feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Rename callback to wolfDTLS_SetChGoodCb and add doxygen for it. Clarify DTLS_CTX.connected. Fix build errors for ./configure --enable-dtls --enable-dtls13 --disable-examples CFLAGS="-DNO_WOLFSSL_SERVER".

Browse Source
This commit is contained in:
David Garske
2022-07-01 12:05:25 -07:00
committed by Juliusz Sosinowicz
parent 7ea13bf5bf
commit 00391a5ace
6 changed files with 46 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
doc/dox_comments/header_files/ssl.h
View File

@ -1595,7 +1595,7 @@ WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
\sa wolfSSL_SetIOReadCtx \sa wolfSSL_SetIOReadCtx
\sa wolfSSL_SetIOWriteCtx \sa wolfSSL_SetIOWriteCtx
*/ */
int wolfSSL_set_fd (WOLFSSL* ssl, int fd); int wolfSSL_set_fd(WOLFSSL* ssl, int fd);
/*! /*!
\ingroup Setup \ingroup Setup
@ -1631,9 +1631,40 @@ int wolfSSL_set_fd (WOLFSSL* ssl, int fd);
\sa wolfSSL_CTX_SetIORecv \sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_SetIOReadCtx \sa wolfSSL_SetIOReadCtx
\sa wolfSSL_SetIOWriteCtx \sa wolfSSL_SetIOWriteCtx
\sa wolfDTLS_SetChGoodCb
*/ */
int wolfSSL_set_dtls_fd_connected(WOLFSSL* ssl, int fd) int wolfSSL_set_dtls_fd_connected(WOLFSSL* ssl, int fd)
/*!
\ingroup Setup
\brief Allows setting a callback for DTLS client hello "good".
\return SSL_SUCCESS upon success.
\return BAD_FUNC_ARG upon failure.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param fd file descriptor to use with SSL/TLS connection.
_Example_
\code
// Called when we have verified a connection
static int chGoodCb(WOLFSSL* ssl, void* arg)
{
// setup peer and file descriptors
}
if (wolfDTLS_SetChGoodCb(ssl, chGoodCb, NULL) != WOLFSSL_SUCCESS) {
// error setting callback
}
\endcode
\sa wolfSSL_set_dtls_fd_connected
*/
int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx);
/*! /*!
\ingroup IO \ingroup IO

2
src/dtls13.c
View File

@ -331,6 +331,8 @@ static byte Dtls13RtxMsgNeedsAck(WOLFSSL* ssl, enum HandShakeType hs)
message */ message */
if (ssl->options.side == WOLFSSL_SERVER_END && (hs == finished)) if (ssl->options.side == WOLFSSL_SERVER_END && (hs == finished))
return 1; return 1;
#else
(void)ssl;
#endif /* NO_WOLFSSL_SERVER */ #endif /* NO_WOLFSSL_SERVER */
if (hs == session_ticket || hs == key_update) if (hs == session_ticket || hs == key_update)

4
src/internal.c
View File

@ -554,7 +554,7 @@ int IsDtlsNotSctpMode(WOLFSSL* ssl)
#endif #endif
} }
#ifndef WOLFSSL_NO_TLS12 #if !defined(WOLFSSL_NO_TLS12) && !defined(NO_WOLFSSL_SERVER)
/* Secure Real-time Transport Protocol */ /* Secure Real-time Transport Protocol */
/* If SRTP is not enabled returns the state of the dtls option. /* If SRTP is not enabled returns the state of the dtls option.
* If SRTP is enabled returns dtls && !dtlsSrtpProfiles. */ * If SRTP is enabled returns dtls && !dtlsSrtpProfiles. */
@ -566,7 +566,7 @@ static WC_INLINE int IsDtlsNotSrtpMode(WOLFSSL* ssl)
return ssl->options.dtls; return ssl->options.dtls;
#endif #endif
} }
#endif /* !WOLFSSL_NO_TLS12 */ #endif /* !WOLFSSL_NO_TLS12 && !NO_WOLFSSL_SERVER */
#endif /* WOLFSSL_DTLS */ #endif /* WOLFSSL_DTLS */

4
src/ssl.c
View File

@ -12794,9 +12794,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif /* NO_WOLFSSL_SERVER */ #endif /* NO_WOLFSSL_SERVER */
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER) #if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
int wolfSSL_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx) int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx)
{ {
WOLFSSL_ENTER("wolfSSL_SetChGoodCb"); WOLFSSL_ENTER("wolfDTLS_SetChGoodCb");
if (ssl == NULL) if (ssl == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;

5
wolfssl/internal.h
View File

@ -2228,7 +2228,10 @@ typedef struct WOLFSSL_DTLS_CTX {
int rfd; int rfd;
int wfd; int wfd;
byte userSet:1; byte userSet:1;
byte connected:1; /* Set when the rfd and wfd are connected sockets */ byte connected:1; /* When set indicates rfd and wfd sockets are
* connected (connect() and bind() both called).
* This means that sendto and recvfrom do not need to
* specify and store the peer address. */
} WOLFSSL_DTLS_CTX; } WOLFSSL_DTLS_CTX;

5
wolfssl/ssl.h
View File

@ -3943,10 +3943,13 @@ WOLFSSL_API int wolfSSL_CTX_DisableExtendedMasterSecret(WOLFSSL_CTX* ctx);
#define WOLFSSL_CRL_START_MON 0x02 /* start monitoring flag */ #define WOLFSSL_CRL_START_MON 0x02 /* start monitoring flag */
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
/* notify user we parsed a verified ClientHello is done. This only has an effect /* notify user we parsed a verified ClientHello is done. This only has an effect
* on the server end. */ * on the server end. */
typedef int (*ClientHelloGoodCb)(WOLFSSL* ssl, void*); typedef int (*ClientHelloGoodCb)(WOLFSSL* ssl, void*);
WOLFSSL_API int wolfSSL_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx); WOLFSSL_API int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx);
#endif
/* notify user the handshake is done */ /* notify user the handshake is done */
typedef int (*HandShakeDoneCb)(WOLFSSL* ssl, void*); typedef int (*HandShakeDoneCb)(WOLFSSL* ssl, void*);
WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx); WOLFSSL_API int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx);