diff --git a/configure.ac b/configure.ac index c25cde620..49f68bb75 100644 --- a/configure.ac +++ b/configure.ac @@ -587,6 +587,7 @@ if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xn then AM_CFLAGS="-DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB $AM_CFLAGS" AM_CFLAGS="-DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS $AM_CFLAGS" + AM_CFLAGS="-DHAVE_EXT_CACHE $AM_CFLAGS" fi if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes" diff --git a/examples/client/client.c b/examples/client/client.c index 649d1cb3b..84d65496c 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -2438,7 +2438,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) wolfSSL_CTX_SetCACb(ctx, CaCb); #endif -#ifdef HAVE_EXT_CACHE +#if defined(HAVE_EXT_CACHE) && !defined(NO_SESSION_CACHE) wolfSSL_CTX_sess_set_get_cb(ctx, mySessGetCb); wolfSSL_CTX_sess_set_new_cb(ctx, mySessNewCb); wolfSSL_CTX_sess_set_remove_cb(ctx, mySessRemCb); @@ -3203,7 +3203,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } #endif -#if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE) +#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \ + defined(HAVE_EXT_CACHE)) if (session != NULL && resumeSession) { flatSessionSz = wolfSSL_i2d_SSL_SESSION(session, NULL); if (flatSessionSz != 0) { diff --git a/src/ssl.c b/src/ssl.c index bf7cf307f..56de439ca 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16713,19 +16713,6 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, return WOLFSSL_SUCCESS; } - long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t) - { - word32 tmptime; - if (!ses || t < 0) - return BAD_FUNC_ARG; - - tmptime = t & 0xFFFFFFFF; - - ses->timeout = tmptime; - - return WOLFSSL_SUCCESS; - } - #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) @@ -27060,7 +27047,8 @@ int wolfSSL_sk_SSL_COMP_num(WOLF_STACK_OF(WOLFSSL_COMP)* sk) #endif /* OPENSSL_EXTRA */ -#if defined(OPENSSL_EXTRA) || defined(HAVE_EXT_CACHE) +#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \ + defined(HAVE_EXT_CACHE)) /* stunnel 4.28 needs * * Callback that is called if a session tries to resume but could not find @@ -27092,9 +27080,6 @@ void wolfSSL_CTX_sess_set_new_cb(WOLFSSL_CTX* ctx, #endif } -#endif /* OPENSSL_EXTRA || HAVE_EXT_CACHE */ - -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*, WOLFSSL_SESSION*)) { @@ -27107,9 +27092,7 @@ void wolfSSL_CTX_sess_set_remove_cb(WOLFSSL_CTX* ctx, void (*f)(WOLFSSL_CTX*, (void)f; #endif } -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ -#ifdef OPENSSL_EXTRA /* * @@ -27479,7 +27462,6 @@ end: return s; } - long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess) { long timeout = 0; @@ -27499,8 +27481,20 @@ long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess) return bornOn; } +long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t) +{ + word32 tmptime; + if (!ses || t < 0) + return BAD_FUNC_ARG; -#endif /* OPENSSL_EXTRA */ + tmptime = t & 0xFFFFFFFF; + + ses->timeout = tmptime; + + return WOLFSSL_SUCCESS; +} + +#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */ #ifdef KEEP_PEER_CERT @@ -41961,6 +41955,8 @@ int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *x) return WOLFSSL_FAILURE; #endif +#if !defined(NO_SESSION_CACHE) && (defined(OPENSSL_EXTRA) || \ + defined(HAVE_EXT_CACHE)) if (wolfSSL_BIO_printf(bp, " Start Time: %ld\n", wolfSSL_SESSION_get_time(x)) <= 0) return WOLFSSL_FAILURE; @@ -41968,6 +41964,7 @@ int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *x) if (wolfSSL_BIO_printf(bp, " Timeout : %ld (sec)\n", wolfSSL_SESSION_get_timeout(x)) <= 0) return WOLFSSL_FAILURE; +#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */ /* @TODO verify return code print */ diff --git a/tests/api.c b/tests/api.c index 8d8b5e3d0..2297a2996 100644 --- a/tests/api.c +++ b/tests/api.c @@ -29165,18 +29165,20 @@ static void test_wolfSSL_BIO_f_md(void) static void test_wolfSSL_SESSION(void) { -#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ !defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \ - defined(HAVE_IO_TESTS_DEPENDENCIES) + defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_SESSION_CACHE) WOLFSSL* ssl; WOLFSSL_CTX* ctx; WOLFSSL_SESSION* sess; WOLFSSL_SESSION* sess_copy; - const unsigned char context[] = "user app context"; unsigned char* sessDer = NULL; unsigned char* ptr = NULL; +#ifdef OPENSSL_EXTRA + const unsigned char context[] = "user app context"; unsigned int contextSz = (unsigned int)sizeof(context); +#endif int ret, err, sockfd, sz; tcp_ready ready; func_args server_args; @@ -29185,7 +29187,10 @@ static void test_wolfSSL_SESSION(void) printf(testingFmt, "wolfSSL_SESSION()"); /* TLS v1.3 requires session tickets */ -#if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12) + /* CHACHA and POLY1305 required for myTicketEncCb */ +#if defined(WOLFSSL_TLS13) && (!defined(HAVE_SESSION_TICKET) && \ + !defined(WOLFSSL_NO_TLS12) || !(defined(HAVE_CHACHA) && \ + defined(HAVE_POLY1305))) AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); #else AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); @@ -29251,7 +29256,7 @@ static void test_wolfSSL_SESSION(void) fdOpenSession(Task_self()); #endif -#if defined(SESSION_CERTS) +#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) { X509 *x509; char buf[30]; @@ -29305,6 +29310,7 @@ static void test_wolfSSL_SESSION(void) } #endif +#ifdef OPENSSL_EXTRA /* fail case with miss match session context IDs (use compatibility API) */ AssertIntEQ(SSL_set_session_id_context(ssl, context, contextSz), SSL_SUCCESS); @@ -29316,6 +29322,7 @@ static void test_wolfSSL_SESSION(void) SSL_SUCCESS); AssertNotNull(ssl = wolfSSL_new(ctx)); AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE); +#endif wolfSSL_free(ssl); SSL_SESSION_free(sess);