Open
Conversation
julek-wolfssl
force-pushed
the
nginx-1.28.0
branch
3 times, most recently
from
5f54234 to
c37bd2f
Compare
Member
Author
|
Retest this please AgentOfflineException |
julek-wolfssl
force-pushed
the
nginx-1.28.0
branch
from
c37bd2f to
622feb1
Compare
julek-wolfssl
force-pushed
the
nginx-1.28.0
branch
from
622feb1 to
1814bce
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Depends on wolfSSL/wolfssl-nginx#31
wolfssl/internal.hInternalTicketstruct gains a flexible array member: A newpeerCert[]field (with a precedingpeerCertLen[2]) is added toInternalTicket. This allows the peer's DER-encoded certificate to be stored directly inside the session ticket.ExternalTicketstruct becomes variable-length: Theenc_ticketfield is changed from a fixed-size array to a flexible array member (byte enc_ticket[]). Themacfield is removed from the struct — the MAC is now placed dynamically after the encrypted data inenc_ticket.src/internal.cGetRecordHeaderfunction now only addsMAX_COMP_EXTRAto the maximum allowed record size whenssl->options.usingCompressionis true, tightening the length validation. The max fragment length extension check is now much stricter.ssl->peerCertor fromssl->session->chain(fallback). If found and withinMAX_TICKET_PEER_CERT_SZ, it's copied intoit->peerCert. DTLS is explicitly excluded (peer cert length set to 0) to keep ticket size small for MTU constraints. IfHAVE_MAX_FRAGMENTis defined and max fragment is notMAX_RECORD_SIZEfor TLS 1.3, the cert is also skipped sinceSendTls13NewSessionTicketdoesn't support fragmentation yet.peerCertLen > 0), it is decoded back intossl->peerCertviaParseCertRelative/CopyDecodedToX509, and also added tossl->session->chainviaAddSessionCertToChain.CLEAR_ASN_NO_PEM_HEADER_ERRORmacro was rewritten to loop and remove all consecutive PEM no-start-line errors (not just the last one), wrapped in ado { ... } while(0)for safety.SendTicketfunction is simplified to useSendHandshakeMsgto support fragmenting the larger ticket.src/x509.cloadX509orX509REQFromPemBionow acceptsTRUSTED_CERT_TYPEin addition toCERT_TYPEandCERTREQ_TYPE.wolfSSL_BIO_get_len()returns ≤ 0 (e.g., pipes/FIFOs), the function no longer returns an error. Instead, it sets an initial buffer ofMAX_X509_SIZEand dynamically grows (doubling) up toMAX_BIO_READ_BUFFER(MAX_X509_SIZE * 16) as data is read byte-by-byte.TRUSTED_CERT_TYPE, the PEM reader also checks for the regularCERT_TYPEfooter (-----END CERTIFICATE-----) in addition to the trusted cert footer (-----END TRUSTED CERTIFICATE-----), so it can parse either format.cert->srcIdxtoSIGALGO_SEQoffset. This makescert->srcIdxreflect the end of parsed certificate data. This is used byloadX509orX509REQFromBufferto detect where auxiliary trust data begins in trusted certificates.src/ssl_sk.cSTACK_TYPE_X509_CRLcase towolfssl_sk_dup_datathat callswolfSSL_X509_CRL_dupfor deep-copying CRL stack elements. Previously,STACK_TYPE_X509_CRLfell through to the unsupported default case.wolfssl/openssl/ssl.hsk_X509_dupnow maps towolfSSL_shallow_sk_dup(waswolfSSL_sk_dup/deep copy). This matches OpenSSL's behavior wheresk_X509_dupdoes a shallow copy.sk_SSL_CIPHER_dupsimilarly changed towolfSSL_shallow_sk_dup.src/ssl_api_cert.cssl->ourCertisNULLand the SSL owns its cert, the function now checks ifssl->ctx->ourCertpoints to the same certificate (by comparing DER buffers). If so, it returns the ctx'sX509pointer directly. This maintains pointer compatibility for applications (like nginx OCSP stapling) that use theX509*fromSSL_CTX_use_certificateas a lookup key.src/bio.cwolfssl_file_lenreturnsWOLFSSL_BAD_FILETYPE(now returned for pipes/FIFOs),wolfSSL_BIO_get_lentreats it as length 0 instead of propagating the error.tests/test-maxfrag.confandtests/test-maxfrag-dtls.confDHE-RSA-AES256-GCM-SHA384test entries because the ClientKeyExchange doesn't fit in the selected max fragment length.