feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Address code review

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2024-01-19 14:52:21 +01:00
parent afd0e5af4e
commit 1288d71132
3 changed files with 45 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/internal.c
View File

@ -26198,8 +26198,8 @@ ciphersuites introduced through the "bulk" ciphersuites.
@return true on success, else false. @return true on success, else false.
*/ */
int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, Suites* suites, static int ParseCipherList(Suites* suites,
const char* list) const char* list, ProtocolVersion version, int privateKeySz, byte side)
{ {
int ret = 0; int ret = 0;
int idx = 0; int idx = 0;
@ -26217,21 +26217,11 @@ int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, Suites* suites,
const int suiteSz = GetCipherNamesSize(); const int suiteSz = GetCipherNamesSize();
const char* next = list; const char* next = list;
ProtocolVersion version; if (suites == NULL || list == NULL) {
int privateKeySz = 0;
byte side;
if (suites == NULL || list == NULL || (ctx == NULL && ssl == NULL)) {
WOLFSSL_MSG("SetCipherList parameter error"); WOLFSSL_MSG("SetCipherList parameter error");
return 0; return 0;
} }
version = ctx != NULL ? ctx->method->version : ssl->version;
#ifndef NO_CERTS
privateKeySz = (int)(ctx != NULL ? ctx->privateKeySz : ssl->buffers.keySz);
#endif
side = (byte)(ctx != NULL ? ctx->method->side : ssl->options.side);
if (next[0] == 0 || XSTRCMP(next, "ALL") == 0 || if (next[0] == 0 || XSTRCMP(next, "ALL") == 0 ||
XSTRCMP(next, "DEFAULT") == 0 || XSTRCMP(next, "HIGH") == 0) { XSTRCMP(next, "DEFAULT") == 0 || XSTRCMP(next, "HIGH") == 0) {
/* Add all ciphersuites except anonymous and null ciphers. Prefer RSA */ /* Add all ciphersuites except anonymous and null ciphers. Prefer RSA */
@ -26640,6 +26630,41 @@ int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, Suites* suites,
return ret; return ret;
} }
int SetCipherList_ex(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl,
Suites* suites, const char* list)
{
ProtocolVersion version;
int privateKeySz = 0;
byte side;
if (ctx != NULL) {
version = ctx->method->version;
#ifndef NO_CERTS
privateKeySz = ctx->privateKeySz;
#endif
side = ctx->method->side;
}
else if (ssl != NULL) {
version = ssl->version;
#ifndef NO_CERTS
privateKeySz = ssl->buffers.keySz;
#endif
side = (byte)ssl->options.side;
}
else {
WOLFSSL_MSG("SetCipherList_ex parameter error");
return 0;
}
return ParseCipherList(suites, list, version, privateKeySz, side);
}
int SetCipherList(const WOLFSSL_CTX* ctx, Suites* suites,
const char* list)
{
return SetCipherList_ex(ctx, NULL, suites, list);
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES) #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)
int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list, int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
const int listSz) const int listSz)

8
src/ssl.c
View File

@ -11864,7 +11864,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
/* list has mixed(pre-TLSv13 and TLSv13) suites /* list has mixed(pre-TLSv13 and TLSv13) suites
* update cipher suites the same as before * update cipher suites the same as before
*/ */
return (SetCipherList(ctx, ssl, suites, list)) ? WOLFSSL_SUCCESS : return (SetCipherList_ex(ctx, ssl, suites, list)) ? WOLFSSL_SUCCESS :
WOLFSSL_FAILURE; WOLFSSL_FAILURE;
} }
else if (listattribute == 1) { else if (listattribute == 1) {
@ -11905,7 +11905,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
XMEMCPY(suitesCpy, suites->suites, suites->suiteSz); XMEMCPY(suitesCpy, suites->suites, suites->suiteSz);
suitesCpySz = suites->suiteSz; suitesCpySz = suites->suiteSz;
ret = SetCipherList(ctx, ssl, suites, list); ret = SetCipherList_ex(ctx, ssl, suites, list);
if (ret != 1) { if (ret != 1) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -11971,7 +11971,7 @@ int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list)
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
return wolfSSL_parse_cipher_list(ctx, NULL, ctx->suites, list); return wolfSSL_parse_cipher_list(ctx, NULL, ctx->suites, list);
#else #else
return (SetCipherList(ctx, NULL, ctx->suites, list)) ? return (SetCipherList(ctx, ctx->suites, list)) ?
WOLFSSL_SUCCESS : WOLFSSL_FAILURE; WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
#endif #endif
} }
@ -12007,7 +12007,7 @@ int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list)
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
return wolfSSL_parse_cipher_list(NULL, ssl, ssl->suites, list); return wolfSSL_parse_cipher_list(NULL, ssl, ssl->suites, list);
#else #else
return (SetCipherList(NULL, ssl, ssl->suites, list)) ? return (SetCipherList_ex(NULL, ssl, ssl->suites, list)) ?
WOLFSSL_SUCCESS : WOLFSSL_SUCCESS :
WOLFSSL_FAILURE; WOLFSSL_FAILURE;
#endif #endif

4
wolfssl/internal.h
View File

@ -2377,8 +2377,10 @@ typedef struct TLSX TLSX;
WOLFSSL_LOCAL int MatchSuite_ex(const WOLFSSL* ssl, Suites* peerSuites, WOLFSSL_LOCAL int MatchSuite_ex(const WOLFSSL* ssl, Suites* peerSuites,
CipherSuite* cs, TLSX* extensions); CipherSuite* cs, TLSX* extensions);
WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites); WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites);
WOLFSSL_LOCAL int SetCipherList(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl, WOLFSSL_LOCAL int SetCipherList_ex(const WOLFSSL_CTX* ctx, const WOLFSSL* ssl,
Suites* suites, const char* list); Suites* suites, const char* list);
WOLFSSL_LOCAL int SetCipherList(const WOLFSSL_CTX* ctx, Suites* suites,
const char* list);
WOLFSSL_LOCAL int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, WOLFSSL_LOCAL int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites,
const byte* list, const int listSz); const byte* list, const int listSz);
WOLFSSL_LOCAL int SetSuitesHashSigAlgo(Suites* suites, const char* list); WOLFSSL_LOCAL int SetSuitesHashSigAlgo(Suites* suites, const char* list);