diff --git a/src/internal.c b/src/internal.c index 159435018..b833c3de8 100644 --- a/src/internal.c +++ b/src/internal.c @@ -9046,7 +9046,6 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (ret == 0 && ssl->options.side == WOLFSSL_CLIENT_END) { ssl->options.serverState = SERVER_CERT_COMPLETE; - ssl->options.handShakeState = SERVER_CERT_COMPLETE; } if (IsEncryptionOn(ssl, 0)) { @@ -9392,7 +9391,6 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size, if (ssl->options.side == WOLFSSL_CLIENT_END) { ssl->options.serverState = SERVER_FINISHED_COMPLETE; - ssl->options.handShakeState = SERVER_FINISHED_COMPLETE; if (!ssl->options.resuming) { #ifdef OPENSSL_EXTRA if (ssl->CBIS != NULL) { @@ -16812,7 +16810,6 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, #endif ssl->options.clientState = CLIENT_HELLO_COMPLETE; - ssl->options.handShakeState = CLIENT_HELLO_COMPLETE; #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) if (ssl->hsInfoOn) AddPacketName(ssl, "ClientHello"); @@ -16871,7 +16868,6 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, } ssl->options.serverState = SERVER_HELLOVERIFYREQUEST_COMPLETE; - ssl->options.handShakeState = SERVER_HELLOVERIFYREQUEST_COMPLETE; return 0; } @@ -17218,7 +17214,6 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, #endif ssl->options.serverState = SERVER_HELLO_COMPLETE; - ssl->options.handShakeState = SERVER_HELLO_COMPLETE; if (IsEncryptionOn(ssl, 0)) { *inOutIdx += ssl->keys.padSz; @@ -18407,7 +18402,6 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, *inOutIdx = args->idx; ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; - ssl->options.handShakeState = SERVER_KEYEXCHANGE_COMPLETE; break; } default: @@ -23576,7 +23570,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, WRITE_PROTO, ssl->heap); #endif ssl->options.serverState = SERVER_HELLODONE_COMPLETE; - ssl->options.handShakeState = SERVER_HELLODONE_COMPLETE; ssl->buffers.outputBuffer.length += sendSz; diff --git a/src/ssl.c b/src/ssl.c index 9a0d7dd2e..de4d0d5dc 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -15145,13 +15145,18 @@ static void ExternalFreeX509(WOLFSSL_X509* x509) /* these index values are already stored in DecodedName use those when available */ if (name->fullName.fullName && name->fullName.fullNameLen > 0) { + printf("NID = %x\n",nid); switch (nid) { case ASN_COMMON_NAME: if (pos != name->fullName.cnIdx) ret = name->fullName.cnIdx; break; - case NID_domainComponent: - + case ASN_DOMAIN_COMPONENT: + if (pos != name->fullName.dcIdx) + ret = name->fullName.dcIdx; + printf("domain_component = %s\n",name->fullName.fullName + name->fullName.dcIdx); + printf("domain_component Idx = %d\n",name->fullName.dcIdx); + printf("domain_component Len = %d\n",name->fullName.dcLen); break; default: WOLFSSL_MSG("NID not yet implemented"); @@ -29324,6 +29329,14 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) name->cnEntry.nid = ASN_COMMON_NAME; name->cnEntry.set = 1; return &(name->cnEntry); + } else if (loc == name->fullName.dcIdx){ + printf("domain = %s\n",name->x509->subjectCN); + name->cnEntry.data.data = name->x509->subjectCN; + name->cnEntry.data.length = name->fullName.dcLen; + name->cnEntry.data.type = CTC_UTF8; + name->cnEntry.nid = ASN_DOMAIN_COMPONENT; + name->cnEntry.set = 1; + return &(name->cnEntry); } /* additionall cases to check for go here */ @@ -30088,6 +30101,13 @@ int wolfSSL_get_state(const WOLFSSL* ssl) return SSL_FAILURE; } + if (ssl->options.handShakeState != HANDSHAKE_DONE){ + if (ssl->options.side == WOLFSSL_SERVER_END) + return ssl->options.serverState; + else if (ssl->options.side == WOLFSSL_CLIENT_END) + return ssl->options.clientState; + } + return ssl->options.handShakeState; } #endif /* HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE */