mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,602 Commits 5 Branches 162 Tags
Commit Graph

14602 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hideki Miyazaki
b76d44dad9
add ERR_lib_error_string 2021-07-21 10:31:00 +09:00
Sean Parkinson
af98e64b88
Merge pull request #4208 from dgarske/leaks 
Fixes for possible leaks with ECCSI and DH test
 2021-07-16 08:59:11 +10:00
David Garske
6c3c635be7
Merge pull request #4206 from julek-wolfssl/remove-api 2021-07-15 06:41:00 -07:00
JacobBarthelmeh
6a0809b53b
Merge pull request #4185 from guidovranken/fix-gh-issue-4184 
Fix compilation failure with WOLFSSL_PUBLIC_ECC_ADD_DBL
 2021-07-15 16:19:30 +07:00
JacobBarthelmeh
fc6aa19eb8
Merge pull request #4200 from haydenroche5/tcpdump 
Add support for tcpdump with wolfSSL.
 2021-07-15 14:57:47 +07:00
JacobBarthelmeh
6458a8cedd
Merge pull request #4187 from SparkiDev/sp_math_mod_red_fix 
SP math: montgomery reduction edge case
 2021-07-15 14:33:26 +07:00
David Garske
fbbb290d9e Fixes for possible leaks with HAVE_WOLF_BIGINT used by async in ECCSI and DH test. Fixes for GCC -fsanitize=address with --enable-all. 2021-07-14 14:57:32 -07:00
John Safranek
f82fd01283
Merge pull request #4202 from JacobBarthelmeh/BuildOptions 
fix for build with wpas and disable tls13
 2021-07-14 09:07:08 -07:00
JacobBarthelmeh
b5eef78cdb
Merge pull request #4176 from SparkiDev/sp_math_read_bin_max 
SP math all: allow reading of bin up to max digit size
 2021-07-14 16:03:32 +07:00
JacobBarthelmeh
18399091ce
Merge pull request #4012 from julek-wolfssl/haproxy 
HaProxy 2.4-dev18 support
 2021-07-14 15:46:04 +07:00
Daniel Pouzzner
81f3f417e8
Merge pull request #4190 from SparkiDev/bench_sakke_ecdsa 
ECC bench: can't use SAKKE curve with ECDH/ECDSA
 2021-07-13 15:39:25 -05:00
David Garske
10987a69d7
Merge pull request #4201 from JacobBarthelmeh/Release 
bump version for dev
 2021-07-13 11:41:51 -07:00
JacobBarthelmeh
0d55dcaaa0
Merge pull request #4188 from guidovranken/mp_invmod_slow-check 
Add missing return value check in mp_invmod_slow
 2021-07-14 01:27:10 +07:00
Jacob Barthelmeh
3f22721a86 use version from wolfssl/version.h with driver 2021-07-13 22:39:39 +07:00
Jacob Barthelmeh
2592a04d8a fix for build with wpas and disable tls13 2021-07-13 15:49:40 +07:00
Jacob Barthelmeh
3bebcaaf54 bump version for dev 2021-07-13 04:18:52 +07:00
John Safranek
52b8c7b1fa
Merge pull request #4192 from haydenroche5/ocsp_http_header 
Improve wolfIO_HttpProcessResponse HTTP header checking logic.
 2021-07-12 14:13:07 -07:00
Hayden Roche
9f8e728672 Add support for tcpdump with wolfSSL. 2021-07-12 14:06:25 -07:00
John Safranek
add4a68465
Merge pull request #4199 from JacobBarthelmeh/Certs 
Lighttpd build fix and gencertbuf on updated ed25519 certs
v4.8.0-stable 		2021-07-12 09:15:50 -07:00
Jacob Barthelmeh
851c1fe1cf fix for lighttpd build 2021-07-12 16:25:50 +07:00
Jacob Barthelmeh
2f9af5f753 gencertbuf on updated ed25519 certs 2021-07-12 14:31:03 +07:00
John Safranek
30baa83a0b
Merge pull request #4198 from douzzer/fix-linuxkm-for-v4.8 2021-07-09 19:15:23 -07:00
John Safranek
50d007ded8
Merge pull request #4196 from JacobBarthelmeh/Release 
Release version 4.8.0
 2021-07-09 14:33:26 -07:00
John Safranek
84539be656
Merge pull request #4197 from JacobBarthelmeh/Jenkins 
Updates found with Jenkins tests
 2021-07-09 14:32:43 -07:00
Daniel Pouzzner
15c890179f Linux kernel module: add an explicit -ffreestanding to CFLAGS in linuxkm/Makefile, and in wc_port.h ifdef WOLFSSL_LINUXKM, ignore -Wtype-limits in Linux kernel header files (needed for kernel v5.13), and suppress inclusion of stdint-gcc.h. 2021-07-09 15:23:07 -05:00
Jacob Barthelmeh
88b70a3906 update google cert that was set to expire in Dec 2021 2021-07-09 23:57:50 +07:00
JacobBarthelmeh
c01a63508a account for testing on big endian system 2021-07-09 08:18:39 -06:00
Jacob Barthelmeh
f4c4cf8afe update changelog for release 4.8.0 2021-07-09 17:02:18 +07:00
JacobBarthelmeh
500a6c8b27 prepare for release 4.8.0 2021-07-08 12:02:40 -06:00
JacobBarthelmeh
127add4bf7 include stddef for size_t type for ptr 2021-07-08 07:06:20 -06:00
Jacob Barthelmeh
7bcd0da164 warning for length used on strncpy 2021-07-08 15:51:17 +07:00
Jacob Barthelmeh
263e03748e fix issue of handling partially streamed PKCS7 input 2021-07-08 15:25:40 +07:00
JacobBarthelmeh
a250e1f23a
Merge pull request #4194 from ejohnstown/to-fix 
Timeout Fix
 2021-07-08 14:34:42 +07:00
John Safranek
c9aa23ac7a
Merge pull request #4191 from dgarske/htons 
Fix for missing `XHTONS` with `WOLFSSL_USER_IO` and session tickets
 2021-07-07 16:21:59 -07:00
John Safranek
00cab36b36
Timeout Fix 
The macros setting up the timeout for the select used to timeout just
multiplied the ms by 1000 to make us. The BSD select used on macOS
doesn't like the us to be greater than 999999. Modified to carry the
excess us over into the seconds.
 2021-07-07 16:14:48 -07:00
Sean Parkinson
849020660f
Merge pull request #4182 from JacobBarthelmeh/CAAM 
check return of DSA decode
 2021-07-08 08:16:46 +10:00
John Safranek
b9dac74086
Merge pull request #4193 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis tests
 2021-07-07 14:23:58 -07:00
JacobBarthelmeh
86e5287a14
Merge pull request #4032 from TakayukiMatsuo/tk11968 
Make wolfSSL_CTX_set_timeout reflect to Session-ticket-lifetime-hint
 2021-07-07 22:26:06 +07:00
Juliusz Sosinowicz
b7bd3766c7 Fix pedantic errors about macros in macros 2021-07-07 10:54:34 +02:00
JacobBarthelmeh
7b9d6a3f5e
Merge pull request #3792 from TakayukiMatsuo/os_keylog 
Add wolfSSL_CTX_set_keylog_callback
 2021-07-07 15:34:33 +07:00
Hayden Roche
7422f07fb5 Improve wolfIO_HttpProcessResponse HTTP header checking logic. 
Modify this function to just ensure that the response header starts with "HTTP
1.x 200" (where x is 0, 1, etc.).
 2021-07-06 15:18:26 -07:00
David Garske
41ac17cdc6 Improve support for XHTONS with WOLFSSL_USER_IO and session tickets with default encryption implementation !WOLFSSL_NO_DEF_TICKET_ENC_CB. 2021-07-06 13:13:35 -07:00
Jacob Barthelmeh
b1a6d88af6 fix for memory leak 2021-07-06 23:37:35 +07:00
Juliusz Sosinowicz
fc7533fe5e Code review changes 2021-07-06 16:14:25 +02:00
Juliusz Sosinowicz
1acf906612 Code review changes 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
6dfc702364 Correct serverDH_Pub length on renegotiation 
On a renegotiation the serverDH_Pub buffer may be too short. The previous DhGenKeyPair call may have generated a key that has a shorter binary representation (usually by one byte). Calling DhGenKeyPair with this shorter buffer results in a WC_KEY_SIZE_E error.
 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
1b6b16c2c3 HaProxy 2.4-dev18 support 
*This patch is dependent on https://github.com/wolfSSL/wolfssl/pull/3871 because proto version selection logic is refactored in that pull request.*
This patch contains the following changes:
- Enable more options with `--enable-haproxy`
- Compatibility layer additions
    - `STACK_TYPE_X509_OBJ`
    - `OCSP_id_cmp`
    - `X509_STORE_get0_objects`
    - `X509V3_EXT_nconf_nid`
    - `X509V3_EXT_nconf`
    - `X509_chain_up_ref`
    - `X509_NAME_hash`
    - `sk_X509_NAME_new_null`
    - `X509_OBJECT_get0_X509`
    - `X509_OBJECT_get0_X509_CRL`
    - `ASN1_OCTET_STRING_free`
    - `X509_LOOKUP_TYPE`
    - `OSSL_HANDSHAKE_STATE`
- New `OPENSSL_COMPATIBLE_DEFAULTS` define will set default behaviour that is compatible with OpenSSL
    - WOLFSSL_CTX
        - Enable all compiled in protocols
        - Allow anonymous ciphers
        - Set message grouping
        - Set verify to SSL_VERIFY_NONE
- In `SetSSL_CTX`, don't change `send` and `recv` callback if currently using `BIO`
- `ssl->peerVerifyRet`
    - Return first that occured
    - Set correct value on date error
    - Set revoked error on OCSP or CRL error
    - Save value in session and restore on resumption
    - Add to session serialization
- With `OPENSSL_EXTRA`, send an alert on invalid downgrade attempt
- Handle sni callback `SSL_TLSEXT_ERR_NOACK`
- Add `WOLFSSL_VERIFY_DEFAULT` option for `wolfSSL_CTX_set_verify` and `wolfSSL_set_verify` to allow resetting to default behaviour
 2021-07-06 15:39:23 +02:00
Jacob Barthelmeh
a6ce91f3bb fix for gcc-11 build with blake2 2021-07-06 14:53:39 +07:00
Jacob Barthelmeh
ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
Sean Parkinson
34528eb6c9 ECC bench: can't use SAKKE curve with ECDH/ECDSA 
Skip curve benchmarking when all curves are being benchmarked.
 2021-07-06 12:19:50 +10:00