From 4ccd6dfbe1d234dd92a22520f49bb41b58b8da72 Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Thu, 13 Jul 2023 16:09:47 -0400
Subject: [PATCH 1/4] Adding wolfSSL_GENERAL_NAME_set0_value() compat layer
 API.

---
 src/x509.c            | 36 ++++++++++++++++++++++++++++++++++--
 wolfssl/openssl/ssl.h |  6 ++++++
 wolfssl/ssl.h         |  2 ++
 3 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/src/x509.c b/src/x509.c
index 97926c320..ad8c5c08d 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -4426,8 +4426,9 @@ error:
  * @return  WOLFSSL_FAILURE on invalid parameter or memory error,
  *          WOLFSSL_SUCCESS otherwise.
  */
-int wolfSSL_GENERAL_NAME_set0_othername(GENERAL_NAME* gen, ASN1_OBJECT* oid,
-                                        ASN1_TYPE* value) {
+int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
+                                        ASN1_OBJECT* oid, ASN1_TYPE* value)
+{
     WOLFSSL_ASN1_OBJECT *x = NULL;
 
     if ((gen == NULL) || (oid == NULL) || (value == NULL)) {
@@ -4830,6 +4831,37 @@ int wolfSSL_GENERAL_NAME_set_type(WOLFSSL_GENERAL_NAME* name, int typ)
     return ret;
 }
 
+/* Set the value in a general name. This is a compat layer API.
+ *
+ * @param [out] a       Pointer to the GENERAL_NAME where the othername is set.
+ * @param [in]  type    The type of this general name.
+ * @param [in]  value   The ASN.1 string that is the value.
+ * @return none
+ * @note the set0 indicates we take ownership so the user does NOT free value.
+ */
+void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
+                                     void *value)
+{
+    WOLFSSL_ASN1_STRING *val = value;
+    if (a == NULL) {
+        WOLFSSL_MSG("a is NULL");
+        return;
+    }
+
+    if (val == NULL) {
+        WOLFSSL_MSG("value is NULL");
+        return;
+    }
+
+    if (type != GEN_DNS) {
+        WOLFSSL_MSG("Only GEN_DNS is supported");
+        return;
+    }
+
+    wolfSSL_GENERAL_NAME_type_free(a);
+    a->type = type;
+    a->d.dNSName = value;
+}
 
 /* Frees GENERAL_NAME objects.
 */
diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h
index 63ce513ed..98817522d 100644
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -887,6 +887,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define ASN1_UTF8STRING_free            wolfSSL_ASN1_STRING_free
 #define ASN1_UTF8STRING_set             wolfSSL_ASN1_STRING_set
 
+#define ASN1_IA5STRING                 WOLFSSL_ASN1_STRING
+#define ASN1_IA5STRING_new             wolfSSL_ASN1_STRING_new
+#define ASN1_IA5STRING_free            wolfSSL_ASN1_STRING_free
+#define ASN1_IA5STRING_set             wolfSSL_ASN1_STRING_set
+
 #define ASN1_PRINTABLE_type(...)        V_ASN1_PRINTABLESTRING
 
 #define ASN1_UTCTIME_pr                 wolfSSL_ASN1_UTCTIME_pr
@@ -1360,6 +1365,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define GENERAL_NAME_dup                wolfSSL_GENERAL_NAME_dup
 #define GENERAL_NAME_print              wolfSSL_GENERAL_NAME_print
 #define GENERAL_NAME_set0_othername     wolfSSL_GENERAL_NAME_set0_othername
+#define GENERAL_NAME_set0_value         wolfSSL_GENERAL_NAME_set0_value
 #define sk_GENERAL_NAME_push            wolfSSL_sk_GENERAL_NAME_push
 #define sk_GENERAL_NAME_value           wolfSSL_sk_GENERAL_NAME_value
 
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 84cf71ca0..b7c6f960a 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -1562,6 +1562,8 @@ WOLFSSL_API WOLFSSL_GENERAL_NAMES* wolfSSL_GENERAL_NAMES_dup(
 WOLFSSL_API int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
                                                     WOLFSSL_ASN1_OBJECT* oid,
                                                     WOLFSSL_ASN1_TYPE* value);
+WOLFSSL_API void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a,
+                                                 int type, void *value);
 
 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_GENERAL_NAME_new(void *cmpFunc);
 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk,

From 31a02f194ebd76d7f892aa226032167c6c55350e Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Fri, 14 Jul 2023 12:09:14 -0400
Subject: [PATCH 2/4] Address review comments.

---
 src/x509.c  |  4 +++-
 tests/api.c | 12 ++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/x509.c b/src/x509.c
index ad8c5c08d..629d04dbb 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -4860,7 +4860,9 @@ void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
 
     wolfSSL_GENERAL_NAME_type_free(a);
     a->type = type;
-    a->d.dNSName = value;
+    if (type == GEN_DNS) {
+        a->d.dNSName = value;
+    }
 }
 
 /* Frees GENERAL_NAME objects.
diff --git a/tests/api.c b/tests/api.c
index e7cf92fdb..18970933f 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -41889,6 +41889,7 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
     X509_EXTENSION* ext = NULL;
     AUTHORITY_INFO_ACCESS* aia = NULL;
     ACCESS_DESCRIPTION* ad = NULL;
+    ASN1_IA5STRING *dnsname = NULL;
 
     const unsigned char v4Addr[] = {192,168,53,1};
     const unsigned char v6Addr[] =
@@ -41943,6 +41944,17 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
     X509_free(x509);
     x509 = NULL;
 
+    /* Lets test for setting as well. */
+    ExpectNotNull(gn = GENERAL_NAME_new());
+    ExpectNotNull(dnsname = ASN1_IA5STRING_new());
+    ExpectIntEQ(ASN1_STRING_set(dnsname, "example.com", -1), 1);
+    GENERAL_NAME_set0_value(gn, GEN_DNS, dnsname);
+    dnsname = NULL;
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
+    XMEMSET(outbuf, 0, sizeof(outbuf));
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+
     /* test for GEN_URI */
 
     ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);

From 3b773db728d552b9938e40cb94c755032adcc6d2 Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Fri, 14 Jul 2023 13:43:57 -0400
Subject: [PATCH 3/4] Clean up after myself

---
 tests/api.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/api.c b/tests/api.c
index 18970933f..9a6f32ddd 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -41954,6 +41954,7 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
     XMEMSET(outbuf, 0, sizeof(outbuf));
     ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
     ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+    GENERAL_NAME_free(gn);
 
     /* test for GEN_URI */
 

From 933dae393ec3096444d86a3c1ecc3be5440f0036 Mon Sep 17 00:00:00 2001
From: Anthony Hu <anthony@wolfssl.com>
Date: Fri, 14 Jul 2023 14:33:43 -0400
Subject: [PATCH 4/4] Make PRBs happy

---
 src/x509.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/x509.c b/src/x509.c
index 629d04dbb..144731f7d 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -4842,7 +4842,7 @@ int wolfSSL_GENERAL_NAME_set_type(WOLFSSL_GENERAL_NAME* name, int typ)
 void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
                                      void *value)
 {
-    WOLFSSL_ASN1_STRING *val = value;
+    WOLFSSL_ASN1_STRING *val = (WOLFSSL_ASN1_STRING *)value;
     if (a == NULL) {
         WOLFSSL_MSG("a is NULL");
         return;
@@ -4861,7 +4861,7 @@ void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
     wolfSSL_GENERAL_NAME_type_free(a);
     a->type = type;
     if (type == GEN_DNS) {
-        a->d.dNSName = value;
+        a->d.dNSName = val;
     }
 }