- Fix an issue in sniffer.c where some pointer math was giving a warning.
- Fix an issue in snifftest.c where a local variable was never read.
- Ignore non-TCP/IP packets in snifftest.c. Fixes some tests with pcaps with
other types of packets.
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
* Updated example to add support for CMSIS v2 and static memory.
* Improved example to support more build options.
* Added support for detecting Cube HAL and including `wolfSSL.wolfSSL_conf.h`.
Added a callback and support to allow one to handle storing the data
directly without reallocating the data buffer. Also added an example
that uses this callback if the callback is enabled in the build.
1. Check the sizes picked up out of the message against the expected
size of the record when looking at the certificate messages.
2. Renamed the cert and certSz in the watch callback with it being a
certChain.
1. Split the function ssl_SetWatchKey() into ssl_SetWatchKey_file()
which loads the key from a named file and ssl_SetWatchKey_buffer()
which loads the key from a provided buffer. file() uses buffer().
Added the build option for the Watch mode for the sniffer. Instead of
setting a set of IP addresses and keys, you set a callback function.
When any TLS connection is started, the hook is called and a hash of the
peer certificate is given to the callback function. It has a chance to
load a private key into the sniffer session. Enable this option with the
build flag "WOLFSSL_SNIFFER_WATCH".
1. Moved sslKeyFails.
2. Added sslEphemeralMisses, sslEncryptedConns, sslDecodeFails.
3. Removed the Rehandshake stats as the sniffer does not support rehandshaking.
4. Removed two of the per second stats as they seemed redundant.
5. Added a function to atomically read and reset the sniffer statistics.
1. Wrapped the added code for statistics in a preprocessor guard.
2. Added a check for the current cipher suite and if it is on the list
of allowed suites. Guarded by the statistics option.
3. Added more statistics from the list.
1. Collect the SSL Info capture into its own function.
2. Add a Trace function for the SSL Info.
3. When copying the IANA name for the cipher suite, use a strncpy
instead of a memcpy and cap the copy at the length of the destination.
Force a null terminator at the end of the destination, just in case.
4. Modify the snifftest to collect the SSL Info.
add user-crypto makefile
update README for IPP crypto
place user crypto in wolfcrypt and use autotools
adjust distributed files
move openssl compatibility consumption
auto use IPP RSA -- IPP directory containing shared libraries local
return value of wolfSSL_BN and formating of debug
openssh testing
make sure IPP not built when fips is
ipp init to select correct optimizations -- static libraries on linux -- fast-rsa disabled by default
try to only set library once
only use static IPP if fast rsa is enabled
make print out for user crypto more pretty
Prior to this change I had added a .props file for each .vcxproj to
use MSBuild's $(DefaultPlatformToolset) as the the default for
$(PlatformToolset). Typically that configuration allows for the
appropriate toolset to be used no matter which version of VS2010+
the wolfssl64.sln and project files are opened in. Problem is when an
MSBuild was used from the command line to build the solution it got the
$(DefaultPlatformToolset) from a property file based on the solution
header (currently "Format Version 12.00" which maps to Visual Studio
2012) instead. Another side effect was it set the VisualStudioVersion
to 11.0 (n - 1; n in this case 12.0) which was incorrect.
To remedy the above this change reverts back to the old PlatformToolset
method where the v110 toolset (Visual Studio 2012) is specified in every
configuration in every vcxproj. The user will have to specify explicitly
a different toolset to override it (either via command line or the GUI)
if they are not using VS2012.
VS2010 example:
msbuild -p:Configuration="Debug" wolfssl64.sln -p:PlatformToolset=v100
- Remove extern from declspec in WOLFSSL_API macro.
- Add a property file to *.vcxproj so that $(DefaultPlatformToolset) is
available.
- Remove the specified platform toolset (VS 2012) in *.vcxproj.
This change allows the projects to use $(DefaultPlatformToolset) so that
they will be built using the default platform toolset for whatever
version of Visual Studio 2010+ that loads them.
- Add DLL Release and DLL Debug configurations to *.vcxproj except for
sslSniffer.vcxproj.
The sniffer uses internal library components that aren't exposed in the
wolfSSL DLL so it can only be built by linking to CyaSSL's static lib.
- Change intermediate output directory of obj files to
<current-dir-setting>\obj\.
The purpose of this change is to separate the output files from the
intermediate files because sometimes they can end up in the same dir.
David Garske
Hayden Roche
Chris Conlon
John Safranek
Jacob Barthelmeh
Kaleb Joseph Himes
toddouska
Jay Satiro
kaleb-himes
toddouska
John Safranek
Chris Conlon