forked from wolfSSL/wolfssl
add get_max_eraly_data
support set/get_max_eraly_data compatibility layer
This commit is contained in:
Hideki Miyazaki
50
src/tls13.c
50
src/tls13.c
@ -9616,7 +9616,12 @@ int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx, unsigned int sz)
|
||||
|
||||
ctx->maxEarlyDataSz = sz;
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_ERROR_CODE_OPENSSL)
|
||||
/* 1 on success in OpenSSL*/
|
||||
return WOLFSSL_SUCCESS;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Sets the maximum amount of early data that can be seen by server when using
|
||||
@ -9637,8 +9642,51 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz)
|
||||
return SIDE_ERROR;
|
||||
|
||||
ssl->options.maxEarlyDataSz = sz;
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_ERROR_CODE_OPENSSL)
|
||||
/* 1 on success in OpenSSL*/
|
||||
return WOLFSSL_SUCCESS;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Sets the maximum amount of early data that can be seen by server when using
|
||||
* session tickets for resumption.
|
||||
* A value of zero indicates no early data is to be sent by client using session
|
||||
* tickets.
|
||||
*
|
||||
* ctx The SSL/TLS CTX object.
|
||||
* returns BAD_FUNC_ARG when ctx is NULL, SIDE_ERROR when not a server and
|
||||
* returns the maximum amount of early data to be set
|
||||
*/
|
||||
int wolfSSL_CTX_get_max_early_data(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
if (ctx == NULL || !IsAtLeastTLSv1_3(ctx->method->version))
|
||||
return BAD_FUNC_ARG;
|
||||
if (ctx->method->side == WOLFSSL_CLIENT_END)
|
||||
return SIDE_ERROR;
|
||||
|
||||
return ctx->maxEarlyDataSz;
|
||||
}
|
||||
|
||||
/* Gets the maximum amount of early data that can be seen by server when using
|
||||
* session tickets for resumption.
|
||||
* A value of zero indicates no early data is to be sent by client using session
|
||||
* tickets.
|
||||
*
|
||||
* ssl The SSL/TLS object.
|
||||
* returns BAD_FUNC_ARG when ssl is NULL, or not using TLS v1.3,
|
||||
* SIDE_ERROR when not a server and
|
||||
* returns the maximum amount of early data to be set
|
||||
*/
|
||||
int wolfSSL_get_max_early_data(WOLFSSL* ssl)
|
||||
{
|
||||
if (ssl == NULL || !IsAtLeastTLSv1_3(ssl->version))
|
||||
return BAD_FUNC_ARG;
|
||||
if (ssl->options.side == WOLFSSL_CLIENT_END)
|
||||
return SIDE_ERROR;
|
||||
|
||||
return ssl->options.maxEarlyDataSz;
|
||||
}
|
||||
|
||||
/* Write early data to the server.
|
||||
|
||||
54
tests/api.c
54
tests/api.c
@ -46971,28 +46971,78 @@ static int test_tls13_apis(void)
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#ifdef WOLFSSL_EARLY_DATA
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
|
||||
AssertIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
|
||||
#else
|
||||
AssertIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
|
||||
AssertIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
|
||||
#endif
|
||||
#ifndef NO_WOLFSSL_CLIENT
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
|
||||
AssertIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
|
||||
#else
|
||||
AssertIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
|
||||
AssertIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef NO_WOLFSSL_SERVER
|
||||
#ifndef WOLFSSL_NO_TLS12
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
|
||||
BAD_FUNC_ARG);
|
||||
AssertIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
|
||||
#else
|
||||
AssertIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0),
|
||||
BAD_FUNC_ARG);
|
||||
AssertIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0);
|
||||
AssertIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32);
|
||||
#else
|
||||
AssertIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1);
|
||||
AssertIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32);
|
||||
#endif
|
||||
AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 0), 0);
|
||||
#endif
|
||||
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
|
||||
AssertIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG);
|
||||
#else
|
||||
AssertIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
|
||||
AssertIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG);
|
||||
#endif
|
||||
#ifndef NO_WOLFSSL_CLIENT
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 0), SIDE_ERROR);
|
||||
AssertIntEQ(wolfSSL_get_max_early_data(clientSsl), SIDE_ERROR);
|
||||
#else
|
||||
AssertIntEQ(SSL_set_max_early_data(clientSsl, 0), SIDE_ERROR);
|
||||
AssertIntEQ(SSL_get_max_early_data(clientSsl), SIDE_ERROR);
|
||||
#endif
|
||||
#endif
|
||||
#ifndef NO_WOLFSSL_SERVER
|
||||
#ifndef WOLFSSL_NO_TLS12
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
|
||||
AssertIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
|
||||
#else
|
||||
AssertIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
|
||||
AssertIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
|
||||
#endif
|
||||
AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 0), 0);
|
||||
#endif
|
||||
#ifndef OPENSSL_EXTRA
|
||||
AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0);
|
||||
AssertIntEQ(wolfSSL_get_max_early_data(serverSsl), 16);
|
||||
#else
|
||||
AssertIntEQ(SSL_set_max_early_data(serverSsl, 16), 1);
|
||||
AssertIntEQ(SSL_get_max_early_data(serverSsl), 16);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
AssertIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
|
||||
&outSz), BAD_FUNC_ARG);
|
||||
|
||||
@ -1539,6 +1539,10 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
||||
|
||||
#if defined(WOLFSSL_EARLY_DATA)
|
||||
#define SSL_get_early_data_status wolfSSL_get_early_data_status
|
||||
#define SSL_set_max_early_data wolfSSL_set_max_early_data
|
||||
#define SSL_get_max_early_data wolfSSL_get_max_early_data
|
||||
#define SSL_CTX_set_max_early_data wolfSSL_CTX_set_max_early_data
|
||||
#define SSL_CTX_get_max_early_data wolfSSL_CTX_get_max_early_data
|
||||
#endif
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
@ -1076,6 +1076,8 @@ WOLFSSL_API int wolfSSL_accept_TLSv13(WOLFSSL*);
|
||||
WOLFSSL_API int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
|
||||
unsigned int sz);
|
||||
WOLFSSL_API int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
|
||||
WOLFSSL_API int wolfSSL_CTX_get_max_early_data(WOLFSSL_CTX* ctx);
|
||||
WOLFSSL_API int wolfSSL_get_max_early_data(WOLFSSL* ssl);
|
||||
WOLFSSL_API int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
|
||||
int sz, int* outSz);
|
||||
WOLFSSL_API int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz,
|
||||
|
||||
Reference in New Issue
Block a user