From d29cdd353772a0ade00bfd88da9812176562ed3f Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Tue, 21 Dec 2021 09:53:58 -0800
Subject: [PATCH 1/3] fix for --enable-ip-alt-name build

---
 wolfcrypt/src/asn.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 9a1ed7a11..240922f99 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -162,6 +162,9 @@ extern int wc_InitRsaHw(RsaKey* key);
     #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
+#ifdef WOLFSSL_IP_ALT_NAME
+    #include <wolfssl/ssl.h>
+#endif
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
     #include <wolfssl/internal.h>
     #include <wolfssl/openssl/objects.h>

From bbfcd0cac89c9d94c47bdd4c4782b27a8eabe038 Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Tue, 21 Dec 2021 10:20:34 -0800
Subject: [PATCH 2/3] fix build warning with af_alg

---
 wolfcrypt/src/port/af_alg/wc_afalg.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/wolfcrypt/src/port/af_alg/wc_afalg.c b/wolfcrypt/src/port/af_alg/wc_afalg.c
index 5e0ad7e39..264e712b7 100644
--- a/wolfcrypt/src/port/af_alg/wc_afalg.c
+++ b/wolfcrypt/src/port/af_alg/wc_afalg.c
@@ -36,11 +36,20 @@
 /* Sets the type of socket address to use */
 void wc_Afalg_SockAddr(struct sockaddr_alg* in, const char* type, const char* name)
 {
+    int typeSz = (int)XSTRLEN(type) + 1; /* +1 for null terminator */
+    int nameSz = (int)XSTRLEN(name) + 1; /* +1 for null terminator */
+
+    if (typeSz > (int)sizeof(in->salg_type) ||
+		    nameSz > (int)sizeof(in->salg_name)) {
+        WOLFSSL_MSG("type or name was too large");
+        return;
+    }
+
     in->salg_family = AF_ALG;
-    XSTRNCPY((char*)in->salg_type, type, XSTRLEN(type));
-    in->salg_type[XSTRLEN(type)] = '\0';
-    XSTRNCPY((char*)in->salg_name, name, XSTRLEN(name));
-    in->salg_name[XSTRLEN(name)] = '\0';
+    XSTRNCPY((char*)in->salg_type, type, typeSz);
+    in->salg_type[typeSz - 1] = '\0';
+    XSTRNCPY((char*)in->salg_name, name, nameSz);
+    in->salg_name[nameSz - 1] = '\0';
 }
 
 

From f9c9f4c8409f05656eddda65eae9007f1753c0b9 Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Thu, 23 Dec 2021 09:59:05 -0800
Subject: [PATCH 3/3] refactor IP macro defines

---
 wolfcrypt/src/asn.c     |  3 ---
 wolfssl/ssl.h           | 11 ++++-------
 wolfssl/wolfcrypt/asn.h |  9 +++++++++
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 240922f99..9a1ed7a11 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -162,9 +162,6 @@ extern int wc_InitRsaHw(RsaKey* key);
     #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
-#ifdef WOLFSSL_IP_ALT_NAME
-    #include <wolfssl/ssl.h>
-#endif
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
     #include <wolfssl/internal.h>
     #include <wolfssl/openssl/objects.h>
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 0b4d7866d..8ba0da8ea 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -603,13 +603,6 @@ struct WOLFSSL_X509_STORE {
 #define WOLFSSL_NO_WILDCARDS         0x2
 #define WOLFSSL_NO_PARTIAL_WILDCARDS 0x4
 
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
-    defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME)
-    #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
-    #define WOLFSSL_IP4_ADDR_LEN 4
-    #define WOLFSSL_IP6_ADDR_LEN 16
-#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
-
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
 #define WOLFSSL_USE_CHECK_TIME 0x2
 #define WOLFSSL_NO_CHECK_TIME  0x200000
@@ -621,6 +614,10 @@ struct WOLFSSL_X509_STORE {
 #define WOLFSSL_VPARAM_LOCKED           0x8
 #define WOLFSSL_VPARAM_ONCE             0x10
 
+#ifndef WOLFSSL_MAX_IPSTR
+    #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
+#endif
+
 struct WOLFSSL_X509_VERIFY_PARAM {
     time_t         check_time;
     unsigned int   inherit_flags;
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index 2614b4309..1816954a5 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -1168,6 +1168,15 @@ enum CsrAttrType {
 #define WC_NS_OBJSIGN_CA      0x01
 
 
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
+    defined(WOLFSSL_WPAS_SMALL) || defined(WOLFSSL_IP_ALT_NAME)
+    #ifndef WOLFSSL_MAX_IPSTR
+        #define WOLFSSL_MAX_IPSTR 46 /* max ip size IPv4 mapped IPv6 */
+    #endif
+    #define WOLFSSL_IP4_ADDR_LEN 4
+    #define WOLFSSL_IP6_ADDR_LEN 16
+#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
+
 typedef struct DNS_entry   DNS_entry;
 
 struct DNS_entry {