Skip to content

Commit 6b66149

Browse files
kaleb-himeskaleb-himes
authored
Merge branch 'master' into OE8-CHECK-IN
2 parents 2d01363 + 43e68ad commit 6b66149

1,711 files changed

Lines changed: 267980 additions & 89880 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.codespellexcludelines

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
###############################################################################
2+
# In this file, you should add the line of the file that needs to be ignored.
3+
# The line should be exactly as it appears in the file.
4+
###############################################################################
5+
0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
6+
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
7+
0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
8+
ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\n\
9+
static const byte plaintext[] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras lacus odio, pretium vel sagittis ac, facilisis quis diam. Vivamus condimentum velit sed dolor consequat interdum. Etiam eleifend ornare felis, eleifend egestas odio vulputate eu. Sed nec orci nunc. Etiam quis mi augue. Donec ullamcorper suscipit lorem, vel luctus augue cursus fermentum. Etiam a porta arcu, in convallis sem. Integer efficitur elementum diam, vel scelerisque felis posuere placerat. Donec vestibulum sit amet leo sit amet tincidunt. Etiam et vehicula turpis. Phasellus quis finibus sapien. Sed et tristique turpis. Nullam vitae sagittis tortor, et aliquet lorem. Cras a leo scelerisque, convallis lacus ut, fermentum urna. Mauris quis urna diam. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam aliquam vehicula orci id pulvinar. Proin mollis, libero sollicitudin tempor ultrices, massa augue tincidunt turpis, sit amet aliquam neque nibh nec dui. Fusce finibus massa quis rutrum suscipit cras amet";
10+
rsource "Kconfig.tls-generic"
11+
/* Loop over authenticated associated data AD1..ADn */
12+
/* no easy answer [c'est la vie]. Just division */
13+
const uint8_t* hashIn, int hashSz)
14+
XMEMCPY(hash + (curveSz - hashSz), hashIn, hashSz);
15+
0x63, 0x72, 0x65, 0x65, 0x6e, 0x20, 0x77, 0x6f, 0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69, /* creen would be i */
16+
\pagenumbering{alph}
17+
DES3_KEY_SIZE = 24, /* 3 des ede */
18+
/* functions added to support above needed, removed TOOM and KARATSUBA */

.github/ISSUE_TEMPLATE/bug_report.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,10 @@ body:
66
- type: markdown
77
attributes:
88
value: >
9-
Thanks for reporting an bug. If you would prefer a private method,
10-
please email support@wolfssl.com
9+
Thanks for reporting a bug. If you would prefer a private method,
10+
or if this is a vulnerability report please email support@wolfssl.com
11+
instead. This is publicly viewable and not appropriate for vulnerability
12+
reports.
1113
- type: input
1214
id: contact
1315
attributes:

.github/ISSUE_TEMPLATE/other.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,9 @@ body:
66
attributes:
77
value: >
88
Thanks for reporting an issue. If you would prefer a private method,
9-
please email support@wolfssl.com
9+
or if this is a vulnerability report please email support@wolfssl.com
10+
instead. This is publicly viewable and not appropriate for vulnerability
11+
reports.
1012
- type: input
1113
id: version
1214
attributes:

.github/workflows/ada.yml

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
name: WolfSSL Ada Build Tests
2+
3+
on:
4+
push:
5+
branches: [ 'master', 'main', 'release/**' ]
6+
pull_request:
7+
branches: [ '*' ]
8+
9+
jobs:
10+
build:
11+
12+
runs-on: ubuntu-latest
13+
14+
steps:
15+
- uses: actions/checkout@master
16+
17+
- name: Install gnat
18+
run: |
19+
sudo apt-get update
20+
sudo apt-get install -y gnat gprbuild
21+
22+
- name: Checkout wolfssl
23+
uses: actions/checkout@master
24+
with:
25+
repository: wolfssl/wolfssl
26+
path: wolfssl
27+
28+
- name: Build wolfssl Ada
29+
working-directory: ./wolfssl/wrapper/Ada
30+
run: |
31+
mkdir obj
32+
gprbuild default.gpr
33+
gprbuild examples.gpr

.github/workflows/async.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,8 @@ jobs:
2323
'--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
2424
]
2525
name: make check
26-
runs-on: ubuntu-latest
26+
if: github.repository_owner == 'wolfssl'
27+
runs-on: ubuntu-22.04
2728
# This should be a safe limit for the tests to run.
2829
timeout-minutes: 6
2930
steps:
@@ -36,7 +37,7 @@ jobs:
3637
./configure ${{ matrix.config }}
3738
make check
3839
39-
- name: Print errors
40+
- name: Print errors
4041
if: ${{ failure() }}
4142
run: |
4243
if [ -f test-suite.log ] ; then

.github/workflows/bind.yml

Lines changed: 93 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,93 @@
1+
name: bind9 Tests
2+
3+
# START OF COMMON SECTION
4+
on:
5+
push:
6+
branches: [ 'master', 'main', 'release/**' ]
7+
pull_request:
8+
branches: [ '*' ]
9+
10+
concurrency:
11+
group: ${{ github.workflow }}-${{ github.ref }}
12+
cancel-in-progress: true
13+
# END OF COMMON SECTION
14+
15+
jobs:
16+
build_wolfssl:
17+
name: Build wolfSSL
18+
if: github.repository_owner == 'wolfssl'
19+
# Just to keep it the same as the testing target
20+
runs-on: ubuntu-22.04
21+
# This should be a safe limit for the tests to run.
22+
timeout-minutes: 4
23+
steps:
24+
- name: Build wolfSSL
25+
uses: wolfSSL/actions-build-autotools-project@v1
26+
with:
27+
path: wolfssl
28+
configure: --enable-all
29+
install: true
30+
check: false
31+
32+
- name: tar build-dir
33+
run: tar -zcf build-dir.tgz build-dir
34+
35+
- name: Upload built lib
36+
uses: actions/upload-artifact@v4
37+
with:
38+
name: wolf-install-bind
39+
path: build-dir.tgz
40+
retention-days: 5
41+
42+
bind_check:
43+
strategy:
44+
fail-fast: false
45+
matrix:
46+
# List of releases to test
47+
ref: [ 9.18.0, 9.18.28 ]
48+
name: ${{ matrix.ref }}
49+
if: github.repository_owner == 'wolfssl'
50+
runs-on: ubuntu-22.04
51+
# This should be a safe limit for the tests to run.
52+
timeout-minutes: 10
53+
needs: build_wolfssl
54+
steps:
55+
- name: Download lib
56+
uses: actions/download-artifact@v4
57+
with:
58+
name: wolf-install-bind
59+
60+
- name: untar build-dir
61+
run: tar -xf build-dir.tgz
62+
63+
- name: Install dependencies
64+
run: |
65+
# Don't prompt for anything
66+
export DEBIAN_FRONTEND=noninteractive
67+
sudo apt-get update
68+
# hostap dependencies
69+
sudo apt-get install -y libuv1-dev libnghttp2-dev libcap-dev libcmocka-dev
70+
71+
- name: Checkout OSP
72+
uses: actions/checkout@v4
73+
with:
74+
repository: wolfssl/osp
75+
path: osp
76+
77+
- name: Checkout bind9
78+
uses: actions/checkout@v4
79+
with:
80+
repository: isc-projects/bind9
81+
path: bind
82+
ref: v${{ matrix.ref }}
83+
84+
- name: Build and test bind9
85+
working-directory: bind
86+
run: |
87+
export PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig
88+
patch -p1 < $GITHUB_WORKSPACE/osp/bind9/${{ matrix.ref }}.patch
89+
autoreconf -ivf
90+
./configure --with-wolfssl
91+
sed -i 's/SUBDIRS = system//g' bin/tests/Makefile # remove failing tests
92+
make -j V=1
93+
make -j V=1 check

.github/workflows/cmake.yml

Lines changed: 108 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
name: WolfSSL CMake Build Tests
2+
3+
on:
4+
push:
5+
branches: [ 'master', 'main', 'release/**' ]
6+
pull_request:
7+
branches: [ '*' ]
8+
9+
jobs:
10+
build:
11+
12+
runs-on: ubuntu-latest
13+
14+
steps:
15+
# pull wolfSSL
16+
- uses: actions/checkout@master
17+
18+
# install cmake
19+
- name: Install cmake
20+
run: |
21+
sudo apt-get update
22+
sudo apt-get install -y cmake
23+
24+
# pull wolfssl
25+
- name: Checkout wolfssl
26+
uses: actions/checkout@master
27+
with:
28+
repository: wolfssl/wolfssl
29+
path: wolfssl
30+
31+
# build wolfssl
32+
- name: Build wolfssl
33+
working-directory: ./wolfssl
34+
run: |
35+
mkdir build
36+
cd build
37+
cmake -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -DWOLFSSL_INSTALL=yes -DCMAKE_INSTALL_PREFIX="$GITHUB_WORKSPACE/install" \
38+
-DWOLFSSL_16BIT:BOOL=no -DWOLFSSL_32BIT:BOOL=no -DWOLFSSL_AES:BOOL=yes \
39+
-DWOLFSSL_AESCBC:BOOL=yes -DWOLFSSL_AESCCM:BOOL=yes -DWOLFSSL_AESCFB:BOOL=yes \
40+
-DWOLFSSL_AESCTR:BOOL=yes -DWOLFSSL_AESGCM:STRING=yes -DWOLFSSL_AESKEYWRAP:BOOL=yes \
41+
-DWOLFSSL_AESOFB:BOOL=yes -DWOLFSSL_AESSIV:BOOL=yes -DWOLFSSL_ALIGN_DATA:BOOL=yes \
42+
-DWOLFSSL_ALPN:BOOL=ON -DWOLFSSL_ALT_CERT_CHAINS:BOOL=ON -DWOLFSSL_ARC4:BOOL=yes \
43+
-DWOLFSSL_ARIA:BOOL=no -DWOLFSSL_ASIO:BOOL=no -DWOLFSSL_ASM:BOOL=yes -DWOLFSSL_ASN:BOOL=yes \
44+
-DWOLFSSL_ASYNC_THREADS:BOOL=no -DWOLFSSL_BASE64_ENCODE:BOOL=yes -DWOLFSSL_CAAM:BOOL=no \
45+
-DWOLFSSL_CERTEXT:BOOL=yes -DWOLFSSL_CERTGEN:BOOL=yes -DWOLFSSL_CERTGENCACHE:BOOL=no \
46+
-DWOLFSSL_CERTREQ:BOOL=yes -DWOLFSSL_CHACHA:STRING=yes -DWOLFSSL_CMAC:BOOL=yes \
47+
-DWOLFSSL_CODING:BOOL=yes -DWOLFSSL_CONFIG_H:BOOL=yes -DWOLFSSL_CRL:STRING=yes \
48+
-DWOLFSSL_CRYPTOCB:BOOL=yes -DWOLFSSL_CRYPTOCB_NO_SW_TEST:BOOL=no \
49+
-DWOLFSSL_CRYPT_TESTS:BOOL=yes -DWOLFSSL_CRYPT_TESTS_HELP:BOOL=no \
50+
-DWOLFSSL_CRYPT_TESTS_LIBS:BOOL=no -DWOLFSSL_CURL:BOOL=yes -DWOLFSSL_CURVE25519:STRING=yes \
51+
-DWOLFSSL_CURVE448:STRING=yes -DWOLFSSL_DEBUG:BOOL=yes -DWOLFSSL_DES3:BOOL=ON \
52+
-DWOLFSSL_DES3_TLS_SUITES:BOOL=no -DWOLFSSL_DH:STRING=yes -DWOLFSSL_DH_DEFAULT_PARAMS:BOOL=yes \
53+
-DWOLFSSL_DSA:BOOL=yes -DWOLFSSL_DTLS:BOOL=ON -DWOLFSSL_DTLS13:BOOL=yes \
54+
-DWOLFSSL_DTLS_CID:BOOL=yes -DWOLFSSL_ECC:STRING=yes \
55+
-DWOLFSSL_ECCCUSTCURVES:STRING=all -DWOLFSSL_ECCSHAMIR:BOOL=yes \
56+
-DWOLFSSL_ECH:BOOL=yes -DWOLFSSL_ED25519:BOOL=yes -DWOLFSSL_ED448:STRING=yes \
57+
-DWOLFSSL_ENCKEYS:BOOL=yes -DWOLFSSL_ENC_THEN_MAC:BOOL=yes -DWOLFSSL_ERROR_QUEUE:BOOL=yes \
58+
-DWOLFSSL_ERROR_STRINGS:BOOL=yes -DWOLFSSL_EXAMPLES:BOOL=yes -DWOLFSSL_EXPERIMENTAL:BOOL=yes \
59+
-DWOLFSSL_EXTENDED_MASTER:BOOL=yes -DWOLFSSL_EX_DATA:BOOL=yes -DWOLFSSL_FAST_MATH:BOOL=no \
60+
-DWOLFSSL_FILESYSTEM:BOOL=yes -DWOLFSSL_HARDEN:BOOL=yes -DWOLFSSL_HASH_DRBG:BOOL=yes \
61+
-DWOLFSSL_HKDF:BOOL=yes -DWOLFSSL_HPKE:BOOL=yes -DWOLFSSL_HRR_COOKIE:STRING=yes \
62+
-DWOLFSSL_INLINE:BOOL=yes -DWOLFSSL_INSTALL:BOOL=yes -DWOLFSSL_IP_ALT_NAME:BOOL=ON \
63+
-DWOLFSSL_KEYGEN:BOOL=yes -DWOLFSSL_KEYING_MATERIAL:BOOL=ON \
64+
-DWOLFSSL_MD4:BOOL=ON -DWOLFSSL_MD5:BOOL=yes -DWOLFSSL_MEMORY:BOOL=yes -DWOLFSSL_NO_STUB:BOOL=no \
65+
-DWOLFSSL_OAEP:BOOL=yes -DWOLFSSL_OCSP:BOOL=yes -DWOLFSSL_OCSPSTAPLING:BOOL=ON \
66+
-DWOLFSSL_OCSPSTAPLING_V2:BOOL=ON -DWOLFSSL_OLD_NAMES:BOOL=yes -DWOLFSSL_OLD_TLS:BOOL=yes \
67+
-DWOLFSSL_OPENSSLALL:BOOL=yes -DWOLFSSL_OPENSSLEXTRA:BOOL=ON -DWOLFSSL_OPTFLAGS:BOOL=yes \
68+
-DWOLFSSL_OQS:BOOL=no -DWOLFSSL_PKCALLBACKS:BOOL=yes -DWOLFSSL_PKCS12:BOOL=yes \
69+
-DWOLFSSL_PKCS7:BOOL=yes -DWOLFSSL_POLY1305:BOOL=yes -DWOLFSSL_POSTAUTH:BOOL=yes \
70+
-DWOLFSSL_PWDBASED:BOOL=yes -DWOLFSSL_QUIC:BOOL=yes -DWOLFSSL_REPRODUCIBLE_BUILD:BOOL=no \
71+
-DWOLFSSL_RNG:BOOL=yes -DWOLFSSL_RSA:BOOL=yes -DWOLFSSL_RSA_PSS:BOOL=yes \
72+
-DWOLFSSL_SESSION_TICKET:BOOL=ON -DWOLFSSL_SHA:BOOL=yes -DWOLFSSL_SHA224:BOOL=yes \
73+
-DWOLFSSL_SHA3:STRING=yes -DWOLFSSL_SHA384:BOOL=yes -DWOLFSSL_SHA512:BOOL=yes \
74+
-DWOLFSSL_SHAKE128:STRING=yes -DWOLFSSL_SHAKE256:STRING=yes -DWOLFSSL_SINGLE_THREADED:BOOL=no \
75+
-DWOLFSSL_SNI:BOOL=yes -DWOLFSSL_SP_MATH_ALL:BOOL=yes -DWOLFSSL_SRTP:BOOL=yes \
76+
-DWOLFSSL_STUNNEL:BOOL=yes -DWOLFSSL_SUPPORTED_CURVES:BOOL=yes -DWOLFSSL_SYS_CA_CERTS:BOOL=yes \
77+
-DWOLFSSL_TICKET_NONCE_MALLOC:BOOL=yes -DWOLFSSL_TLS13:BOOL=yes -DWOLFSSL_TLSV12:BOOL=yes \
78+
-DWOLFSSL_TLSX:BOOL=yes -DWOLFSSL_TPM:BOOL=yes -DWOLFSSL_CLU:BOOL=yes -DWOLFSSL_USER_SETTINGS:BOOL=no \
79+
-DWOLFSSL_USER_SETTINGS_ASM:BOOL=no -DWOLFSSL_WOLFSSH:BOOL=ON -DWOLFSSL_X86_64_BUILD_ASM:BOOL=yes \
80+
-DWOLFSSL_X963KDF:BOOL=yes \
81+
-DCMAKE_C_FLAGS="-DWOLFSSL_DTLS_CH_FRAG" \
82+
..
83+
cmake --build .
84+
ctest -j $(nproc)
85+
cmake --install .
86+
87+
# clean up
88+
cd ..
89+
rm -rf build
90+
91+
# Kyber Cmake broken
92+
# -DWOLFSSL_KYBER:BOOL=yes
93+
94+
# build "lean-tls" wolfssl
95+
- name: Build wolfssl with lean-tls
96+
working-directory: ./wolfssl
97+
run: |
98+
mkdir build
99+
cd build
100+
cmake -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -DWOLFSSL_INSTALL=yes -DCMAKE_INSTALL_PREFIX="$GITHUB_WORKSPACE/install" \
101+
-DWOLFSSL_LEAN_TLS:BOOL=yes \
102+
..
103+
cmake --build .
104+
cmake --install .
105+
106+
# clean up
107+
cd ..
108+
rm -rf build

.github/workflows/codespell.yml

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
name: Codespell test
2+
3+
on:
4+
push:
5+
branches: [ 'master', 'main', 'release/**' ]
6+
pull_request:
7+
branches: [ '*' ]
8+
9+
concurrency:
10+
group: ${{ github.workflow }}-${{ github.ref }}
11+
cancel-in-progress: true
12+
# END OF COMMON SECTION
13+
14+
jobs:
15+
codespell:
16+
if: github.repository_owner == 'wolfssl'
17+
runs-on: ubuntu-22.04
18+
steps:
19+
- uses: actions/checkout@v4
20+
21+
- uses: codespell-project/actions-codespell@v2.1
22+
with:
23+
check_filenames: true
24+
check_hidden: true
25+
# Add comma separated list of words that occur multiple times that should be ignored (sorted alphabetically, case sensitive)
26+
ignore_words_list: adin,aNULL,brunch,carryIn,chainG,ciph,cLen,cliKs,dout,haveA,inCreated,inOut,inout,larg,LEAPYEAR,Merget,optionA,parm,parms,repid,rIn,userA,ser,siz,te,Te
27+
# The exclude_file contains lines of code that should be ignored. This is useful for individual lines which have non-words that can safely be ignored.
28+
exclude_file: '.codespellexcludelines'
29+
# To skip files entirely from being processed, add it to the following list:
30+
skip: '*.cproject,*.der,*.mtpj,*.pem,*.vcxproj,.git,*.launch,*.scfg,*.revoked'

.github/workflows/coverity-scan-fixes.yml

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
name: Coverity Scan master branch
2+
3+
on:
4+
workflow_dispatch:
5+
schedule:
6+
- cron: '0 0 * * 1-5'
7+
- cron: '0 0 * * 0'
8+
- cron: '0 12 * * 0'
9+
10+
jobs:
11+
coverity:
12+
if: github.repository_owner == 'wolfssl'
13+
runs-on: ubuntu-22.04
14+
steps:
15+
- uses: actions/checkout@v4
16+
with:
17+
ref: master
18+
19+
- name: Configure wolfSSL with enable-all M-F
20+
if: github.event.schedule == '0 0 * * 1-5'
21+
run: |
22+
./autogen.sh
23+
./configure --enable-all
24+
25+
- name: Configure wolfSSL with enable-all enable-smallstack Sun at 00:00
26+
if: github.event.schedule == '0 0 * * 0'
27+
run: |
28+
./autogen.sh
29+
./configure --enable-all --enable-smallstack
30+
31+
- name: Configure wolfSSL with bigendian Sun at 12:00
32+
if: github.event.schedule == '0 12 * * 0'
33+
run: |
34+
./autogen.sh
35+
./configure --enable-all CFLAGS="-DBIG_ENDIAN_ORDER"
36+
37+
- name: Check secrets
38+
env:
39+
token_var: ${{ secrets.COVERITY_SCAN_TOKEN }}
40+
email_var: ${{ secrets.COVERITY_SCAN_EMAIL }}
41+
run: |
42+
token_len=${#token_var}
43+
echo "$token_len"
44+
email_len=${#email_var}
45+
echo "$email_len"
46+
47+
- uses: vapier/coverity-scan-action@v1
48+
with:
49+
build_language: 'cxx'
50+
project: "wolfSSL/wolfssl"
51+
token: ${{ secrets.COVERITY_SCAN_TOKEN }}
52+
email: ${{ secrets.COVERITY_SCAN_EMAIL }}
53+
command: "make"

0 commit comments

Comments
 (0)