54b17ba465
Merge pull request #3952 from julek-wolfssl/ZD12062
...
Using `--enable-chacha=noasm` wouldn't actually enable chacha
2021-04-23 15:55:10 -07:00
91e90f7a98
Merge pull request #3604 from haydenroche5/stunnel
...
Make changes to get latest verison of stunnel (5.57) working with wolfSSL.
2021-04-23 15:41:22 -07:00
40d5aad8fe
configure.ac: improve dynamics of --enable-wolfsentry and --with-wolfsentry*, including existence-checking user-supplied paths.
2021-04-21 17:28:27 -05:00
c874d9259c
configure.ac: add --with-wolfsentry option.
2021-04-21 03:19:35 -05:00
23d8df720e
remove WOLFSSL_NETWORK_INTROSPECTION code; add wolfSSL_X509_STORE_set_ex_data_with_cleanup(); refactor WOLFSSL_WOLFSENTRY_HOOKS code in server.c to use HAVE_EX_DATA/HAVE_EX_DATA_CLEANUP_HOOKS.
2021-04-20 23:59:58 -05:00
1cbe696716
checkpoint: fully functioning demo via examples/server/ and unit.test (which produces a "filtered" error on a subtest when built --enable-wolfsentry).
2021-04-20 23:59:57 -05:00
ba2cc00e5d
initial implementation of WOLFSSL_NETWORK_INTROSPECTION: --enable-network-introspection, struct wolfSSL_network_connection, wolfSSL_*_endpoints*(), NetworkFilterCallback_t, wolfSSL_*set_AcceptFilter().
2021-04-20 23:59:57 -05:00
4cd3f2e826
Make changes to get latest verison of stunnel (5.57) working with wolfSSL.
2021-04-13 09:18:25 -05:00
d8dd69cf44
Using `--enable-chacha=noasm` wouldn't actually enable chacha
2021-04-08 12:46:05 +02:00
5f6b618e71
configure.ac: add --enable-aescbc-length-checks and add it to --enable-all; api.c: fix expected error code in WOLFSSL_AES_CBC_LENGTH_CHECKS path of test_wc_AesCbcEncryptDecrypt(); aes.c: add explanatory comment on WOLFSSL_AES_CBC_LENGTH_CHECKS to top of file.
2021-03-26 14:04:25 -05:00
13d81f1fb9
Merge pull request #3902 from dgarske/snicb
...
Fix for SNI recv callback
2021-03-24 15:34:35 +07:00
9313d59479
Fix for SNI callback
...
* Fix for SNI callback on server to make sure the SNI data is stored even without setting a hostname. This makes sure the SNI extension is set when there is a registered SNI recv callback.
* Fix for Apache HTTPD to include `WOLFSSL_ALWAYS_KEEP_SNI`
2021-03-22 11:28:16 -07:00
14b7d70ae4
Merge pull request #3846 from kabuobeid/builtinEngsRandMethod
...
Add wolfSSL_RAND_set_rand_method() and document ENGINE_load_builtin_engines()
2021-03-19 14:23:03 -07:00
a363077b1e
Merge pull request #3841 from SparkiDev/aes_gcm_stream
...
AES GCM: implement streaming
2021-03-18 14:36:55 -07:00
7760dcb43b
Fixes and cleanups for the openssl compatibility layer `RAND_` functions. For `opensslextra=x509small` don't include the RAND method code. Removed abandonded "ENABLED_SMALL" option in configure.ac.
2021-03-17 15:51:52 -07:00
38d268dbbb
fixup
2021-03-17 11:31:03 +10:00
7f1e63e7f5
SP config: allow asm to be an SP options (--enable-sp=asm.yes)
2021-03-17 11:24:55 +10:00
35659be06f
AES GCM: implement streaming
...
Updated EVP layer to use streaming API when enabled.
Assembly for x64 updated to include streaming.
2021-03-16 16:39:49 +10:00
5fd0950a3a
Merge pull request #3654 from SparkiDev/sakke_eccsi
...
ECCSI and SAKKE: add support
2021-03-15 16:15:59 -07:00
92854a5ddc
configure.ac: advance AC_PREREQ from 2.63 (2008) to 2.69 (2012) to reflect current automated testing coverage, and to avoid intractable best-practice conflicts between 2.63 and 2.70 (2020); advance AM_INIT_AUTOMAKE from 1.11 (2009) to 1.14.1 (2013) to reflect current automated testing coverage; advance LT_PREREQ from 2.2 (2008) to 2.4.2 (2011) to reflect current automated testing coverage.
2021-03-12 13:49:29 -06:00
a55e94cf6f
ECCSI and SAKKE: add support
...
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
2021-03-12 09:31:22 +10:00
771a7418ea
fixes for compat with autoconf 2.70 and gcc-10: update m4/ax_pthread.m4 and m4/ax_tls.m4 from upstream, fix declaration syntax in tests/api.c, add AC_CANONICAL_TARGET in configure.ac, and fix two spots with bad quoting syntax in configure.ac and m4/ax_linuxkm.m4. also fix myriad whitespace flubs in api.c.
2021-03-11 17:29:12 -06:00
72eebd6e75
Merge pull request #3795 from JacobBarthelmeh/CAAM
...
Addition of QNX CAAM driver
2021-03-10 15:04:21 -08:00
cd26444e01
addressed jenkins failure part1
2021-03-05 08:19:21 +09:00
0a74fbf95f
Merge pull request #3789 from fabiankeil/configure-accept-amd64
...
configure: When enabling --enable-sp-asm, accept host_cpu amd64
2021-03-04 11:11:13 -08:00
749425e1e8
first pre alpha code for QNX + CAAM
...
manual run of RNG init and JDKEK print
job ring does initial rng
is successful on some red key blob operations
caam red key blob test pass
ecdsa sign/verify
ecdsa ecdh/sign/verify with black secure key
ecdsa ecdh/sign/verify with black secure key
initial cmac addition
initial cmac addition
black blob encap
black keys with cmac
add invalidate memory
refactoring and clean up
more code cleanup
add files for dist and remove some printf's
remove unneeded macro guard
use resource manager
2021-03-03 18:45:40 +07:00
4d8068a328
Merge pull request #3813 from douzzer/configure-autotools-boilerplate-at-the-top
...
configure.ac: put autotools boilerplate at the top
2021-03-02 09:22:09 -08:00
d805a5c681
SP int: get keygen working with SP math again
...
./configure --enable-sp --enable-sp-math --enable-keygen
2021-02-25 10:01:27 +10:00
9be1e74dc3
configure.ac: move the autotools boilerplate/initializations back to the top, before --enable-distro and --enable-reproducible-build handling.
2021-02-24 17:04:33 -06:00
c201b6801c
Merge pull request #3808 from lechner/enable-base64-with-all
...
Enable Base64 as part of --enable-all.
2021-02-24 14:39:20 -06:00
764207a9f5
Merge pull request #3806 from elms/autoconf/oot_fips_check
...
configure: fix for FIPS out-of-tree builds
2021-02-24 14:38:26 -06:00
94a23c1d48
Merge pull request #3646 from julek-wolfssl/nginx-1.19.6
...
Add support for Nginx 1.19.6
2021-02-24 12:21:51 -08:00
36ba2e134b
configure: FIPS error and compatability cleanup
...
Use autotools macros for case and if. Simplify validation logic.
2021-02-24 08:53:50 -08:00
ae28550667
Enable Base64 as part of --enable-all.
...
Part of an effort to standardize build options across distributions.
When building with all options, this includes Base64, a feature that
was requested in the past.
This commit passed Debian's Salsa CI pipeline [1] as part of a larger
commit streamlining the build options for distributions. [2]
A related pull request by douzzer activated reproducible builds for
distributions by default. [3]
Thanks to David Garske for his generous contributions to this commit!
[1] https://salsa.debian.org/lechner/wolfssl/-/pipelines/233601
[2] https://salsa.debian.org/lechner/wolfssl/-/blob/debian/master/debian/patches/standardize-distro-options.patch
[3] e30b3d3554
2021-02-23 19:46:56 -08:00
9dadd02fb9
configure.ac move --enable-distro handling to top (preceding --enable-reproducible-build handling), and turn on reproducible-build by default when enable-distro; fix spelling error in reproducible-build help text.
2021-02-23 17:05:44 -06:00
47872224d8
configure: fix for FIPS out-of-tree builds
...
Check for fips files relative to source directory.
2021-02-23 14:17:35 -08:00
0dfdf92ff7
Merge pull request #3784 from elms/cmake_curve_ed
...
configure: ED448 to enable SHA3 and SHAKE256 properly
2021-02-24 03:20:38 +07:00
5eba89c3ca
Merge pull request #3742 from julek-wolfssl/error-queue-per-thread
...
Add --enable-error-queue-per-thread
2021-02-23 12:02:16 -08:00
c4d2e7cfdb
configure: split SHA3 and SHAKE256 to work with ED448
...
Define flags and defaults early, but set CFLAGS later to allow
override.
2021-02-22 10:14:21 -08:00
1b319804ad
configure: When enabling --enable-sp-asm, accept host_cpu amd64 as alternative to x86_64
...
Allows to use --enable-sp-asm on ElectroBSD amd64.
Previouly configure failed with:
configure: error: ASM not available for CPU. Supported CPUs: x86_64, aarch64, arm
2021-02-20 14:25:05 +01:00
31d3dfdd4d
configure: ED448 to enable SHA3 and SHAKE256 properly
...
SHA3 and SHAKE256 are required for ED448, but were potentially
overwritten after being set when ED448, specifically others than
x86_64/aarch64
2021-02-19 13:18:52 -08:00
5f3ee2985c
bump version for development bundles
2021-02-16 23:57:47 +07:00
b8f841599c
Add --enable-error-queue-per-thread
2021-02-16 16:08:13 +01:00
9a1e54cfd5
Nginx 1.19.6 Fixes
2021-02-16 14:25:45 +01:00
847938f4d6
prepare for release v4.7.0
2021-02-16 02:41:37 +07:00
98b5900266
Revert of changes in PR #3289 , which should not have removed the `HAVE_SECRET_CALLBACK` and `WOLFSSL_PUBLIC_ECC_ADD_DBL`. These are required for hostapd.
2021-02-12 14:11:17 -08:00
d40ea03621
Merge pull request #3703 from SparkiDev/sp_int_malloc
...
SP int: Rework allocation of temporaries
2021-02-11 13:49:45 -08:00
39cb84de25
Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff
...
OpenVPN master additions
2021-02-11 08:56:45 -08:00
d64315a951
configure.ac: add --enable-reproducible-build: put ar and ranlib in deterministic mode, and leave LIBWOLFSSL_CONFIGURE_ARGS and LIBWOLFSSL_GLOBAL_CFLAGS out of the generated config.h. relates to PR #3417 .
2021-02-11 00:12:05 -06:00
b330196c28
SP int: Rework allocation of temporaries
...
Allocate only as much is as needed.
Use macros to simplify code.
Don't use an sp_int if you can use an array of 'sp_int_digit's.
2021-02-11 10:34:40 +10:00
toddouska
Daniel Pouzzner
Hayden Roche
Juliusz Sosinowicz
JacobBarthelmeh
David Garske
Sean Parkinson
Hideki Miyazaki
Elms
Felix Lechner
Fabian Keil