Enable all-zero shared secret check for Curve448/25519 by default. Ensure post_handshake_auth extension was sent before accepting post-handshake CertificateRequest message. #4754
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: WOLFSSL_API_PREFIX_MAP | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| make_and_analyze: | |
| strategy: | |
| matrix: | |
| config: [ | |
| '--enable-all --enable-mlkem --enable-mldsa --enable-xmss --enable-lms --enable-acert --with-sys-crypto-policy CFLAGS=-DWOLFSSL_API_PREFIX_MAP' | |
| ] | |
| name: make and analyze | |
| if: github.repository_owner == 'wolfssl' | |
| runs-on: ubuntu-24.04 | |
| # This should be a safe limit for the tests to run. | |
| timeout-minutes: 6 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| name: Checkout wolfSSL | |
| - name: Test --enable-opensslcoexist and TEST_OPENSSL_COEXIST | |
| run: | | |
| ./autogen.sh || $(exit 2) | |
| ./configure ${{ matrix.config }} || $(exit 3) | |
| make -j 4 || $(exit 4) | |
| # ignore properly prefixed symbols, and symbols associated with asm implementations (all internal) regardless of prefix: | |
| readelf --symbols --wide src/.libs/libwolfssl.so | \ | |
| awk ' | |
| BEGIN { | |
| total_public_symbols = 0; | |
| unprefixed_public_symbols = 0; | |
| } | |
| { | |
| if (($5 == "GLOBAL") && ($6 != "HIDDEN") && ($7 ~ /^[0-9]+$/)) { | |
| ++total_public_symbols; | |
| } | |
| } | |
| { | |
| if (($7 !~ /^[0-9]+$/) || | |
| ($8 ~ /^(wc_|wolf|WOLF|__pfx|fe_|sp_[a-zA-Z090-0_]*[0-9])/) || | |
| ($8 ~ /(_avx[12]|_AVX[12]|_sse[12]|_SSE[12]|_aesni|_AESNI|_bmi2|_x64$)/)) | |
| { | |
| next; | |
| } | |
| } | |
| { | |
| if (($4 == "FUNC") && ($5 == "GLOBAL") && ($6 == "DEFAULT")) { | |
| ++unprefixed_public_symbols; | |
| print; | |
| } | |
| } | |
| END { | |
| if (unprefixed_public_symbols) { | |
| print unprefixed_public_symbols " unprefixed public symbols found, of " total_public_symbols " total." >"/dev/stderr"; | |
| exit(1); | |
| } else { | |
| print total_public_symbols " public symbols found in libwolfssl, all OK."; | |
| exit(0); | |
| } | |
| }' || $(exit 5) |