Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wolfssl, tls early data #16167

Closed
wants to merge 12 commits into from
Closed

wolfssl, tls early data #16167

wants to merge 12 commits into from

Conversation

icing
Copy link
Contributor

@icing icing commented Feb 4, 2025

Enable TLS Early Data for wolfSSL:

  • merge WOLFSSL_CTX and WOLFSSL setup from ngtcp2 with the general implemenation in wolfssl.c
  • enable for QUIC via ngtcp2
  • give Curl_vquic_tls_init() a struct alpn_spec like used for the TCP case. Adapt gnutls and other users.
  • enable pytest test cases for early data with wolfSSL

and while this messes up wolfssl.c anyway, do

  • rename all struct/functions with prefix 'wolfssl_' to 'wssl_' to not pollute that name prefix
  • rename ctx/handle to ssl_ctx/ssl, as used in openssl case

@github-actions github-actions bot added the tests label Feb 4, 2025
@bagder bagder added the feature-window A merge of this requires an open feature window label Feb 9, 2025
@icing icing force-pushed the wolfssl-earlydata branch 2 times, most recently from 6c8686f to 92b27a5 Compare February 20, 2025 12:43
@icing icing requested a review from bagder February 20, 2025 14:42
@icing icing force-pushed the wolfssl-earlydata branch from 9641907 to 8de1264 Compare February 22, 2025 09:29
@bagder
Copy link
Member

bagder commented Feb 22, 2025

This should be mentioned in CURLOPT_SSL_OPTIONS.md for wolfSSL and curl 8.13.0, right?

@icing
Copy link
Contributor Author

icing commented Feb 22, 2025

This should be mentioned in CURLOPT_SSL_OPTIONS.md for wolfSSL and curl 8.13.0, right?

Right. Just added it.

icing added 12 commits February 22, 2025 14:51
@icing
wolfssl, tls early data
6e14234 
Enable TLS Early Data for wolfSSL:

- merge WOLFSSL_CTX and WOLFSSL setup from ngtcp2 with the general implemenation in wolfssl.c
- enable for QUIC via ngtcp2
- give Curl_vquic_tls_init() a `struct alpn_spec` like used for the TCP case. Adapt gnutls and other users.
- enable pytest test cases for early data with wolfSSL

and while this messes up wolfssl.c anyway, do

- rename all struct/functions with prefix 'wolfssl_' to 'wssl_' to not pollute that name prefix
- rename `ctx/handle` to `ssl_ctx/ssl`, as used in openssl case
@icing
fix code in ECH ifdefs
e46f109
@icing
ifdef WOLFSSL_EARLY_DATA support, fixed unused alpns param
11f141c
@icing
fix unused local var
965caa5
@icing
ifdef for WOLFSSL_QUIC presence
40259af
@icing
do not use wolfSSL_set_alpn_protos from its openssl compat layer
09d8eed
@icing
ngtcp2, ifdef WOLFSSL_EARLY_DATA
30e3e22
@icing
init local result var when declaring
b11a3ec
@icing
use "wolf" prefix for functions everyhwere
176b83a 
Some functions may only available in wolfSSl when built with
"openssl-extra", but use the wolf* names to avoid any confusion.
@icing
resolving merge hickups
b479864
@icing
remove result redeclaration
b8d9c15
@icing
update documentation
58f3e6a
@icing icing force-pushed the wolfssl-earlydata branch from 3df548b to 58f3e6a Compare February 22, 2025 13:57
@bagder bagder closed this in edd573d Feb 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bagder bagder Awaiting requested review from bagder

Assignees
No one assigned
Labels
feature-window A merge of this requires an open feature window tests
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@icing @bagder