| Message ID | 20240404181630.2431991-23-juliusz@wolfssl.com |
|---|---|
| State | New |
| Headers | show
Return-Path:
<hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
dkim=pass (2048-bit key;
secure) header.d=lists.infradead.org header.i=@lists.infradead.org
header.a=rsa-sha256 header.s=bombadil.20210309 header.b=i4zAAxAx;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=wolfssl-com.20230601.gappssmtp.com
header.i=@wolfssl-com.20230601.gappssmtp.com header.a=rsa-sha256
header.s=20230601 header.b=uco/vbyy;
dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
(client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
[IPv6:2607:7c80:54:3::133])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
(No client certificate requested)
by legolas.ozlabs.org (Postfix) with ESMTPS id 4V9VJK3jGMz1yYf
for <incoming@patchwork.ozlabs.org>; Fri, 5 Apr 2024 05:19:29 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.infradead.org; s=bombadil.20210309; h=Sender:
Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
List-Owner; bh=1qWUMDGtV1qGTILwYDmdZj9s/ubme+pUDFPGGmccxWM=; b=i4zAAxAxINQ4/Z
LJGmxmK6sxl7ZT28gOu0afoKcx0d4ATLfiSLsS4u3dikNi9JyB3A6VYSRDlrAiwDtmh1Z0bRohvDJ
eqw8bBESi028CKVJkwdwTvO5k9CO3W66cnbjQooIwDoX+K6237b27Is53NZnJoKVkzhYReo0DMkqn
UKvsxbL9c8eTJX1P/hF6qa1PMpvd3NAODrqibDNuAxVElb8RlCR2mRbt/+gzuIDKtN7M4dO0Dz248
xbSy262zM2rnYKxAzfDfRKL9hWOaslMAZKS+qPLL0lMH1Ka8e9owXknMYkGoYM9zKX7ELtQ04syFR
t4Xqi4Lt5jrRg4D2SG3A==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
id 1rsRg8-00000003oAD-098n;
Thu, 04 Apr 2024 18:19:12 +0000
Received: from mail-lf1-x12f.google.com ([2a00:1450:4864:20::12f])
by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
id 1rsReN-00000003mr6-09HL
for hostap@lists.infradead.org;
Thu, 04 Apr 2024 18:17:27 +0000
Received: by mail-lf1-x12f.google.com with SMTP id
2adb3069b0e04-516cbf3fd3dso1307321e87.2
for <hostap@lists.infradead.org>;
Thu, 04 Apr 2024 11:17:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=wolfssl-com.20230601.gappssmtp.com; s=20230601; t=1712254639;
x=1712859439; darn=lists.infradead.org;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=qstqQw+c3YcxalyArdUTrRCNTyqMX09Fq8b/xlI3l4Q=;
b=uco/vbyyCvM8M2gsMzX+AO0ON+KKvvzaNd4xU9r1nnQtzG/mY/8IclgnOH7SQ+iCj9
/BE2y4E/+GT/qphcwaYvPN8Lozln2V7bzYb6moVTrQf1jnDgKB2QqEsmTzRmoTs0Bh5o
HJ8UPFKKcZJJ6BWoghe4gQ9abUKN1iCpY9gvSJ8pWA704PzeRJolR8vMLNNZglMlBHKN
rfSOhI5lkJRNMGsWZpSCJmWPwZrdeyduqnEQyl+jXMJ+XUi3hB6ZvDz1WTmzs9/lMeTA
4NBTwmovpEpveylIQaXvCDNXimwqEnJlNQDXeWAbRCZF9v2wJ9n/tDNWwDAPNJHLzwBg
xMKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1712254639; x=1712859439;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=qstqQw+c3YcxalyArdUTrRCNTyqMX09Fq8b/xlI3l4Q=;
b=BqH+DQs3VQxPhCqhIYqy+JX/lcENXxCSBXw8Mw0dXdWDYnlfr4zXCvL3hpyX45I79D
wpmetCe2iAOL4yXTIKRaUIB5oxMOa6yx2NRf8aP8326zkyyHyMVCN7ZzGgcGzUzdhLlQ
2Ej563YNZJXNsDpXBOOux0Y6VytgJzEWzJSGyQ3FZmmSxIpMXIMdETbVOaOk9tZNRKj1
As7F4tcDTqDPsGsNMEmATNcHpoS3S/ZYcxtbwr0JGBBq1GwuBDPAjeWUyBAvPZ6Z+IYP
4ZYi3TSdQWRhbzc+BX50aoBCKC3BdqMWq8CeBKKtLGxVnHSFOjv/18ZJFox4GaReK4yH
tcxw==
X-Gm-Message-State: AOJu0YwTvipz5sOgJMJ0Frz0jWNJjYhjPPsBHS1BSZ5x2oyVYFHESnj3
S5N4ui/apWU+yTjBi6LZ9iueGgpxWMHdDSDxcpxjmP2VbCwbxHDCuy9XIYqi8f+yfBjtwXx+BNZ
SynU=
X-Google-Smtp-Source:
AGHT+IEaiH2b4bFemnrHRjWZI2E6Oi/ZfQyLT/Ej5szfdUi6OLj9CeoX7xUWbcNPHBSQdooGXUtBQw==
X-Received: by 2002:a05:6512:49a:b0:516:be61:7688 with SMTP id
v26-20020a056512049a00b00516be617688mr170295lfq.22.1712254639289;
Thu, 04 Apr 2024 11:17:19 -0700 (PDT)
Received: from localhost.localdomain ([82.118.30.15])
by smtp.gmail.com with ESMTPSA id
dh26-20020a0564021d3a00b0056e0b358e86sm1976349edb.97.2024.04.04.11.17.18
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 04 Apr 2024 11:17:18 -0700 (PDT)
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
To: hostap@lists.infradead.org
Cc: Juliusz Sosinowicz <juliusz@wolfssl.com>
Subject: [PATCH 23/24] wolfSSL: Implement openssl_ecdh_curves
Date: Thu, 4 Apr 2024 20:16:29 +0200
Message-Id: <20240404181630.2431991-23-juliusz@wolfssl.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com>
References: <20240404181630.2431991-1-juliusz@wolfssl.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20240404_111723_702676_2F012E49
X-CRM114-Status: GOOD ( 10.48 )
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software,
running on the system "bombadil.infradead.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> ---
src/crypto/tls_wolfssl.c | 18 +++++++++++++++--- 1 file changed,
15 insertions(+),
3 deletions(-) diff --git a/src/crypto/tls_wolfssl.c
b/src/crypto/tls_wolfssl.c
index 8940de98d4..224940a402 100644 --- a/src/crypto/tls_wolfssl.c +++
b/src/crypto/tls_wolfssl.c
@@ -1628,6 +1628,15 @@ int tls_connec [...]
Content analysis details: (0.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no
trust
[2a00:1450:4864:20:0:0:0:12f listed in]
[list.dnswl.org]
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
|
| Series |
[01/24] wolfssl: simplify tls_get_cipher
|
expand
|
diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index 8940de98d4..224940a402 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -1628,6 +1628,15 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, return -1; } + if (params->openssl_ecdh_curves) { + if (wolfSSL_set1_curves_list(conn->ssl, params->openssl_ecdh_curves) + != 1) { + wpa_printf(MSG_ERROR, "wolfSSL: Failed to set ECDH curves '%s'", + params->openssl_ecdh_curves); + return -1; + } + } + tls_set_conn_flags(conn->ssl, params->flags); #ifdef HAVE_CERTIFICATE_STATUS_REQUEST @@ -1871,9 +1880,12 @@ int tls_global_set_params(void *tls_ctx, } if (params->openssl_ecdh_curves) { - wpa_printf(MSG_ERROR, - "wolfSSL: openssl_ecdh_curves not supported"); - return -1; + if (wolfSSL_CTX_set1_curves_list((WOLFSSL_CTX*)tls_ctx, + params->openssl_ecdh_curves) != 1) { + wpa_printf(MSG_ERROR, "wolfSSL: Failed to set ECDH curves '%s'", + params->openssl_ecdh_curves); + return -1; + } } #ifdef HAVE_SESSION_TICKET
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/tls_wolfssl.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-)