Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enables dynamic TLS cert loading with OCSP

Browse Source 
Exposes dynamic TLS certificate loading and OCSP stapling to allow applications to load certs lazily.

The server no longer needs to load the CA to staple OCSP responses.

Adds a certificate setup callback (WOLFSSL_CERT_SETUP_CB)
Adds an OCSP status callback to load OCSP responses directly
Adds `wc_NewOCSP`, `wc_FreeOCSP`, and `wc_CheckCertOcspResponse`
Don't call verify twice on the same error
Send correct alert on status response error
This commit is contained in:
Juliusz Sosinowicz
2025-08-14 12:14:55 +02:00
parent ea4554c941
commit f9063c406b
35 changed files with 1768 additions and 404 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/os-check.yml vendored
View File

@@ -61,6 +61,8 @@ jobs:
'--enable-all CPPFLAGS=-DWOLFSSL_DEBUG_CERTS ',
'--enable-all CFLAGS="-DWOLFSSL_CHECK_MEM_ZERO"',
'--enable-coding=no',
'--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2
--enable-cert-setup-cb --enable-sessioncerts',
]
name: make check
if: github.repository_owner == 'wolfssl'