feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4622 from douzzer/fix-wolfsentry-build

Browse Source 
wolfsentry fixes re HAVE_EX_DATA and wolfsentry_sockaddr
This commit is contained in:
David Garske
2021-12-01 08:16:07 -08:00
committed by GitHub
parent d06ada2ccc 32db20143c
commit 5c172ca955
3 changed files with 51 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
tests/api.c
View File

@@ -50533,54 +50533,54 @@ static void test_wolfSSL_CRYPTO_get_ex_new_index(void)
printf(testingFmt, "test_wolfSSL_CRYPTO_get_ex_new_index()");
/* test for unsupported flass index */
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_APP,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_APP,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI_METHOD,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI_METHOD,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG,
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG,
0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1);
AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1);
/* test for supported class index */
idx1 = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL,
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL,
0,NULL, NULL, NULL, NULL );
idx2 = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL,
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL,
0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1);
AssertIntNE(idx1, idx2);
idx1 = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX,
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX,
0,NULL, NULL, NULL, NULL );
idx2 = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX,
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX,
0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1);
AssertIntNE(idx1, idx2);
idx1 = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509,
idx1 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509,
0,NULL, NULL, NULL, NULL );
idx2 = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509,
idx2 = wolfSSL_CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509,
0,NULL, NULL, NULL, NULL );
AssertIntNE(idx1, -1);
AssertIntNE(idx2, -1);

2
wolfssl/ssl.h
View File

@@ -4373,7 +4373,7 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_sk_X509_shift(WOLF_STACK_OF(WOLFSSL_X509)*);
WOLFSSL_API void* wolfSSL_sk_X509_OBJECT_value(WOLF_STACK_OF(WOLFSSL_X509_OBJECT)*, int);
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || HAVE_LIGHTY */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || defined(HAVE_EX_DATA)
WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int);
WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*);

65
wolfssl/test.h
View File

@@ -1326,10 +1326,8 @@ static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp)
#endif
struct wolfsentry_data {
struct wolfsentry_sockaddr remote;
byte remote_addrbuf[16];
struct wolfsentry_sockaddr local;
byte local_addrbuf[16];
WOLFSENTRY_SOCKADDR(128) remote;
WOLFSENTRY_SOCKADDR(128) local;
wolfsentry_route_flags_t flags;
void *heap;
int alloctype;
@@ -1360,8 +1358,8 @@ static WC_INLINE int wolfsentry_store_endpoints(
wolfsentry_data->alloctype = DYNAMIC_TYPE_SOCKADDR;
#ifdef TEST_IPV6
if ((sizeof wolfsentry_data->remote_addrbuf < sizeof remote->sin6_addr) ||
(sizeof wolfsentry_data->local_addrbuf < sizeof local->sin6_addr))
if ((sizeof wolfsentry_data->remote.addr < sizeof remote->sin6_addr) ||
(sizeof wolfsentry_data->local.addr < sizeof local->sin6_addr))
return WOLFSSL_FAILURE;
wolfsentry_data->remote.sa_family = wolfsentry_data->local.sa_family = remote->sin6_family;
wolfsentry_data->remote.sa_port = ntohs(remote->sin6_port);
@@ -1381,8 +1379,8 @@ static WC_INLINE int wolfsentry_store_endpoints(
XMEMCPY(wolfsentry_data->local.addr, &local->sin6_addr, sizeof local->sin6_addr);
}
#else
if ((sizeof wolfsentry_data->remote_addrbuf < sizeof remote->sin_addr) ||
(sizeof wolfsentry_data->local_addrbuf < sizeof local->sin_addr))
if ((sizeof wolfsentry_data->remote.addr < sizeof remote->sin_addr) ||
(sizeof wolfsentry_data->local.addr < sizeof local->sin_addr))
return WOLFSSL_FAILURE;
wolfsentry_data->remote.sa_family = wolfsentry_data->local.sa_family = remote->sin_family;
wolfsentry_data->remote.sa_port = ntohs(remote->sin_port);
@@ -1435,8 +1433,8 @@ static int wolfSentry_NetworkFilterCallback(
ret = wolfsentry_route_event_dispatch(
_wolfsentry,
&data->remote,
&data->local,
(const struct wolfsentry_sockaddr *)&data->remote,
(const struct wolfsentry_sockaddr *)&data->local,
data->flags,
NULL /* event_label */,
0 /* event_label_len */,
@@ -1535,7 +1533,7 @@ static int wolfsentry_setup(
}
fclose(f);
if ((ret = wolfsentry_config_json_fini(jps, err_buf, sizeof err_buf)) < 0) {
if ((ret = wolfsentry_config_json_fini(&jps, err_buf, sizeof err_buf)) < 0) {
fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf);
err_sys("error while loading wolfSentry config file");
}
@@ -1555,10 +1553,7 @@ static int wolfsentry_setup(
return ret;
if (WOLFSENTRY_MASKIN_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT)) {
struct {
struct wolfsentry_sockaddr sa;
byte buf[16];
} remote, local;
WOLFSENTRY_SOCKADDR(128) remote, local;
wolfsentry_ent_id_t id;
wolfsentry_action_res_t action_results;
@@ -1576,17 +1571,19 @@ static int wolfsentry_setup(
XMEMSET(&remote, 0, sizeof remote);
XMEMSET(&local, 0, sizeof local);
#ifdef TEST_IPV6
remote.sa.sa_family = local.sa.sa_family = AF_INET6;
remote.sa.addr_len = 128;
XMEMCPY(remote.sa.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
remote.sa_family = local.sa_family = AF_INET6;
remote.addr_len = 128;
XMEMCPY(remote.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
#else
remote.sa.sa_family = local.sa.sa_family = AF_INET;
remote.sa.addr_len = 32;
XMEMCPY(remote.sa.addr, "\177\000\000\001", 4);
remote.sa_family = local.sa_family = AF_INET;
remote.addr_len = 32;
XMEMCPY(remote.addr, "\177\000\000\001", 4);
#endif
if ((ret = wolfsentry_route_insert_static
(*_wolfsentry, NULL /* caller_context */, &remote.sa, &local.sa,
(*_wolfsentry, NULL /* caller_context */,
(const struct wolfsentry_sockaddr *)&remote,
(const struct wolfsentry_sockaddr *)&local,
route_flags |
WOLFSENTRY_ROUTE_FLAG_GREENLISTED |
WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD |
@@ -1604,10 +1601,7 @@ static int wolfsentry_setup(
return ret;
}
} else if (WOLFSENTRY_MASKIN_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN)) {
struct {
struct wolfsentry_sockaddr sa;
byte buf[16];
} remote, local;
WOLFSENTRY_SOCKADDR(128) remote, local;
wolfsentry_ent_id_t id;
wolfsentry_action_res_t action_results;
@@ -1625,17 +1619,18 @@ static int wolfsentry_setup(
XMEMSET(&remote, 0, sizeof remote);
XMEMSET(&local, 0, sizeof local);
#ifdef TEST_IPV6
remote.sa.sa_family = local.sa.sa_family = AF_INET6;
remote.sa.addr_len = 128;
XMEMCPY(remote.sa.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
remote.sa_family = local.sa_family = AF_INET6;
remote.addr_len = 128;
XMEMCPY(remote.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
#else
remote.sa.sa_family = local.sa.sa_family = AF_INET;
remote.sa.addr_len = 32;
XMEMCPY(remote.sa.addr, "\177\000\000\001", 4);
remote.sa_family = local.sa_family = AF_INET;
remote.addr_len = 32;
XMEMCPY(remote.addr, "\177\000\000\001", 4);
#endif
if ((ret = wolfsentry_route_insert_static
(*_wolfsentry, NULL /* caller_context */, &remote.sa, &local.sa,
(*_wolfsentry, NULL /* caller_context */,
(const struct wolfsentry_sockaddr *)&remote, (const struct wolfsentry_sockaddr *)&local,
route_flags |
WOLFSENTRY_ROUTE_FLAG_GREENLISTED |
WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD |
@@ -1696,8 +1691,8 @@ static WC_INLINE int tcp_connect_with_wolfSentry(
ret = wolfsentry_route_event_dispatch(
_wolfsentry,
&wolfsentry_data->remote,
&wolfsentry_data->local,
(const struct wolfsentry_sockaddr *)&wolfsentry_data->remote,
(const struct wolfsentry_sockaddr *)&wolfsentry_data->local,
wolfsentry_data->flags,
NULL /* event_label */,
0 /* event_label_len */,