feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4931 from douzzer/20220307-early-data-and-c99-fixes

Browse Source 
enable-earlydata vs enable-fips/enable-asynccrypt
This commit is contained in:
Daniel Pouzzner
2022-03-08 07:34:58 -06:00
committed by GitHub
parent 872ed28882 9b808bde20
commit 031c97f835
7 changed files with 107 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
configure.ac
View File

@@ -97,12 +97,10 @@ AC_CHECK_FUNCS([gethostbyname getaddrinfo gettimeofday gmtime_r inet_ntoa memset
AC_CHECK_DECLS([gethostbyname, getaddrinfo, gettimeofday, gmtime_r, inet_ntoa, memset, socket, strftime], [], [ AC_CHECK_DECLS([gethostbyname, getaddrinfo, gettimeofday, gmtime_r, inet_ntoa, memset, socket, strftime], [], [
if test "$(eval echo \$"$(eval 'echo ac_cv_func_${as_decl_name}')")" = "yes" if test "$(eval echo \$"$(eval 'echo ac_cv_func_${as_decl_name}')")" = "yes"
then then
echo " note: earlier check for $(eval 'echo ${as_decl_name}') superseded." AC_MSG_NOTICE([ note: earlier check for $(eval 'echo ${as_decl_name}') superseded.])
eval "$(eval 'echo ac_cv_func_${as_decl_name}=no')" eval "ac_cv_func_${as_decl_name}=no"
_mask_varname=HAVE_`eval "echo '${as_decl_name}'" | tr 'a-z' 'A-Z'` _mask_varname=HAVE_`eval "echo '${as_decl_name}'" | tr 'a-z' 'A-Z'`
echo "g/#define $_mask_varname 1/s//\/* #undef $_mask_varname *\// sed --in-place "s~^#define ${_mask_varname} 1$~~" confdefs.h
wq
." | ed -s confdefs.h
fi fi
], [[ ], [[
#ifdef HAVE_SYS_SOCKET_H #ifdef HAVE_SYS_SOCKET_H
@@ -586,7 +584,10 @@ then
test "$enable_trusted_ca" = "" && enable_trusted_ca=yes test "$enable_trusted_ca" = "" && enable_trusted_ca=yes
test "$enable_session_ticket" = "" && enable_session_ticket=yes test "$enable_session_ticket" = "" && enable_session_ticket=yes
test "$enable_earlydata" = "" && enable_earlydata=yes # don't add earlydata when assynccrypt, pending fix:
if test "$enable_asynccrypt" != "yes"; then
test "$enable_earlydata" = "" && enable_earlydata=yes
fi
if test "$ENABLED_32BIT" != "yes" if test "$ENABLED_32BIT" != "yes"
then then

44
scripts/tls13.test
View File

@@ -23,12 +23,12 @@ counter=0
# let's use absolute path to a local dir (make distcheck may be in sub dir) # let's use absolute path to a local dir (make distcheck may be in sub dir)
# also let's add some randomness by adding pid in case multiple 'make check's # also let's add some randomness by adding pid in case multiple 'make check's
# per source tree # per source tree
ready_file=`pwd`/wolfssl_tls13_ready$$ ready_file="$(pwd)/wolfssl_tls13_ready$$"
client_file=`pwd`/wolfssl_tls13_client$$ client_file="$(pwd)/wolfssl_tls13_client$$"
# Server output # Server output
server_out_file=`pwd`/wolfssl_tls13_server_out$$ server_out_file="$(pwd)/wolfssl_tls13_server_out$$"
# Client output # Client output
client_out_file=`pwd`/wolfssl_tls13_client_out$$ client_out_file="$(pwd)/wolfssl_tls13_client_out$$"
echo "ready file "$ready_file"" echo "ready file "$ready_file""
@@ -49,7 +49,7 @@ create_port() {
sleep 0.1 sleep 0.1
# get created port 0 ephemeral port # get created port 0 ephemeral port
port=`cat "$ready_file"` port="$(cat "$ready_file")"
else else
echo -e "NO ready file ending test..." echo -e "NO ready file ending test..."
do_cleanup do_cleanup
@@ -69,7 +69,7 @@ do_cleanup() {
if [ $server_pid != $no_pid ] if [ $server_pid != $no_pid ]
then then
echo "killing server" echo "killing server"
kill -9 $server_pid kill -9 $server_pid 2>/dev/null
server_pid=$no_pid server_pid=$no_pid
fi fi
remove_ready_file remove_ready_file
@@ -124,7 +124,7 @@ echo ""
# TLS 1.3 cipher suites server / client. # TLS 1.3 cipher suites server / client.
echo -e "\n\nTLS v1.3 cipher suite mismatch" echo -e "\n\nTLS v1.3 cipher suite mismatch"
port=0 port=0
./examples/server/server -v 4 -R "$ready_file" -p $port -l TLS13-CHACHA20-POLY1305-SHA256 & ./examples/server/server -v 4 -R "$ready_file" -p $port -l TLS13-AES128-GCM-SHA256 &
server_pid=$! server_pid=$!
create_port create_port
./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384 ./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384
@@ -138,9 +138,9 @@ fi
do_cleanup do_cleanup
echo "" echo ""
cat ./wolfssl/options.h | grep -- 'NO_CERTS' cat ./wolfssl/options.h | grep -F -e 'NO_CERTS'
NO_CERTS=$? NO_CERTS=$?
cat ./wolfssl/options.h | grep -- 'WOLFSSL_NO_CLIENT_AUTH' cat ./wolfssl/options.h | grep -F -e 'WOLFSSL_NO_CLIENT_AUTH'
NO_CLIENT_AUTH=$? NO_CLIENT_AUTH=$?
if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then
# TLS 1.3 mutual auth required but client doesn't send certificates. # TLS 1.3 mutual auth required but client doesn't send certificates.
@@ -162,7 +162,7 @@ if [ $NO_CERTS -ne 0 -a $NO_CLIENT_AUTH -ne 0 ]; then
fi fi
# Check for TLS 1.2 support # Check for TLS 1.2 support
./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version' ./examples/client/client -v 3 2>&1 | grep -F -e 'Bad SSL version'
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
# TLS 1.3 server / TLS 1.2 client. # TLS 1.3 server / TLS 1.2 client.
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2" echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
@@ -202,7 +202,7 @@ if [ $? -ne 0 ]; then
for CS in ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 for CS in ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256
do do
echo $CS echo $CS
./examples/client/client -e | grep $CS >/dev/null ./examples/client/client -e | grep -F -e "$CS" >/dev/null
if [ "$?" = "0" ]; then if [ "$?" = "0" ]; then
TLS12_CS=$CS TLS12_CS=$CS
break break
@@ -234,11 +234,11 @@ if [ $? -ne 0 ]; then
fi fi
# Check for EarlyData support # Check for EarlyData support
./examples/client/client -? 2>&1 | grep -- 'Early data' ./examples/client/client -? 2>&1 | grep -F -e 'Early data'
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
early_data=yes early_data=yes
fi fi
./examples/client/client -? 2>&1 | grep -- 'Shared keys' ./examples/client/client -? 2>&1 | grep -F -e 'Shared keys'
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
psk=yes psk=yes
fi fi
@@ -254,13 +254,13 @@ if [ "$early_data" = "yes" ]; then
RESULT=$? RESULT=$?
cat "$client_out_file" cat "$client_out_file"
remove_ready_file remove_ready_file
grep 'Session Ticket' "$client_out_file" grep -F -e 'Session Ticket' "$client_out_file"
session_ticket=$? session_ticket=$?
ed_srv_msgcnt=`grep 'Early Data Client message' "$server_out_file" | wc -l` ed_srv_msg_cnt="$(grep -c -F -e 'Early Data Client message' "$server_out_file")"
ed_srv_status_cnt=`grep 'Early Data was' "$server_out_file" | wc -l` ed_srv_status_cnt="$(grep -c -F -e 'Early Data was' "$server_out_file")"
if [ $session_ticket -eq 0 -a $ed_srv_msgcnt -ne 2 \ if [ $session_ticket -eq 0 -a $ed_srv_msg_cnt -ne 2 \
-a $ed_srv_status_cnt -ne 2]; then -a $ed_srv_status_cnt -ne 2 ]; then
RESULT=1 RESULT=1
fi fi
if [ $RESULT -ne 0 ]; then if [ $RESULT -ne 0 ]; then
@@ -286,15 +286,15 @@ if [ "$early_data" = "yes" -a "$psk" = "yes" ]; then
# wait for the server to quit and write output # wait for the server to quit and write output
wait $server_pid wait $server_pid
ed_srv_msgcnt=`grep 'Early Data Client message' "$server_out_file" | wc -l` ed_srv_msgcnt="$(grep -c -F -e 'Early Data Client message' "$server_out_file")"
ed_srv_status_cnt=`grep 'Early Data was' "$server_out_file" | wc -l` ed_srv_status_cnt="$(grep -c -F -e 'Early Data was' "$server_out_file")"
if [ $ed_srv_msgcnt -ne 2 -a $ed_srv_status_cnt -ne 1 ]; then if [ $ed_srv_msgcnt -ne 2 -a $ed_srv_status_cnt -ne 1 ]; then
echo echo
echo "Server out file" echo "Server out file"
cat "$server_out_file" cat "$server_out_file"
echo echo
echo "Found lines" echo "Found lines"
grep 'Early Data' "$server_out_file" grep -F -e 'Early Data' "$server_out_file"
echo -e "\n\nUnexpected 'Early Data' lines - $early_data_cnt" echo -e "\n\nUnexpected 'Early Data' lines - $early_data_cnt"
RESULT=1 RESULT=1
fi fi

44
src/ssl.c
View File

@@ -47574,32 +47574,32 @@ static int get_ex_new_index(int class_index)
int idx = -1; int idx = -1;
switch(class_index) { switch(class_index) {
case CRYPTO_EX_INDEX_SSL: case WOLF_CRYPTO_EX_INDEX_SSL:
idx = ssl_idx++; idx = ssl_idx++;
break; break;
case CRYPTO_EX_INDEX_SSL_CTX: case WOLF_CRYPTO_EX_INDEX_SSL_CTX:
idx = ctx_idx++; idx = ctx_idx++;
break; break;
case CRYPTO_EX_INDEX_X509: case WOLF_CRYPTO_EX_INDEX_X509:
idx = x509_idx++; idx = x509_idx++;
break; break;
case CRYPTO_EX_INDEX_SSL_SESSION: case WOLF_CRYPTO_EX_INDEX_SSL_SESSION:
idx = ssl_session_idx++; idx = ssl_session_idx++;
break; break;
/* following class indexes are not supoprted */ /* following class indexes are not supoprted */
case CRYPTO_EX_INDEX_X509_STORE: case WOLF_CRYPTO_EX_INDEX_X509_STORE:
case CRYPTO_EX_INDEX_X509_STORE_CTX: case WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX:
case CRYPTO_EX_INDEX_DH: case WOLF_CRYPTO_EX_INDEX_DH:
case CRYPTO_EX_INDEX_DSA: case WOLF_CRYPTO_EX_INDEX_DSA:
case CRYPTO_EX_INDEX_EC_KEY: case WOLF_CRYPTO_EX_INDEX_EC_KEY:
case CRYPTO_EX_INDEX_RSA: case WOLF_CRYPTO_EX_INDEX_RSA:
case CRYPTO_EX_INDEX_ENGINE: case WOLF_CRYPTO_EX_INDEX_ENGINE:
case CRYPTO_EX_INDEX_UI: case WOLF_CRYPTO_EX_INDEX_UI:
case CRYPTO_EX_INDEX_BIO: case WOLF_CRYPTO_EX_INDEX_BIO:
case CRYPTO_EX_INDEX_APP: case WOLF_CRYPTO_EX_INDEX_APP:
case CRYPTO_EX_INDEX_UI_METHOD: case WOLF_CRYPTO_EX_INDEX_UI_METHOD:
case CRYPTO_EX_INDEX_DRBG: case WOLF_CRYPTO_EX_INDEX_DRBG:
default: default:
break; break;
} }
@@ -47633,7 +47633,7 @@ int wolfSSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b,
(void)b; (void)b;
(void)c; (void)c;
return get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX); return get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX);
} }
/* Return the index that can be used for the WOLFSSL structure to store /* Return the index that can be used for the WOLFSSL structure to store
@@ -47653,7 +47653,7 @@ int wolfSSL_get_ex_new_index(long argValue, void* arg,
(void)cb2; (void)cb2;
(void)cb3; (void)cb3;
return get_ex_new_index(CRYPTO_EX_INDEX_SSL); return get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL);
} }
@@ -49121,7 +49121,7 @@ int wolfSSL_SESSION_get_ex_new_index(long idx, void* data, void* cb1,
(void)cb2; (void)cb2;
(void)cb3; (void)cb3;
(void)data; (void)data;
return get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION); return get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION);
} }
#endif #endif
@@ -58123,9 +58123,9 @@ int wolfSSL_CRYPTO_set_ex_data_with_cleanup(
* Issues unique index for the class specified by class_index. * Issues unique index for the class specified by class_index.
* Other parameter except class_index are ignored. * Other parameter except class_index are ignored.
* Currently, following class_index are accepted: * Currently, following class_index are accepted:
* - CRYPTO_EX_INDEX_SSL * - WOLF_CRYPTO_EX_INDEX_SSL
* - CRYPTO_EX_INDEX_SSL_CTX * - WOLF_CRYPTO_EX_INDEX_SSL_CTX
* - CRYPTO_EX_INDEX_X509 * - WOLF_CRYPTO_EX_INDEX_X509
* @param class_index index one of CRYPTO_EX_INDEX_xxx * @param class_index index one of CRYPTO_EX_INDEX_xxx
* @param argp parameters to be saved * @param argp parameters to be saved
* @param argl parameters to be saved * @param argl parameters to be saved

40
tests/api.c
View File

@@ -51226,61 +51226,61 @@ static void test_wolfSSL_CRYPTO_get_ex_new_index(void)
printf(testingFmt, "test_wolfSSL_CRYPTO_get_ex_new_index()"); printf(testingFmt, "test_wolfSSL_CRYPTO_get_ex_new_index()");
/* test for unsupported class index */ /* test for unsupported class index */
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_APP, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI_METHOD, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG,
0,NULL, NULL, NULL, NULL ), -1); 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1); AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1);
/* test for supported class index */ /* test for supported class index */
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1); AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1); AssertIntNE(idx2, -1);
AssertIntNE(idx1, idx2); AssertIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1); AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1); AssertIntNE(idx2, -1);
AssertIntNE(idx1, idx2); AssertIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1); AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1); AssertIntNE(idx2, -1);
AssertIntNE(idx1, idx2); AssertIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
0,NULL, NULL, NULL, NULL ); 0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1); AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1); AssertIntNE(idx2, -1);

34
wolfssl/openssl/crypto.h
View File

@@ -68,23 +68,23 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETT
#endif #endif
/* class index for wolfSSL_CRYPTO_get_ex_new_index */ /* class index for wolfSSL_CRYPTO_get_ex_new_index */
#define CRYPTO_EX_INDEX_SSL 0 #define CRYPTO_EX_INDEX_SSL WOLF_CRYPTO_EX_INDEX_SSL
#define CRYPTO_EX_INDEX_SSL_CTX 1 #define CRYPTO_EX_INDEX_SSL_CTX WOLF_CRYPTO_EX_INDEX_SSL_CTX
#define CRYPTO_EX_INDEX_SSL_SESSION 2 #define CRYPTO_EX_INDEX_SSL_SESSION WOLF_CRYPTO_EX_INDEX_SSL_SESSION
#define CRYPTO_EX_INDEX_X509 3 #define CRYPTO_EX_INDEX_X509 WOLF_CRYPTO_EX_INDEX_X509
#define CRYPTO_EX_INDEX_X509_STORE 4 #define CRYPTO_EX_INDEX_X509_STORE WOLF_CRYPTO_EX_INDEX_X509_STORE
#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 #define CRYPTO_EX_INDEX_X509_STORE_CTX WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX
#define CRYPTO_EX_INDEX_DH 6 #define CRYPTO_EX_INDEX_DH WOLF_CRYPTO_EX_INDEX_DH
#define CRYPTO_EX_INDEX_DSA 7 #define CRYPTO_EX_INDEX_DSA WOLF_CRYPTO_EX_INDEX_DSA
#define CRYPTO_EX_INDEX_EC_KEY 8 #define CRYPTO_EX_INDEX_EC_KEY WOLF_CRYPTO_EX_INDEX_EC_KEY
#define CRYPTO_EX_INDEX_RSA 9 #define CRYPTO_EX_INDEX_RSA WOLF_CRYPTO_EX_INDEX_RSA
#define CRYPTO_EX_INDEX_ENGINE 10 #define CRYPTO_EX_INDEX_ENGINE WOLF_CRYPTO_EX_INDEX_ENGINE
#define CRYPTO_EX_INDEX_UI 11 #define CRYPTO_EX_INDEX_UI WOLF_CRYPTO_EX_INDEX_UI
#define CRYPTO_EX_INDEX_BIO 12 #define CRYPTO_EX_INDEX_BIO WOLF_CRYPTO_EX_INDEX_BIO
#define CRYPTO_EX_INDEX_APP 13 #define CRYPTO_EX_INDEX_APP WOLF_CRYPTO_EX_INDEX_APP
#define CRYPTO_EX_INDEX_UI_METHOD 14 #define CRYPTO_EX_INDEX_UI_METHOD WOLF_CRYPTO_EX_INDEX_UI_METHOD
#define CRYPTO_EX_INDEX_DRBG 15 #define CRYPTO_EX_INDEX_DRBG WOLF_CRYPTO_EX_INDEX_DRBG
#define CRYPTO_EX_INDEX__COUNT 16 #define CRYPTO_EX_INDEX__COUNT WOLF_CRYPTO_EX_INDEX__COUNT
#define crypto_threadid_st WOLFSSL_CRYPTO_THREADID #define crypto_threadid_st WOLFSSL_CRYPTO_THREADID
#define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID #define CRYPTO_THREADID WOLFSSL_CRYPTO_THREADID

1
wolfssl/openssl/ssl.h
View File

@@ -1277,7 +1277,6 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L #define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L
#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L #define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L
#define CRYPTO_EX_INDEX_SSL 0
#define TLS_ANY_VERSION 0x10000 #define TLS_ANY_VERSION 0x10000
#define DTLS1_2_VERSION 0xFEFD #define DTLS1_2_VERSION 0xFEFD
#define DTLS_MAX_VERSION DTLS1_2_VERSION #define DTLS_MAX_VERSION DTLS1_2_VERSION

19
wolfssl/ssl.h
View File

@@ -1146,6 +1146,25 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_SESSION_get0_peer(WOLFSSL_SESSION* session);
typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*); typedef int (*VerifyCallback)(int, WOLFSSL_X509_STORE_CTX*);
typedef void (CallbackInfoState)(const WOLFSSL* ssl, int, int); typedef void (CallbackInfoState)(const WOLFSSL* ssl, int, int);
/* class index for wolfSSL_CRYPTO_get_ex_new_index */
#define WOLF_CRYPTO_EX_INDEX_SSL 0
#define WOLF_CRYPTO_EX_INDEX_SSL_CTX 1
#define WOLF_CRYPTO_EX_INDEX_SSL_SESSION 2
#define WOLF_CRYPTO_EX_INDEX_X509 3
#define WOLF_CRYPTO_EX_INDEX_X509_STORE 4
#define WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX 5
#define WOLF_CRYPTO_EX_INDEX_DH 6
#define WOLF_CRYPTO_EX_INDEX_DSA 7
#define WOLF_CRYPTO_EX_INDEX_EC_KEY 8
#define WOLF_CRYPTO_EX_INDEX_RSA 9
#define WOLF_CRYPTO_EX_INDEX_ENGINE 10
#define WOLF_CRYPTO_EX_INDEX_UI 11
#define WOLF_CRYPTO_EX_INDEX_BIO 12
#define WOLF_CRYPTO_EX_INDEX_APP 13
#define WOLF_CRYPTO_EX_INDEX_UI_METHOD 14
#define WOLF_CRYPTO_EX_INDEX_DRBG 15
#define WOLF_CRYPTO_EX_INDEX__COUNT 16
#ifdef HAVE_EX_DATA #ifdef HAVE_EX_DATA
typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr, typedef int (WOLFSSL_CRYPTO_EX_new)(void* p, void* ptr,
WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg); WOLFSSL_CRYPTO_EX_DATA* a, int idx, long argValue, void* arg);