From 23ba1e7e9814cfb2f94223aa6011ed7f27ba8d42 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 6 Sep 2022 09:47:43 -0700 Subject: [PATCH] Minor cleanups. Gate these API's on `OPENSSL_EXTRA` or `WOLFSSL_SET_CIPHER_BYTES` to keep code size reduced. --- src/internal.c | 5 +++-- src/ssl.c | 30 ++++++++++++++++++++++-------- tests/api.c | 6 ++++-- 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/src/internal.c b/src/internal.c index 86d531304..8da1528d3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -24086,7 +24086,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list) return ret; } - +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES) int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list, const int listSz) { @@ -24100,7 +24100,6 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list, int haveDilithiumSig = 0; int haveAnon = 0; - if (suites == NULL || list == NULL) { WOLFSSL_MSG("SetCipherListFromBytes parameter error"); return 0; @@ -24194,6 +24193,8 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list, return ret; } +#endif /* OPENSSL_EXTRA */ + #ifdef OPENSSL_EXTRA diff --git a/src/ssl.c b/src/ssl.c index 1a752403b..d7f113472 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -11655,11 +11655,12 @@ int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list) #ifdef OPENSSL_EXTRA return wolfSSL_parse_cipher_list(ctx, ctx->suites, list); #else - return (SetCipherList(ctx, ctx->suites, list)) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; + return (SetCipherList(ctx, ctx->suites, list)) ? + WOLFSSL_SUCCESS : WOLFSSL_FAILURE; #endif } - +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES) int wolfSSL_CTX_set_cipher_list_bytes(WOLFSSL_CTX* ctx, const byte* list, const int listSz) { @@ -11679,15 +11680,19 @@ int wolfSSL_CTX_set_cipher_list_bytes(WOLFSSL_CTX* ctx, const byte* list, XMEMSET(ctx->suites, 0, sizeof(Suites)); } - return (SetCipherListFromBytes(ctx, ctx->suites, list, listSz)) - ? WOLFSSL_SUCCESS - : WOLFSSL_FAILURE; + return (SetCipherListFromBytes(ctx, ctx->suites, list, listSz)) ? + WOLFSSL_SUCCESS : WOLFSSL_FAILURE; } - +#endif /* OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES */ int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list) { WOLFSSL_ENTER("wolfSSL_set_cipher_list"); + + if (ssl == NULL || ssl->ctx == NULL) { + return WOLFSSL_FAILURE; + } + #ifdef SINGLE_THREADED if (ssl->ctx->suites == ssl->suites) { ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, @@ -11704,15 +11709,22 @@ int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list) #ifdef OPENSSL_EXTRA return wolfSSL_parse_cipher_list(ssl->ctx, ssl->suites, list); #else - return (SetCipherList(ssl->ctx, ssl->suites, list)) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; + return (SetCipherList(ssl->ctx, ssl->suites, list)) ? + WOLFSSL_SUCCESS : + WOLFSSL_FAILURE; #endif } - +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES) int wolfSSL_set_cipher_list_bytes(WOLFSSL* ssl, const byte* list, const int listSz) { WOLFSSL_ENTER("wolfSSL_set_cipher_list_bytes"); + + if (ssl == NULL || ssl->ctx == NULL) { + return WOLFSSL_FAILURE; + } + #ifdef SINGLE_THREADED if (ssl->ctx->suites == ssl->suites) { ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, @@ -11730,6 +11742,8 @@ int wolfSSL_set_cipher_list_bytes(WOLFSSL* ssl, const byte* list, ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; } +#endif /* OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES */ + #ifdef HAVE_KEYING_MATERIAL diff --git a/tests/api.c b/tests/api.c index f9faa09d0..4dbceceb1 100644 --- a/tests/api.c +++ b/tests/api.c @@ -841,7 +841,8 @@ static int test_for_double_Free(void) static int test_wolfSSL_CTX_set_cipher_list_bytes(void) { -#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ +#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) const char* testCertFile; const char* testKeyFile; @@ -1033,7 +1034,8 @@ static int test_wolfSSL_CTX_set_cipher_list_bytes(void) wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); -#endif /* (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) && (!NO_RSA || HAVE_ECC) */ +#endif /* (OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES) && + (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) && (!NO_RSA || HAVE_ECC) */ return 0; }