiling ASM for Thumb2
Add Curve25519 ASM for Thumb2
Limit assembly code compiled when Ed25519 not required.
Rework all assembly implementations to replace ge_*() functions instead
of having fe_ge_*() versions that take many parameters.
Get ARM32 inline asm working.
- wolfssl_ec_point_mul: fix parameters being passed into ec_mul2add
- Compile in compressed ecc key parsing for OPENSSLALL
- Improve debugging around compat layer ecc operations
- wolfSSL_BN_div: dv can be NULL
- Add spake like computation test
- Add CI krb5 testing
- Add timeouts to CI
tweak several #includes of settings.h to include types.h instead (all of these are for clarity, as types.h is indirectly included by later #includes), and add #include <wolfssl/wolfcrypt/types.h> where missing;
remove trailing semicolons from PRAGMA*() macro invocations as they are unneeded and can be harmful (inducing frivolous -Wdeclaration-after-statement etc.).
if ENABLED_LINUXKM_PIE, add -DWOLFSSL_NO_OCSP_ISSUER_CHECK to gate out backward dependency in asn.c;
if ENABLE_LINUXKM, don't error on FIPS without thread_ls_on;
for --enable-curl, set ENABLED_MD4="yes", and move --enable-md4 AC_ARG_ENABLE() clause up to a position adjacent to des3 handling;
scripts/sniffer-gen.sh: fix illegal exit code (SC2242);
src/internal.c: fix clang-analyzer-core.NonNullParamChecker in CreateTicket();
src/ocsp.c: fix readability-redundant-preprocessor;
src/tls.c: fix empty-body in TLSX_PskKeModes_Parse() and clang-diagnostic-unreachable-code-break in ALPN_Select();
tests/api.c: fix several clang-analyzer-core.NullDereference related to Expect*() refactor;
wolfcrypt/src/asn.c:
fix -Wconversions in DecodeAuthKeyId() and ParseCertRelative();
fix readability-redundant-declaration re GetCA() and GetCAByName();
gate inclusion of wolfssl/internal.h on !defined(WOLFCRYPT_ONLY);
wolfssl/internal.h: add macro-detection gating around GetCA() and GetCAByName() prototypes matching gates in wolfcrypt/src/asn.c;
tests/utils.c: in create_tmp_dir(), use one-arg variant of mkdir() if defined(__CYGWIN__) || defined(__MINGW32__).
Add support for cipher aliases DHE, EDH and EECDH.
Add define SSL_CTRL_GET_CHAIN_CERTS to help hitch and other programs detect SSL_CTX_get0_chain_certs is supported.
Add wolfSSL_get_locking_callback.
Allow using ECDHE+RSA cipher suites when ECDHE alias is used while in OpenSSL compatibility mode.
Add more alerts for hitch.
SSL_CM should use the CTX's x509_store_pt if available.
Add support for SSL_CERT_FILE and SSL_CERT_DIR. Load default OpenSSL TLS 1.3 ciphers when using OPENSSL_COMPATIBLE_DEFAULTS.
Use wolfSSL_sk_X509_new_null to allocate WOLFSSL_STACK in wolfSSL_CTX_get_extra_chain_certs. Previous approach of malloc'ing without setting type/memsetting was leading to a segfault.
Add --enable-hitch.
hitch: Add unit tests for new APIs, fix a couple of issues uncovered by unit testing.
Correct behavior of wolfSSL_BIO_set_mem_buf for BIO_CLOSE/NOCLOSE and update unit test accordingly.
Add Github action test for hitch.
