fixed return codes

added protection for missing HAVE_TLS_EXTENSIONS

IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c

@@ -469,7 +469,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
 
 #ifdef HAVE_SNI
     if (sniHostName)
-        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)))
+        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
+                                                                 != SSL_SUCCESS)
             err_sys("UseSNI failed");
 #endif
 

IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c

@@ -419,7 +419,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
 #ifdef HAVE_SNI
     if (sniHostName) {
         if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
-                                                          XSTRLEN(sniHostName)))
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
             err_sys("UseSNI failed");
         else
             CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME,

IDE/MDK5-ARM/Projects/SimpleClient/client.c

@@ -471,7 +471,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
 
 #ifdef HAVE_SNI
     if (sniHostName)
-        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)))
+        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
+                                                                 != SSL_SUCCESS)
             err_sys("UseSNI failed");
 #endif
 

IDE/MDK5-ARM/Projects/SimpleServer/server.c

@@ -418,7 +418,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
 #ifdef HAVE_SNI
     if (sniHostName) {
         if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
-                                                          XSTRLEN(sniHostName)))
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
             err_sys("UseSNI failed");
         else
             CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME,

examples/client/client.c

@@ -550,17 +550,18 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args)
 
 #ifdef HAVE_SNI
     if (sniHostName)
-        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)))
+        if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))
+                                                                 != SSL_SUCCESS)
             err_sys("UseSNI failed");
 #endif
 #ifdef HAVE_MAX_FRAGMENT
     if (maxFragment)
-        if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment))
+        if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS)
             err_sys("UseMaxFragment failed");
 #endif
 #ifdef HAVE_TRUNCATED_HMAC
     if (truncatedHMAC)
-        if (CyaSSL_CTX_UseTruncatedHMAC(ctx))
+        if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS)
             err_sys("UseTruncatedHMAC failed");
 #endif
 

examples/server/server.c

@@ -443,7 +443,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
 #ifdef HAVE_SNI
     if (sniHostName)
         if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
-                                                          XSTRLEN(sniHostName)))
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
             err_sys("UseSNI failed");
 #endif
 

src/tls.c

@@ -776,7 +776,7 @@ static int TLSX_SNI_Parse(CYASSL* ssl, byte* input, word16 length,
                     int r = TLSX_UseSNI(&ssl->extensions,
                                                     type, input + offset, size);
 
-                    if (r) return r; /* throw error */
+                    if (r != SSL_SUCCESS) return r; /* throw error */
 
                     TLSX_SNI_SetStatus(ssl->extensions, type,
                       matched ? CYASSL_SNI_REAL_MATCH : CYASSL_SNI_FAKE_MATCH);
@@ -842,7 +842,7 @@ int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, word16 size)
         }
     } while ((sni = sni->next));
 
-    return 0;
+    return SSL_SUCCESS;
 }
 
 #ifndef NO_CYASSL_SERVER
@@ -1047,7 +1047,7 @@ static int TLSX_MFL_Parse(CYASSL* ssl, byte* input, word16 length,
     if (isRequest) {
         int r = TLSX_UseMaxFragment(&ssl->extensions, *input);
 
-        if (r) return r; /* throw error */
+        if (r != SSL_SUCCESS) return r; /* throw error */
 
         TLSX_SetResponse(ssl, MAX_FRAGMENT_LENGTH);
     }
@@ -1097,7 +1097,7 @@ int TLSX_UseMaxFragment(TLSX** extensions, byte mfl)
         }
     } while ((extension = extension->next));
 
-    return 0;
+    return SSL_SUCCESS;
 }
 
 
@@ -1128,7 +1128,7 @@ int TLSX_UseTruncatedHMAC(TLSX** extensions)
         if ((ret = TLSX_Append(extensions, TRUNCATED_HMAC)) != 0)
             return ret;
 
-    return 0;
+    return SSL_SUCCESS;
 }
 
 static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length,
@@ -1141,7 +1141,7 @@ static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length,
     if (isRequest) {
         int r = TLSX_UseTruncatedHMAC(&ssl->extensions);
 
-        if (r) return r; /* throw error */
+        if (r != SSL_SUCCESS) return r; /* throw error */
 
         TLSX_SetResponse(ssl, TRUNCATED_HMAC);
     }
@@ -1428,7 +1428,7 @@ int TLSX_UseEllipticCurve(TLSX** extensions, word16 name)
         }
     } while ((curve = curve->next));
 
-    return 0;
+    return SSL_SUCCESS;
 }
 
 #define EC_FREE_ALL         TLSX_EllipticCurve_FreeAll
@@ -1785,6 +1785,13 @@ int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest,
 #undef IS_OFF
 #undef TURN_ON
 
+#elif defined(HAVE_SNI)             \
+   || defined(HAVE_MAX_FRAGMENT)    \
+   || defined(HAVE_TRUNCATED_HMAC)  \
+   || defined(HAVE_ELLIPTIC_CURVES)
+
+#error "Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined."
+
 #endif /* HAVE_TLS_EXTENSIONS */
 
 

tests/api.c

@@ -248,7 +248,7 @@ static void use_SNI_at_ctx(CYASSL_CTX* ctx)
     byte type = CYASSL_SNI_HOST_NAME;
     char name[] = "www.yassl.com";
 
-    AssertIntEQ(0, CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name)));
+    AssertIntEQ(1, CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name)));
 }
 
 static void use_SNI_at_ssl(CYASSL* ssl)
@@ -256,7 +256,7 @@ static void use_SNI_at_ssl(CYASSL* ssl)
     byte type = CYASSL_SNI_HOST_NAME;
     char name[] = "www.yassl.com";
 
-    AssertIntEQ(0, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
+    AssertIntEQ(1, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
 }
 
 static void different_SNI_at_ssl(CYASSL* ssl)
@@ -264,7 +264,7 @@ static void different_SNI_at_ssl(CYASSL* ssl)
     byte type = CYASSL_SNI_HOST_NAME;
     char name[] = "ww2.yassl.com";
 
-    AssertIntEQ(0, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
+    AssertIntEQ(1, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
 }
 
 static void use_SNI_WITH_CONTINUE_at_ssl(CYASSL* ssl)
@@ -431,16 +431,16 @@ void test_CyaSSL_UseSNI(void)
     AssertNotNull(ssl);
 
     /* error cases */
-    AssertIntNE(0, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx")));
+    AssertIntNE(1, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx")));
-    AssertIntNE(0, CyaSSL_UseSNI(    NULL, 0, (void *) "ssl", XSTRLEN("ssl")));
+    AssertIntNE(1, CyaSSL_UseSNI(    NULL, 0, (void *) "ssl", XSTRLEN("ssl")));
-    AssertIntNE(0, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx")));
+    AssertIntNE(1, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx")));
-    AssertIntNE(0, CyaSSL_UseSNI(    ssl, -1, (void *) "ssl", XSTRLEN("ssl")));
+    AssertIntNE(1, CyaSSL_UseSNI(    ssl, -1, (void *) "ssl", XSTRLEN("ssl")));
-    AssertIntNE(0, CyaSSL_CTX_UseSNI(ctx,  0, (void *) NULL,  XSTRLEN("ctx")));
+    AssertIntNE(1, CyaSSL_CTX_UseSNI(ctx,  0, (void *) NULL,  XSTRLEN("ctx")));
-    AssertIntNE(0, CyaSSL_UseSNI(    ssl,  0, (void *) NULL,  XSTRLEN("ssl")));
+    AssertIntNE(1, CyaSSL_UseSNI(    ssl,  0, (void *) NULL,  XSTRLEN("ssl")));
 
     /* success case */
-    AssertIntEQ(0, CyaSSL_CTX_UseSNI(ctx,  0, (void *) "ctx", XSTRLEN("ctx")));
+    AssertIntEQ(1, CyaSSL_CTX_UseSNI(ctx,  0, (void *) "ctx", XSTRLEN("ctx")));
-    AssertIntEQ(0, CyaSSL_UseSNI(    ssl,  0, (void *) "ssl", XSTRLEN("ssl")));
+    AssertIntEQ(1, CyaSSL_UseSNI(    ssl,  0, (void *) "ssl", XSTRLEN("ssl")));
 
     CyaSSL_free(ssl);
     CyaSSL_CTX_free(ctx);
@@ -496,24 +496,24 @@ static void test_CyaSSL_UseMaxFragment(void)
     AssertNotNull(ssl);
 
     /* error cases */
-    AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9));
+    AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9));
-    AssertIntNE(0, CyaSSL_UseMaxFragment(    NULL, CYASSL_MFL_2_9));
+    AssertIntNE(1, CyaSSL_UseMaxFragment(    NULL, CYASSL_MFL_2_9));
-    AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(ctx, 0));
+    AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(ctx, 0));
-    AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(ctx, 6));
+    AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(ctx, 6));
-    AssertIntNE(0, CyaSSL_UseMaxFragment(ssl, 0));
+    AssertIntNE(1, CyaSSL_UseMaxFragment(ssl, 0));
-    AssertIntNE(0, CyaSSL_UseMaxFragment(ssl, 6));
+    AssertIntNE(1, CyaSSL_UseMaxFragment(ssl, 6));
 
     /* success case */
-    AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_9));
+    AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_9));
-    AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_10));
+    AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_10));
-    AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_11));
+    AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_11));
-    AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_12));
+    AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_12));
-    AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_13));
+    AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx,  CYASSL_MFL_2_13));
-    AssertIntEQ(0, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_9));
+    AssertIntEQ(1, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_9));
-    AssertIntEQ(0, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_10));
+    AssertIntEQ(1, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_10));
-    AssertIntEQ(0, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_11));
+    AssertIntEQ(1, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_11));
-    AssertIntEQ(0, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_12));
+    AssertIntEQ(1, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_12));
-    AssertIntEQ(0, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_13));
+    AssertIntEQ(1, CyaSSL_UseMaxFragment(    ssl,  CYASSL_MFL_2_13));
 
     CyaSSL_free(ssl);
     CyaSSL_CTX_free(ctx);
@@ -530,12 +530,12 @@ static void test_CyaSSL_UseTruncatedHMAC(void)
     AssertNotNull(ssl);
 
     /* error cases */
-    AssertIntNE(0, CyaSSL_CTX_UseTruncatedHMAC(NULL));
+    AssertIntNE(1, CyaSSL_CTX_UseTruncatedHMAC(NULL));
-    AssertIntNE(0, CyaSSL_UseTruncatedHMAC(NULL));
+    AssertIntNE(1, CyaSSL_UseTruncatedHMAC(NULL));
 
     /* success case */
-    AssertIntEQ(0, CyaSSL_CTX_UseTruncatedHMAC(ctx));
+    AssertIntEQ(1, CyaSSL_CTX_UseTruncatedHMAC(ctx));
-    AssertIntEQ(0, CyaSSL_UseTruncatedHMAC(ssl));
+    AssertIntEQ(1, CyaSSL_UseTruncatedHMAC(ssl));
 
     CyaSSL_free(ssl);
     CyaSSL_CTX_free(ctx);
@@ -553,15 +553,15 @@ static void test_CyaSSL_UseEllipticCurve(void)
 
 #ifndef NO_CYASSL_CLIENT
     /* error cases */
-    AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1));
+    AssertIntNE(1, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1));
-    AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(ctx,  0));
+    AssertIntNE(1, CyaSSL_CTX_UseEllipticCurve(ctx,  0));
 
-    AssertIntNE(0, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1));
+    AssertIntNE(1, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1));
-    AssertIntNE(0, CyaSSL_UseEllipticCurve(ssl,  0));
+    AssertIntNE(1, CyaSSL_UseEllipticCurve(ssl,  0));
 
     /* success case */
-    AssertIntEQ(0, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1));
+    AssertIntEQ(1, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1));
-    AssertIntEQ(0, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1));
+    AssertIntEQ(1, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1));
 #endif
 
     CyaSSL_free(ssl);