kareem-wolfssl
kareem-wolfssl
You can use the flag `EXTERNAL_OPTS_OPENVPN` to have us include options.h in our settings.h (which is included by ssl.h). We don't generally recommend or support this flag, it is only...
Hi @vszakats , I was able to reproduce the failures you're seeing here. Some failures are being caused by our AES-GCM streaming support not being enabled, you can enable this...
Happy to help! It is correct, but to be safe I'd recommend checking both. I left a comment in the review. wolfSSL does not control any distributions' packages, you will...
I have found another issue, wolfSSL does not like this call in openssl.c: `ret = EVP_Cipher(*ctx, NULL, NULL, 0);` We don't support NULL src or dest and just return BAD_FUNC_ARG....
Understood. I will still look into getting this added to our tests, to hopefully avoid situations like this in the future. Looking at the libssh2 code, it looks like you...
Hi @qikailiang , This will work if the client is able to downgrade to DTLS 1.2. You can enable downgrading by calling wolfSSL_CTX_new with wolfDTLS_client_method.
Hi @clseibold, We expect this to work on Windows if you use something like WSL or Mingw64, but it has not been tested yet. Please let us know if you...
Please do not merge yet, just looking for a review + pipeline tests passing for now. Will merge after customer confirms patch works for them.
Looks like my rebase messed up this PR, I will open a new PR, but will keep the current code review feedback in mind.
I tried moving the check to the end of the function, but this lead to test failures, and doesn't seem scalable if we decide to call the verify callback in...