diff --git a/configure.ac b/configure.ac index c6880386c..e832a8768 100644 --- a/configure.ac +++ b/configure.ac @@ -719,6 +719,13 @@ AC_ARG_ENABLE([nginx], [ ENABLED_NGINX=no ] ) +# lighty Support +AC_ARG_ENABLE([lighty], + [AS_HELP_STRING([--enable-lighty],[Enable lighttpd/lighty (default: disabled)])], + [ ENABLED_LIGHTY=$enableval ], + [ ENABLED_LIGHTY=no ] + ) + # haproxy compatibility build AC_ARG_ENABLE([haproxy], [AS_HELP_STRING([--enable-haproxy],[Enable haproxy (default: disabled)])], @@ -847,7 +854,7 @@ AC_ARG_ENABLE([opensslextra], [ ENABLED_OPENSSLEXTRA=$enableval ], [ ENABLED_OPENSSLEXTRA=no ] ) -if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes" +if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_OPENSSLEXTRA="yes" fi @@ -1656,7 +1663,7 @@ AC_ARG_ENABLE([sessioncerts], [ ENABLED_SESSIONCERTS=no ] ) -if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" +if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_SESSIONCERTS=yes fi @@ -3097,7 +3104,7 @@ AC_ARG_ENABLE([ocsp], [ ENABLED_OCSP=no ], ) -if test "x$ENABLED_OPENSSLALL" = "xyes" || test "x$ENABLED_NGINX" = "xyes" +if test "x$ENABLED_OPENSSLALL" = "xyes" || test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_OCSP=yes fi @@ -3129,7 +3136,7 @@ AC_ARG_ENABLE([ocspstapling], [ ENABLED_CERTIFICATE_STATUS_REQUEST=no ] ) -if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" +if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_CERTIFICATE_STATUS_REQUEST="yes" fi @@ -3154,7 +3161,7 @@ AC_ARG_ENABLE([ocspstapling2], [ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ] ) -if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" +if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_CERTIFICATE_STATUS_REQUEST_V2=yes fi @@ -3180,7 +3187,7 @@ AC_ARG_ENABLE([crl], ) -if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno" +if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_CRL=yes fi @@ -3202,7 +3209,13 @@ if test "$ENABLED_CRL_MONITOR" = "yes" then case $host_os in *linux* | *darwin* | *freebsd*) - AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;; + if test "x$ENABLED_SINGLETHREADED" = "xno"; then + AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" + else + ENABLED_CRL_MONITOR="no" + AC_MSG_ERROR([crl monitor requires threading / pthread]) + fi + ;; *) if test "x$ENABLED_DISTRO" = "xyes" ; then ENABLED_CRL_MONITOR="no" @@ -3533,7 +3546,7 @@ AC_ARG_ENABLE([session-ticket], [ ENABLED_SESSION_TICKET=no ] ) -if test "x$ENABLED_NGINX" = "xyes" || test "$ENABLED_WPAS" = "yes" || test "x$ENABLED_HAPROXY" = "xyes" +if test "x$ENABLED_NGINX" = "xyes" || test "$ENABLED_WPAS" = "yes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_SESSION_TICKET=yes fi @@ -3562,7 +3575,7 @@ AC_ARG_ENABLE([tlsx], [ ENABLED_TLSX=no ] ) -if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_SIGNAL" = "xyes" +if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_SIGNAL" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" then ENABLED_TLSX=yes fi @@ -3891,12 +3904,6 @@ then fi fi -# lighty Support -AC_ARG_ENABLE([lighty], - [AS_HELP_STRING([--enable-lighty],[Enable lighttpd/lighty (default: disabled)])], - [ ENABLED_LIGHTY=$enableval ], - [ ENABLED_LIGHTY=no ] - ) if test "$ENABLED_LIGHTY" = "yes" then # Requires opensslextra make sure on @@ -3906,6 +3913,28 @@ then AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" fi AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1" + AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA" + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_ALL" + # recommended if building wolfSSL specifically for use by lighttpd + if test "x$ENABLED_ALL" = "xno"; then + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL2 -DOPENSSL_NO_COMP" + if test "x$ENABLED_SSLV3" = "xno"; then + AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL3" + if test "x$ENABLED_TLSV10" = "xno"; then + AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS" + ENABLED_OLD_TLS=no + fi + fi + if test "x$ENABLED_CRL_MONITOR" = "xno"; then + AM_CFLAGS="$AM_CFLAGS -DSINGLE_THREADED" + ENABLED_SINGLETHREADED="yes" + fi + + # w/ lighttpd 1.4.56 once wolfSSL updated to expose non-filesystem funcs + #AM_CFLAGS="$AM_CFLAGS -DNO_BIO" + #AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" + #ENABLED_FILESYSTEM=no + fi fi if test "$ENABLED_NGINX" = "yes" diff --git a/examples/client/client.c b/examples/client/client.c index 75e9d7e21..23c8214df 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -3176,6 +3176,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } #if defined(OPENSSL_ALL) + #ifndef NO_BIO /* print out session to stdout */ { WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE); @@ -3188,6 +3189,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) wolfSSL_BIO_free(bio); } #endif + #endif #endif if (doSTARTTLS && starttlsProt != NULL) { diff --git a/src/internal.c b/src/internal.c index bd28d461a..34a5eed4d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6287,12 +6287,14 @@ void SSL_ResourceFree(WOLFSSL* ssl) #endif #endif /* WOLFSSL_DTLS */ #ifdef OPENSSL_EXTRA +#ifndef NO_BIO if (ssl->biord != ssl->biowr) /* only free write if different */ wolfSSL_BIO_free(ssl->biowr); wolfSSL_BIO_free(ssl->biord); /* always free read bio */ ssl->biowr = NULL; ssl->biord = NULL; #endif +#endif #ifdef HAVE_LIBZ FreeStreams(ssl); #endif @@ -7936,6 +7938,7 @@ retry: switch (recvd) { case WOLFSSL_CBIO_ERR_GENERAL: /* general/unknown error */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD) + #ifndef NO_BIO if (ssl->biord) { /* If retry and read flags are set, return WANT_READ */ if ((ssl->biord->flags & WOLFSSL_BIO_FLAG_READ) && @@ -7944,6 +7947,7 @@ retry: } } #endif + #endif return -1; case WOLFSSL_CBIO_ERR_WANT_READ: /* want read, would block */ @@ -17193,7 +17197,7 @@ int SendCertificateRequest(WOLFSSL* ssl) int sendSz; word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; word32 dnLen = 0; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) WOLF_STACK_OF(WOLFSSL_X509_NAME)* names; #endif @@ -17206,7 +17210,7 @@ int SendCertificateRequest(WOLFSSL* ssl) if (IsAtLeastTLSv1_2(ssl)) reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) /* Certificate Authorities */ names = ssl->ctx->ca_names; while (names != NULL) { @@ -17275,7 +17279,7 @@ int SendCertificateRequest(WOLFSSL* ssl) /* Certificate Authorities */ c16toa((word16)dnLen, &output[i]); /* auth's */ i += REQ_HEADER_SZ; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) names = ssl->ctx->ca_names; while (names != NULL) { byte seq[MAX_SEQ_SZ]; @@ -27699,7 +27703,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, goto out; } #endif - #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) + #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) if((ret=SNI_Callback(ssl))) goto out; ssl->options.side = WOLFSSL_SERVER_END; @@ -30158,7 +30162,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* !WOLFSSL_NO_TLS12 */ #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ - defined(WOLFSSL_HAPROXY) + defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) int SNI_Callback(WOLFSSL* ssl) { /* Stunnel supports a custom sni callback to switch an SSL's ctx diff --git a/src/ocsp.c b/src/ocsp.c index 856b2d81c..6a3adc2ce 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -494,7 +494,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest, } #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_APACHE_HTTPD) + defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY) int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, WOLFSSL_OCSP_CERTID* id, int* status, int* reason, @@ -644,6 +644,7 @@ void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response) XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL); } +#ifndef NO_BIO OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, OcspResponse** response) { @@ -708,6 +709,7 @@ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, return ret; } +#endif /* !NO_BIO */ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response, const unsigned char** data, int len) @@ -891,6 +893,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID* id) #endif #if defined(OPENSSL_ALL) || defined(APACHE_HTTPD) +#ifndef NO_BIO int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, WOLFSSL_OCSP_REQUEST *req) { @@ -924,6 +927,7 @@ int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } +#endif /* !NO_BIO */ #endif /* OPENSSL_ALL || APACHE_HTTPD */ #ifdef OPENSSL_EXTRA diff --git a/src/ssl.c b/src/ssl.c index a17f6a406..8e398fd37 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4041,7 +4041,7 @@ int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version) /* Function to get version as WOLFSSL_ enum value for wolfSSL_SetVersion */ -int wolfSSL_GetVersion(WOLFSSL* ssl) +int wolfSSL_GetVersion(const WOLFSSL* ssl) { if (ssl == NULL) return BAD_FUNC_ARG; @@ -6914,6 +6914,8 @@ int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file, } +#endif /* NO_FILESYSTEM */ + #ifdef HAVE_CRL /* check CRL if enabled, WOLFSSL_SUCCESS */ @@ -6981,6 +6983,7 @@ int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb) } #endif +#ifndef NO_FILESYSTEM int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path, int type, int monitor) { @@ -6997,6 +7000,7 @@ int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path, return LoadCRL(cm->crl, path, type, monitor); } +#endif int wolfSSL_EnableCRL(WOLFSSL* ssl, int options) { @@ -7017,6 +7021,7 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl) return BAD_FUNC_ARG; } +#ifndef NO_FILESYSTEM int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor) { WOLFSSL_ENTER("wolfSSL_LoadCRL"); @@ -7025,6 +7030,7 @@ int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor) else return BAD_FUNC_ARG; } +#endif int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb) @@ -7067,6 +7073,7 @@ int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx) } +#ifndef NO_FILESYSTEM int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monitor) { @@ -7076,6 +7083,7 @@ int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, else return BAD_FUNC_ARG; } +#endif int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb) @@ -7102,6 +7110,9 @@ int wolfSSL_CTX_SetCRL_IOCb(WOLFSSL_CTX* ctx, CbCrlIO cb) #endif /* HAVE_CRL */ +#ifndef NO_FILESYSTEM + + #ifdef WOLFSSL_DER_LOAD /* Add format parameter to allow DER load of CA files */ @@ -7154,6 +7165,9 @@ int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, } +#endif /* NO_FILESYSTEM */ + + /* Sets the max chain depth when verifying a certificate chain. Default depth * is set to MAX_CHAIN_DEPTH. * @@ -7200,6 +7214,9 @@ long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx) } +#ifndef NO_FILESYSTEM + + WOLFSSL_ABI int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX* ctx, const char* file) { @@ -7374,6 +7391,8 @@ int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx) #endif /* !NO_CHECK_PRIVATE_KEY */ #ifdef OPENSSL_EXTRA + +#ifndef NO_BIO /* put SSL type in extra for now, not very common */ /* Converts a DER format key read from "bio" to a PKCS8 structure. @@ -7481,6 +7500,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio, return pkey; } +#endif /* !NO_BIO */ + /* Converts a DER encoded public key to a WOLFSSL_EVP_PKEY structure. @@ -8607,6 +8628,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) return ext; } +#ifndef NO_BIO /* Return 0 on success and 1 on failure. Copies ext data to bio, using indent * to pad the output. flag is ignored. */ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext, @@ -8711,6 +8733,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext, return rc; } +#endif /* !NO_BIO */ /* Returns crit flag in X509_EXTENSION object */ int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex) @@ -14450,6 +14473,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #ifdef OPENSSL_EXTRA +#ifndef NO_BIO void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr) { WOLFSSL_ENTER("wolfSSL_set_bio"); @@ -14503,7 +14527,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) BIO_set_retry_read(wr); } } -#endif +#endif /* !NO_BIO */ +#endif /* OPENSSL_EXTRA */ #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_WEBSERVER) void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx, @@ -14600,6 +14625,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #endif #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) +#ifndef NO_BIO #if !defined(NO_RSA) && !defined(NO_CERTS) WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname) { @@ -14670,7 +14696,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #endif } #endif -#endif +#endif /* !NO_BIO */ +#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ #ifdef OPENSSL_EXTRA #if !defined(NO_RSA) && !defined(NO_CERTS) @@ -15128,6 +15155,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #endif /* WOLFSSL_QT || OPENSSL_ALL */ #endif /* !NO_CERTS */ +#ifndef NO_BIO WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_md(void) { static WOLFSSL_BIO_METHOD meth; @@ -15464,6 +15492,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return top; } +#endif /* !NO_BIO */ #endif /* OPENSSL_EXTRA */ #ifdef WOLFSSL_ENCRYPTED_KEYS @@ -15574,6 +15603,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) } #if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) +#ifndef NO_BIO /* print out and clear all errors */ void wolfSSL_ERR_print_errors(WOLFSSL_BIO* bio) { @@ -15601,6 +15631,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) } } while (ret >= 0); } +#endif /* !NO_BIO */ #endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */ #endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ @@ -20961,6 +20992,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) } #endif +#ifndef NO_BIO #ifdef XSNPRINTF /* a snprintf function needs to be available */ /* Writes the human readable form of x509 to bio. * @@ -21650,6 +21682,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b) } #endif /* XSNPRINTF */ +#endif /* !NO_BIO */ #endif /* OPENSSL_EXTRA */ #endif /* !NO_CERTS */ @@ -22094,6 +22127,8 @@ void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4) #endif /* NO_MD4 */ +#ifndef NO_BIO + /* Removes a WOLFSSL_BIO struct from the WOLFSSL_BIO linked list. * * bio is the WOLFSSL_BIO struct in the list and removed. @@ -22209,6 +22244,8 @@ void *wolfSSL_BIO_get_ex_data(WOLFSSL_BIO *bio, int idx) return NULL; } +#endif /* !NO_BIO */ + #ifndef NO_WOLFSSL_STUB void wolfSSL_RAND_screen(void) { @@ -22439,6 +22476,7 @@ WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE* store, #ifndef NO_CERTS +#ifndef NO_BIO /* Converts the X509 to DER format and outputs it into bio. * * bio is the structure to hold output DER @@ -22465,6 +22503,7 @@ int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509) return WOLFSSL_FAILURE; } +#endif /* !NO_BIO */ /* Converts an internal structure to a DER buffer @@ -22509,6 +22548,7 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out) } +#ifndef NO_BIO /* Converts the DER from bio and creates a WOLFSSL_X509 structure from it. * * bio is the structure holding DER @@ -22548,9 +22588,11 @@ WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509) return localX509; } +#endif /* !NO_BIO */ #if !defined(NO_ASN) && !defined(NO_PWDBASED) +#ifndef NO_BIO WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, WC_PKCS12** pkcs12) { WC_PKCS12* localPkcs12 = NULL; @@ -22630,6 +22672,7 @@ int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12) return ret; } +#endif /* !NO_BIO */ /* Copies unencrypted DER key buffer into "der". If "der" is null then the size * of buffer needed is returned. If *der == NULL then it allocates a buffer. @@ -24160,6 +24203,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509* x509) #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) #ifndef NO_ASN_TIME +#ifndef NO_BIO int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime) { char buf[MAX_TIME_STRING_SZ]; @@ -24186,6 +24230,7 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime) return ret; } +#endif /* !NO_BIO */ char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len) { @@ -25790,6 +25835,7 @@ WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a) } #endif +#ifndef NO_BIO /* Return number of bytes written to BIO on success. 0 on failure. */ WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a) @@ -25831,6 +25877,7 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, return WOLFSSL_FAILURE; } +#endif /* !NO_BIO */ /* Returns object data for an ASN1_OBJECT */ /* If pp is NULL then only the size is returned */ @@ -26930,6 +26977,8 @@ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out, #endif #endif +#ifndef NO_BIO + #if !defined(NO_FILESYSTEM) && defined (OPENSSL_EXTRA) /* returns amount printed on success, negative in fail case */ int wolfSSL_BIO_vprintf(WOLFSSL_BIO* bio, const char* format, va_list args) @@ -27065,6 +27114,8 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a) return wolfSSL_ASN1_TIME_print(bio, a); } +#endif /* !NO_BIO */ + /* Checks the ASN1 syntax of "a" * returns WOLFSSL_SUCCESS (1) if correct otherwise WOLFSSL_FAILURE (0) */ int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a) @@ -27103,6 +27154,8 @@ WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_ } #endif /* !NO_WOLFSSL_STUB */ +#ifndef NO_BIO + /* Return the month as a string. * * n The number of the month as a two characters (1 based). @@ -27149,6 +27202,7 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio, return 0; } +#endif /* !NO_BIO */ void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time) { @@ -31768,6 +31822,7 @@ static int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey) #endif #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) +#ifndef NO_BIO #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && !defined(NO_RSA) /* Takes a WOLFSSL_RSA key and writes it out to a WOLFSSL_BIO @@ -32052,6 +32107,7 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key, return WOLFSSL_SUCCESS; } +#endif /* !NO_BIO */ #endif /* defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) */ #if (defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)) && \ @@ -34599,6 +34655,8 @@ int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY *x) } #endif +#ifndef NO_BIO + /* Uses the same format of input as wolfSSL_PEM_read_bio_PrivateKey but expects * the results to be an EC key. * @@ -34667,9 +34725,11 @@ WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_ECPrivateKey(WOLFSSL_BIO* bio, wolfSSL_EVP_PKEY_free(pkey); return local; } +#endif /* !NO_BIO */ #endif /* NO_FILESYSTEM */ #if defined(WOLFSSL_KEY_GEN) +#ifndef NO_BIO /* Takes a public WOLFSSL_EC_KEY and writes it out to WOLFSSL_BIO * Returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE */ @@ -34808,6 +34868,8 @@ int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec, return ret; } +#endif /* !NO_BIO */ + /* return code compliant with OpenSSL : * 1 if success, 0 if error */ @@ -34978,6 +35040,7 @@ int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *ecc, #ifndef NO_DSA #if defined(WOLFSSL_KEY_GEN) +#ifndef NO_BIO /* Takes a DSA Privatekey and writes it out to a WOLFSSL_BIO * Returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE @@ -35117,6 +35180,7 @@ int wolfSSL_PEM_write_bio_DSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa) return ret; } #endif /* HAVE_SELFTEST */ +#endif /* !NO_BIO */ /* return code compliant with OpenSSL : * 1 if success, 0 if error @@ -35301,6 +35365,8 @@ int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x) #endif /* #ifndef NO_DSA */ +#ifndef NO_BIO + static int pem_read_bio_key(WOLFSSL_BIO* bio, pem_password_cb* cb, void* pass, int keyType, int* eccFlag, DerBuffer** der) { @@ -35655,6 +35721,8 @@ WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio, } #endif /* HAVE_ECC */ +#endif /* !NO_BIO */ + #if !defined(NO_FILESYSTEM) WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x, pem_password_cb *cb, void *u) @@ -35672,6 +35740,7 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x, #ifndef NO_RSA +#ifndef NO_BIO #if defined(XSNPRINTF) && !defined(HAVE_FAST_RSA) /* snprintf() must be available */ @@ -35844,6 +35913,7 @@ int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset) } #endif /* XSNPRINTF */ +#endif /* !NO_BIO */ #if !defined(NO_FILESYSTEM) #ifndef NO_WOLFSSL_STUB @@ -37970,6 +38040,8 @@ cleanup: } +#ifndef NO_BIO + WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, pem_password_cb *cb, void *u) { @@ -38095,6 +38167,8 @@ err: #endif } +#endif /* !NO_BIO */ + #if !defined(NO_FILESYSTEM) static void* wolfSSL_PEM_read_X509_ex(XFILE fp, void **x, pem_password_cb *cb, void *u, int type) @@ -38198,6 +38272,7 @@ err: } #endif +#ifndef NO_BIO int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509* x) { int ret; @@ -38222,6 +38297,7 @@ err: return ret; } +#endif /* !NO_BIO */ #endif /* !NO_FILESYSTEM */ #define PEM_BEGIN "-----BEGIN " @@ -38234,6 +38310,8 @@ err: #define PEM_HDR_FIN_EOL_NULL_TERM "-----\0" #define PEM_HDR_FIN_EOL_SZ 6 +#ifndef NO_BIO + int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header, unsigned char **data, long *len) { @@ -38520,6 +38598,7 @@ err: return ret; } #endif +#endif /* !NO_BIO */ int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, EncryptedInfo* cipher) { @@ -38561,6 +38640,7 @@ err: return ret; } +#ifndef NO_BIO /* * bp : bio to read X509 from * x : x509 to write to @@ -38579,10 +38659,13 @@ err: * root CA. */ return wolfSSL_PEM_read_bio_X509(bp, x, cb, u); } +#endif /* !NO_BIO */ #endif /* OPENSSL_EXTRA || OPENSSL_ALL */ #ifdef OPENSSL_ALL + +#ifndef NO_BIO /* create and return a new WOLFSSL_X509_PKEY structure or NULL on failure */ static WOLFSSL_X509_PKEY* wolfSSL_X509_PKEY_new(void* heap) { @@ -38613,6 +38696,7 @@ err: } return WOLFSSL_SUCCESS; } +#endif /* !NO_BIO */ /* free up all memory used by "xPkey" passed in */ @@ -38625,6 +38709,8 @@ err: } +#ifndef NO_BIO + /* Takes control of x509 on success * helper function to break out code needed to set WOLFSSL_X509_INFO up * free's "info" passed in if is not defaults @@ -38717,6 +38803,7 @@ err: WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", ret); return localSk; } +#endif /* !NO_BIO */ #endif /* OPENSSL_ALL */ void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne) @@ -39535,6 +39622,7 @@ err: return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; } +#ifndef NO_BIO int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name) { #ifndef NO_FILESYSTEM XFILE fp; @@ -39563,6 +39651,7 @@ err: return WOLFSSL_NOT_IMPLEMENTED; #endif } +#endif /* Return the corresponding short name for the nid . * or NULL if short name can't be found. @@ -39897,16 +39986,6 @@ err: return WOLFSSL_SUCCESS; } - - WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( - WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk) - { - (void) sk; - WOLFSSL_ENTER("wolfSSL_dup_CA_list"); - WOLFSSL_STUB("SSL_dup_CA_list"); - - return NULL; - } #endif /* wolfSSL uses negative values for error states. This function returns an @@ -39962,7 +40041,8 @@ int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey) #endif /* OPENSSL_EXTRA */ -#if (defined(OPENSSL_EXTRA) && defined(HAVE_EX_DATA)) || defined(FORTRESS) || \ +#if ((defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && defined(HAVE_EX_DATA)) || \ + defined(FORTRESS) || \ defined(WOLFSSL_WPAS_SMALL) void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int idx) { @@ -40031,9 +40111,9 @@ int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX* ctx, int idx, void* data) return WOLFSSL_FAILURE; } -#endif /* (OPENSSL_EXTRA && HAVE_EX_DATA) || FORTRESS || WOLFSSL_WPAS_SMALL */ +#endif /* ((OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && HAVE_EX_DATA) || FORTRESS || WOLFSSL_WPAS_SMALL */ -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) /* Returns char* to app data stored in ex[0]. * @@ -40061,9 +40141,10 @@ int wolfSSL_set_app_data(WOLFSSL *ssl, void* arg) { return wolfSSL_set_ex_data(ssl, 0, arg); } -#endif /* OPENSSL_EXTRA */ +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */ -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ + defined(WOLFSSL_WPAS_SMALL) int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data) { @@ -40097,11 +40178,12 @@ void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx) return 0; } -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ #ifdef OPENSSL_EXTRA #ifndef NO_DSA +#ifndef NO_BIO WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, pem_password_cb *cb, void *u) { @@ -40196,6 +40278,7 @@ WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x, FreeDer(&pDer); return dsa; } +#endif /* !NO_BIO */ #endif /* NO_DSA */ #endif /* OPENSSL_EXTRA */ #endif /* WOLFCRYPT_ONLY */ @@ -40277,6 +40360,7 @@ void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf) #if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \ || defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) +#ifndef NO_BIO WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode) { #ifndef NO_FILESYSTEM @@ -40331,9 +40415,11 @@ WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int close_flag) return bio; } #endif +#endif /* !NO_BIO */ #ifndef NO_DH +#ifndef NO_BIO #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bio, WOLFSSL_DH **x, pem_password_cb *cb, void *u) @@ -40465,6 +40551,7 @@ end: #endif } #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ +#endif /* !NO_BIO */ #ifndef NO_FILESYSTEM #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) @@ -40821,6 +40908,8 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh) #endif /* !NO_FILESYSTEM */ #endif /* !NO_DH */ +#ifndef NO_BIO + #ifdef WOLFSSL_CERT_GEN #ifdef WOLFSSL_CERT_REQ @@ -40966,6 +41055,8 @@ int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert) return WOLFSSL_SUCCESS; } +#endif /* !NO_BIO */ + #if defined(OPENSSL_EXTRA) && !defined(NO_DH) /* Initialize ctx->dh with dh's params. Return WOLFSSL_SUCCESS on ok */ @@ -41222,6 +41313,8 @@ VerifyCallback wolfSSL_get_verify_callback(WOLFSSL* ssl) return NULL; } +#ifndef NO_BIO + /* Creates a new bio pair. Returns WOLFSSL_SUCCESS if no error, WOLFSSL_FAILURE otherwise.*/ int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO **bio1_p, size_t writebuf1, @@ -41372,6 +41465,8 @@ WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out) } #endif +#endif /* !NO_BIO */ + /* Adds the ASN1 certificate to the user ctx. Returns WOLFSSL_SUCCESS if no error, returns WOLFSSL_FAILURE otherwise.*/ @@ -41432,6 +41527,7 @@ int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa) #endif /* NO_RSA && !HAVE_FAST_RSA */ +#ifndef NO_BIO /* Converts EVP_PKEY data from a bio buffer to a WOLFSSL_EVP_PKEY structure. Returns pointer to private EVP_PKEY struct upon success, NULL if there is a failure.*/ @@ -41511,6 +41607,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO* bio, XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); return key; } +#endif /* !NO_BIO */ /* Converts a DER encoded private key to a WOLFSSL_EVP_PKEY structure. @@ -42038,6 +42135,38 @@ WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new(wolf_sk_compare_cb cb return sk; } + +/* Creates a duplicate of WOLF_STACK_OF(WOLFSSL_X509_NAME). + * Returns a new WOLF_STACK_OF(WOLFSSL_X509_NAME) or NULL on failure */ +WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( + WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) +{ + int i; + const int num = wolfSSL_sk_X509_NAME_num(sk); + WOLF_STACK_OF(WOLFSSL_X509_NAME) *copy; + WOLFSSL_X509_NAME *name; + + WOLFSSL_ENTER("wolfSSL_dup_CA_list"); + + copy = wolfSSL_sk_X509_NAME_new(NULL); + if (copy == NULL) { + WOLFSSL_MSG("Memory error"); + return NULL; + } + + for (i = 0; i < num; i++) { + name = wolfSSL_X509_NAME_dup(wolfSSL_sk_X509_NAME_value(sk, i)); + if (name == NULL || 0 != wolfSSL_sk_X509_NAME_push(copy, name)) { + WOLFSSL_MSG("Memory error"); + wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free); + return NULL; + } + } + + return copy; +} + + int wolfSSL_sk_X509_NAME_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk, WOLFSSL_X509_NAME* name) { @@ -42234,6 +42363,8 @@ void wolfSSL_sk_X509_NAME_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk) XFREE(sk, sk->heap, DYNAMIC_TYPE_OPENSSL); } +#ifndef NO_BIO + #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) /* Helper function for X509_NAME_print_ex. Sets *buf to string for domain name attribute based on NID. Returns size of buf */ @@ -42358,6 +42489,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name, return WOLFSSL_SUCCESS; } +#endif /* !NO_BIO */ #ifndef NO_WOLFSSL_STUB WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(const WOLFSSL_X509* x) @@ -42493,10 +42625,12 @@ int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg) return WOLFSSL_FAILURE; } +#ifndef NO_BIO void wolfSSL_ERR_load_BIO_strings(void) { WOLFSSL_ENTER("ERR_load_BIO_strings"); /* do nothing */ } +#endif #ifndef NO_WOLFSSL_STUB void wolfSSL_THREADID_set_callback(void(*threadid_func)(void*)) @@ -42628,6 +42762,8 @@ const byte* wolfSSL_SESSION_get_id(WOLFSSL_SESSION* sess, unsigned int* idLen) #if (defined(HAVE_SESSION_TICKET) || defined(SESSION_CERTS)) && \ !defined(NO_FILESYSTEM) +#ifndef NO_BIO + #if defined(SESSION_CERTS) || \ (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) /* returns a pointer to the protocol used by the session */ @@ -42805,6 +42941,8 @@ int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *x) return WOLFSSL_SUCCESS; } + +#endif /* !NO_BIO */ #endif /* (HAVE_SESSION_TICKET || SESSION_CERTS) && !NO_FILESYSTEM */ #endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ @@ -43733,7 +43871,8 @@ int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, void *b, void *c) } #endif -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ + defined(WOLFSSL_WPAS_SMALL) #if defined(HAVE_EX_DATA) || defined(FORTRESS) void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx) { @@ -43795,7 +43934,7 @@ int wolfSSL_X509_set_ex_data(X509 *x509, int idx, void *data) #endif return WOLFSSL_FAILURE; } -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ #ifndef NO_ASN @@ -44056,6 +44195,7 @@ WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *ssl) #endif /* NO_SESSION_CACHE */ +#ifndef NO_BIO int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) { static char num[16] = { '0', '1', '2', '3', '4', '5', '6', '7', @@ -44113,6 +44253,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) /* Two nibbles written for each byte. */ return len * 2; } +#endif /* !NO_BIO */ #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) @@ -44559,7 +44700,8 @@ WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x) #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ + defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) #ifdef HAVE_ALPN void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data, unsigned int *len) @@ -44843,6 +44985,7 @@ int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p, #ifdef HAVE_ALPN +#ifndef NO_BIO /* Sets the ALPN extension protos * * example format is @@ -44900,13 +45043,16 @@ int wolfSSL_set_alpn_protos(WOLFSSL* ssl, wolfSSL_BIO_free(bio); return WOLFSSL_SUCCESS; } +#endif /* !NO_BIO */ #endif /* HAVE_ALPN */ #endif #if defined(OPENSSL_EXTRA) +#ifndef NO_BIO #define WOLFSSL_BIO_INCLUDED #include "src/bio.c" +#endif int oid2nid(word32 oid, int grp) { @@ -46858,6 +47004,7 @@ WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM *r, } #endif /* OPENSSL_EXTRA */ #if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_ASN) +#ifndef NO_BIO static int unprintable_char(char c) { const unsigned char last_unprintable = 31; @@ -46890,6 +47037,7 @@ int wolfSSL_ASN1_STRING_print(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str) return str->length; } +#endif /* !NO_BIO */ #endif /* (WOLFSSL_QT || OPENSSL_ALL) && !NO_ASN */ #if defined(OPENSSL_EXTRA) @@ -46927,6 +47075,7 @@ const char *wolfSSL_ASN1_tag2str(int tag) return tag_label[tag]; } +#ifndef NO_BIO static int check_esc_char(char c, char *esc) { char *ptr; @@ -47057,6 +47206,7 @@ err_exit: XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } +#endif /* !NO_BIO */ #if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES) @@ -47831,6 +47981,8 @@ PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len) return (PKCS7*)pkcs7; } +#ifndef NO_BIO + PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7) { WOLFSSL_PKCS7* pkcs7; @@ -47901,6 +48053,8 @@ int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs, return WOLFSSL_SUCCESS; } +#endif /* !NO_BIO */ + WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* pkcs7, WOLFSSL_STACK* certs, int flags) { @@ -47940,6 +48094,7 @@ WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* pkcs7, WOLFSSL_STACK* certs, return signers; } +#ifndef NO_BIO /****************************************************************************** * wolfSSL_PEM_write_bio_PKCS7 - writes the PKCS7 data to BIO * @@ -48062,6 +48217,7 @@ error: } return WOLFSSL_FAILURE; } +#endif /* !NO_BIO */ #endif /* OPENSSL_ALL && HAVE_PKCS7 */ #if defined(OPENSSL_EXTRA) @@ -48079,6 +48235,7 @@ WOLFSSL_STACK* wolfSSL_sk_X509_new(void) #endif #ifdef OPENSSL_ALL +#ifndef NO_BIO int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* pkey, const WOLFSSL_EVP_CIPHER* enc, @@ -48333,6 +48490,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio, return key; } +#endif /* !NO_BIO */ + /* Detect which type of key it is before decoding. */ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey, const unsigned char** pp, diff --git a/src/wolfio.c b/src/wolfio.c index 0958e47f5..17878a527 100644 --- a/src/wolfio.c +++ b/src/wolfio.c @@ -107,6 +107,7 @@ static WC_INLINE int wolfSSL_LastError(int err) #ifdef OPENSSL_EXTRA +#ifndef NO_BIO /* Use the WOLFSSL read BIO for receiving data. This is set by the function * wolfSSL_set_bio and can also be set by wolfSSL_CTX_SetIORecv. * @@ -208,7 +209,8 @@ int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx) return sent; } -#endif +#endif /* !NO_BIO */ +#endif /* OPENSSL_EXTRA */ #ifdef USE_WOLFSSL_IO diff --git a/tests/api.c b/tests/api.c index ddfdbe7b8..6da9dc22d 100644 --- a/tests/api.c +++ b/tests/api.c @@ -2093,6 +2093,7 @@ static void test_wolfSSL_EC(void) } #endif /* OPENSSL_EXTRA && ( !HAVE_FIPS || HAVE_FIPS_VERSION > 2) */ +#ifndef NO_BIO static void test_wolfSSL_PEM_read_bio_ECPKParameters(void) { #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) @@ -2107,6 +2108,7 @@ static void test_wolfSSL_PEM_read_bio_ECPKParameters(void) BIO_free(bio); #endif /* HAVE_ECC */ } +#endif /* !NO_BIO */ # if defined(OPENSSL_EXTRA) static void test_wolfSSL_ECDSA_SIG(void) @@ -4767,7 +4769,9 @@ static void test_wolfSSL_X509_NAME_get_entry(void) int idx; ASN1_OBJECT *object = NULL; #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#ifndef NO_BIO BIO* bio; +#endif #endif #ifndef NO_FILESYSTEM @@ -4792,10 +4796,12 @@ static void test_wolfSSL_X509_NAME_get_entry(void) AssertIntGE(idx, 0); #if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#ifndef NO_BIO AssertNotNull(bio = BIO_new(BIO_s_mem())); AssertIntEQ(X509_NAME_print_ex(bio, name, 4, (XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS); BIO_free(bio); +#endif #endif ne = X509_NAME_get_entry(name, idx); @@ -24806,6 +24812,7 @@ static void test_wolfSSL_X509_NAME(void) #endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */ } +#ifndef NO_BIO static void test_wolfSSL_X509_INFO(void) { #if defined(OPENSSL_ALL) @@ -24834,6 +24841,7 @@ static void test_wolfSSL_X509_INFO(void) printf(resultFmt, passed); #endif } +#endif static void test_wolfSSL_X509_subject_name_hash(void) { @@ -25388,7 +25396,7 @@ static void test_wolfSSL_ASN1_TIME_print(void) static void test_wolfSSL_ASN1_UTCTIME_print(void) { -#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) +#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO) BIO* bio; ASN1_UTCTIME* utc = NULL; unsigned char buf[25]; @@ -25429,7 +25437,7 @@ static void test_wolfSSL_ASN1_UTCTIME_print(void) BIO_free(bio); printf(resultFmt, passed); -#endif /* OPENSSL_EXTRA && !NO_ASN_TIME */ +#endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */ } @@ -25654,10 +25662,14 @@ static void test_wolfSSL_PEM_PrivateKey(void) #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048) +#ifndef NO_BIO BIO* bio = NULL; +#endif EVP_PKEY* pkey = NULL; const unsigned char* server_key = (const unsigned char*)server_key_der_2048; +#ifndef NO_BIO + /* test creating new EVP_PKEY with bad arg */ AssertNull((pkey = PEM_read_bio_PrivateKey(NULL, NULL, NULL, NULL))); @@ -25830,6 +25842,8 @@ static void test_wolfSSL_PEM_PrivateKey(void) } #endif /* !defined(NO_DES3) */ +#endif /* !NO_BIO */ + #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) { unsigned char buf[2048]; @@ -25871,13 +25885,16 @@ static void test_wolfSSL_PEM_PrivateKey(void) printf(resultFmt, passed); +#ifndef NO_BIO (void)bio; +#endif (void)pkey; (void)server_key; #endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 */ } +#ifndef NO_BIO static void test_wolfSSL_PEM_bio_RSAKey(void) { #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \ @@ -26110,6 +26127,8 @@ static void test_wolfSSL_PEM_PUBKEY(void) #endif } +#endif /* !NO_BIO */ + static void test_DSA_do_sign_verify(void) { #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) @@ -26164,7 +26183,7 @@ static void test_DSA_do_sign_verify(void) static void test_wolfSSL_tmp_dh(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ - !defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) + !defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO) byte buffer[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f; @@ -26219,7 +26238,7 @@ static void test_wolfSSL_tmp_dh(void) static void test_wolfSSL_ctrl(void) { -#if defined (OPENSSL_EXTRA) +#if defined (OPENSSL_EXTRA) && !defined(NO_BIO) byte buff[6000]; BIO* bio; int bytes; @@ -26241,7 +26260,7 @@ static void test_wolfSSL_ctrl(void) BIO_free(bio); printf(resultFmt, passed); -#endif /* defined(OPENSSL_EXTRA) */ +#endif /* defined(OPENSSL_EXTRA) && !defined(NO_BIO) */ } @@ -27244,7 +27263,7 @@ static void test_wolfSSL_X509_STORE_CTX_get0_store(void) static void test_wolfSSL_CTX_set_client_CA_list(void) { #if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \ - !defined(NO_WOLFSSL_CLIENT) + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO) WOLFSSL_CTX* ctx; X509_NAME* name = NULL; STACK_OF(X509_NAME)* names = NULL; @@ -27266,7 +27285,7 @@ static void test_wolfSSL_CTX_set_client_CA_list(void) wolfSSL_CTX_free(ctx); printf(resultFmt, passed); -#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */ +#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT && !NO_BIO */ } static void test_wolfSSL_CTX_add_client_CA(void) @@ -28173,6 +28192,8 @@ static void test_wolfSSL_set_tlsext_status_type(void){ #endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST && !NO_RSA */ } +#ifndef NO_BIO + static void test_wolfSSL_PEM_read_bio(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ @@ -28447,6 +28468,8 @@ static void test_wolfSSL_BIO(void) #endif } +#endif /* !NO_BIO */ + static void test_wolfSSL_ASN1_STRING(void) { @@ -28667,9 +28690,11 @@ static void test_wolfSSL_X509(void) #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM)\ && !defined(NO_RSA) X509* x509; +#ifndef NO_BIO BIO* bio; X509_STORE_CTX* ctx; X509_STORE* store; +#endif char der[] = "certs/ca-cert.der"; XFILE fp; @@ -28679,6 +28704,7 @@ static void test_wolfSSL_X509(void) AssertNotNull(x509 = X509_new()); X509_free(x509); +#ifndef NO_BIO x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM); AssertNotNull(bio = BIO_new(BIO_s_mem())); @@ -28699,6 +28725,7 @@ static void test_wolfSSL_X509(void) X509_STORE_free(store); X509_free(x509); BIO_free(bio); +#endif /** d2i_X509_fp test **/ fp = XFOPEN(der, "rb"); @@ -29156,6 +29183,7 @@ static void test_wolfSSL_pseudo_rand(void) static void test_wolfSSL_PKCS8_Compat(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) + #ifndef NO_BIO PKCS8_PRIV_KEY_INFO* pt; BIO* bio; XFILE f; @@ -29176,6 +29204,7 @@ static void test_wolfSSL_PKCS8_Compat(void) printf(resultFmt, passed); #endif + #endif } static void test_wolfSSL_PKCS8_d2i(void) @@ -29191,8 +29220,10 @@ static void test_wolfSSL_PKCS8_d2i(void) const unsigned char* p; int bytes; XFILE file; +#ifndef NO_BIO BIO* bio; WOLFSSL_EVP_PKEY* evpPkey = NULL; +#endif #endif #ifndef NO_RSA #ifndef NO_FILESYSTEM @@ -29227,7 +29258,9 @@ static void test_wolfSSL_PKCS8_d2i(void) (void)p; (void)bytes; (void)file; +#ifndef NO_BIO (void)bio; +#endif #endif #ifndef NO_RSA @@ -29257,6 +29290,7 @@ static void test_wolfSSL_PKCS8_d2i(void) AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); XFCLOSE(file); +#ifndef NO_BIO AssertNotNull(bio = BIO_new(BIO_s_mem())); /* Write PKCS#8 PEM to BIO. */ AssertIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL, @@ -29276,6 +29310,7 @@ static void test_wolfSSL_PKCS8_d2i(void) wolfSSL_EVP_PKEY_free(evpPkey); BIO_free(bio); #endif +#endif /* !NO_BIO */ wolfSSL_EVP_PKEY_free(pkey); /* PKCS#8 encrypted RSA key */ @@ -29285,11 +29320,13 @@ static void test_wolfSSL_PKCS8_d2i(void) AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); XFCLOSE(file); +#ifndef NO_BIO AssertNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes)); AssertNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack, (void*)"yassl123")); wolfSSL_EVP_PKEY_free(pkey); BIO_free(bio); +#endif #endif #endif #ifdef HAVE_ECC @@ -29308,6 +29345,7 @@ static void test_wolfSSL_PKCS8_d2i(void) AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); XFCLOSE(file); +#ifndef NO_BIO AssertNotNull(bio = BIO_new(BIO_s_mem())); /* Write PKCS#8 PEM to BIO. */ AssertIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL, @@ -29325,6 +29363,7 @@ static void test_wolfSSL_PKCS8_d2i(void) (void*)"yassl123")); wolfSSL_EVP_PKEY_free(evpPkey); BIO_free(bio); +#endif wolfSSL_EVP_PKEY_free(pkey); /* PKCS#8 encrypted EC key */ @@ -29334,11 +29373,13 @@ static void test_wolfSSL_PKCS8_d2i(void) AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer), file)), 0); XFCLOSE(file); +#ifndef NO_BIO AssertNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes)); AssertNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack, (void*)"yassl123")); wolfSSL_EVP_PKEY_free(pkey); BIO_free(bio); +#endif #endif #endif #endif @@ -29413,6 +29454,8 @@ static void test_wolfSSL_ERR_put_error(void) } +#ifndef NO_BIO + static void test_wolfSSL_ERR_print_errors(void) { #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \ @@ -29597,6 +29640,8 @@ static int test_wolfSSL_GetLoggingCb (void) return ret; }/*End test_wolfSSL_GetLoggingCb*/ +#endif /* !NO_BIO */ + #if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \ defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \ defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3)) @@ -29797,7 +29842,7 @@ static void test_wolfSSL_OBJ(void) static void test_wolfSSL_i2a_ASN1_OBJECT(void) { -#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) +#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO) ASN1_OBJECT *obj = NULL; BIO *bio = NULL; @@ -29937,7 +29982,9 @@ static void test_wolfSSL_X509_NAME_ENTRY(void) #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) X509* x509; +#ifndef NO_BIO BIO* bio; +#endif X509_NAME* nm; X509_NAME_ENTRY* entry; unsigned char cn[] = "another name to add"; @@ -29947,20 +29994,26 @@ static void test_wolfSSL_X509_NAME_ENTRY(void) AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); +#ifndef NO_BIO AssertNotNull(bio = BIO_new(BIO_s_mem())); AssertIntEQ(PEM_write_bio_X509_AUX(bio, x509), SSL_SUCCESS); +#endif #ifdef WOLFSSL_CERT_REQ { X509_REQ* req; +#ifndef NO_BIO BIO* bReq; +#endif AssertNotNull(req = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM)); +#ifndef NO_BIO AssertNotNull(bReq = BIO_new(BIO_s_mem())); AssertIntEQ(PEM_write_bio_X509_REQ(bReq, req), SSL_SUCCESS); BIO_free(bReq); +#endif X509_free(req); } #endif @@ -29994,7 +30047,9 @@ static void test_wolfSSL_X509_NAME_ENTRY(void) AssertIntEQ(X509_NAME_add_entry_by_NID(nm, NID_commonName, MBSTRING_UTF8, cn, -1, -1, 0), WOLFSSL_SUCCESS); +#ifndef NO_BIO BIO_free(bio); +#endif X509_free(x509); /* free's nm */ printf(resultFmt, passed); @@ -30169,6 +30224,8 @@ static void test_wolfSSL_X509_set_version(void) #endif } +#ifndef NO_BIO + static void test_wolfSSL_BIO_gets(void) { #if defined(OPENSSL_EXTRA) @@ -30620,6 +30677,8 @@ static void test_wolfSSL_BIO_f_md(void) #endif } +#endif /* !NO_BIO */ + static void test_wolfSSL_SESSION(void) { @@ -30790,6 +30849,8 @@ static void test_wolfSSL_SESSION(void) } +#ifndef NO_BIO + static void test_wolfSSL_d2i_PUBKEY(void) { #if defined(OPENSSL_EXTRA) @@ -30946,6 +31007,8 @@ static void test_wolfSSL_d2i_PrivateKeys_bio(void) } #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ +#endif /* !NO_BIO */ + static void test_wolfSSL_sk_GENERAL_NAME(void) { @@ -31630,6 +31693,7 @@ static void test_wolfSSL_PEM_write_DHparams(void) #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #if defined(OPENSSL_EXTRA) && !defined(NO_DH) && !defined(NO_FILESYSTEM) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) +#ifndef NO_BIO DH* dh; BIO* bio; XFILE fp; @@ -31669,6 +31733,7 @@ tgZl96bcAGdru8OpQYP7x/rI4h5+rwA/kwIBAg==\n\ XFCLOSE(fp); printf(resultFmt, passed); +#endif /* !NO_BIO */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_ALL || OPENSSL_QT */ #endif @@ -31848,6 +31913,7 @@ static void test_wolfSSL_OpenSSL_add_all_algorithms(void){ static void test_wolfSSL_ASN1_STRING_print_ex(void){ #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) +#ifndef NO_BIO ASN1_STRING* asn_str; const char data[] = "Hello wolfSSL!"; ASN1_STRING* esc_str; @@ -31922,6 +31988,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){ ASN1_STRING_free(esc_str); printf(resultFmt, passed); +#endif /* !NO_BIO */ #endif } @@ -33013,7 +33080,7 @@ static void test_wolfSSL_CTX_ctrl(void) char clientFile[] = "./certs/client-cert.pem"; SSL_CTX* ctx; X509* x509 = NULL; -#if !defined(NO_DH) && !defined(NO_DSA) +#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO) byte buf[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f; @@ -33036,7 +33103,7 @@ static void test_wolfSSL_CTX_ctrl(void) x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM); AssertNotNull(x509); -#if !defined(NO_DH) && !defined(NO_DSA) +#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO) /* Initialize DH */ f = XFOPEN(file, "rb"); AssertTrue((f != XBADFILE)); @@ -33121,7 +33188,7 @@ static void test_wolfSSL_CTX_ctrl(void) /* Test with SSL_CTRL_SET_TMP_DH * wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_dh */ -#if !defined(NO_DH) && !defined(NO_DSA) +#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO) AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,dh), SSL_SUCCESS); #endif @@ -33141,10 +33208,12 @@ static void test_wolfSSL_CTX_ctrl(void) /* Cleanup and Pass */ #if !defined(NO_DH) && !defined(NO_DSA) +#ifndef NO_BIO BIO_free(bio); DSA_free(dsa); DH_free(dh); #endif +#endif #ifdef HAVE_ECC wolfSSL_EC_KEY_free(ecKey); #endif @@ -33157,6 +33226,7 @@ static void test_wolfSSL_CTX_ctrl(void) static void test_wolfSSL_DH_check(void) { #if !defined(NO_DH) && !defined(NO_DSA) +#ifndef NO_BIO byte buf[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f; @@ -33218,6 +33288,7 @@ static void test_wolfSSL_DH_check(void) DSA_free(dsa); DH_free(dh); printf(resultFmt, passed); +#endif #endif /* !NO_DH && !NO_DSA */ } @@ -33673,7 +33744,7 @@ static void test_wolfSSL_X509_EXTENSION_get_critical(void) static void test_wolfSSL_X509V3_EXT_print(void) { -#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) +#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) && !defined(NO_BIO) printf(testingFmt, "wolfSSL_X509V3_EXT_print"); { @@ -34956,6 +35027,7 @@ static void test_wolfSSL_PKCS7_SIGNED_new(void) #endif } +#ifndef NO_BIO static void test_wolfSSL_PEM_write_bio_PKCS7(void) { #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) @@ -35053,6 +35125,7 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void) pkcs7->signedAttribs = NULL; pkcs7->signedAttribsSz = 0; +#ifndef NO_BIO AssertNotNull(bio = BIO_new(BIO_s_mem())); /* Write PKCS#7 PEM to BIO, the function converts the DER to PEM cert*/ AssertIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS); @@ -35062,6 +35135,7 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void) AssertIntGE(ret, 0); BIO_free(bio); +#endif wc_PKCS7_Free(pkcs7); wc_FreeRng(&rng); @@ -35069,6 +35143,7 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void) #endif } +#endif /* !NO_BIO */ /*----------------------------------------------------------------------------* | Certificate Failure Checks @@ -36217,7 +36292,9 @@ static void test_wolfSSL_X509_CRL(void) "./certs/crl/eccSrvCRL.pem", "" }; +#ifndef NO_BIO BIO *bio; +#endif #ifdef HAVE_TEST_d2i_X509_CRL_fp char der[][100] = { @@ -36247,6 +36324,7 @@ static void test_wolfSSL_X509_CRL(void) XFCLOSE(fp); } +#ifndef NO_BIO for (i = 0; pem[i][0] != '\0'; i++) { AssertNotNull(bio = BIO_new_file(pem[i], "r")); @@ -36254,6 +36332,7 @@ static void test_wolfSSL_X509_CRL(void) X509_CRL_free(crl); BIO_free(bio); } +#endif #ifdef HAVE_TEST_d2i_X509_CRL_fp for(i = 0; der[i][0] != '\0'; i++){ @@ -36297,7 +36376,7 @@ static void test_wolfSSL_PEM_read_X509(void) static void test_wolfSSL_PEM_read(void) { -#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) +#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO) const char* filename = "./certs/server-keyEnc.pem"; XFILE fp; char* name = NULL; @@ -36605,6 +36684,7 @@ static void test_wolfssl_EVP_aes_gcm(void) #endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */ } +#ifndef NO_BIO static void test_wolfSSL_PEM_X509_INFO_read_bio(void) { #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) @@ -36647,6 +36727,7 @@ static void test_wolfSSL_PEM_X509_INFO_read_bio(void) printf(resultFmt, passed); #endif } +#endif /* !NO_BIO */ static void test_wolfSSL_X509_NAME_ENTRY_get_object() { @@ -36964,6 +37045,8 @@ static int test_ForceZero(void) return 0; } +#ifndef NO_BIO + static void test_wolfSSL_X509_print() { #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ @@ -37001,7 +37084,7 @@ static void test_wolfSSL_RSA_print() { #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \ !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \ - !defined(HAVE_FAST_RSA) + !defined(HAVE_FAST_RSA) && !defined(NO_BIO) BIO *bio; WOLFSSL_RSA* rsa = NULL; printf(testingFmt, "wolfSSL_RSA_print"); @@ -37019,7 +37102,7 @@ static void test_wolfSSL_RSA_print() static void test_wolfSSL_BIO_get_len() { -#if defined(OPENSSL_EXTRA) +#if defined(OPENSSL_EXTRA) && !defined(NO_BIO) BIO *bio; const char txt[] = "Some example text to push to the BIO."; printf(testingFmt, "wolfSSL_BIO_get_len"); @@ -37090,10 +37173,13 @@ static void test_wolfSSL_ASN1_STRING_print(void){ #endif /* OPENSSL_EXTRA && !NO_ASN && !NO_CERTS */ } +#endif /* !NO_BIO */ + static void test_wolfSSL_RSA_verify() { #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && \ !defined(NO_FILESYSTEM) && defined(HAVE_CRL) +#ifndef NO_BIO XFILE fp; RSA *pKey, *pubKey; X509 *cert; @@ -37154,6 +37240,7 @@ static void test_wolfSSL_RSA_verify() XFREE(buf, NULL, DYNAMIC_TYPE_FILE); printf(resultFmt, passed); #endif +#endif } @@ -37761,7 +37848,9 @@ void ApiTest(void) /* compatibility tests */ test_wolfSSL_X509_NAME(); +#ifndef NO_BIO test_wolfSSL_X509_INFO(); +#endif test_wolfSSL_X509_subject_name_hash(); test_wolfSSL_X509_issuer_name_hash(); test_wolfSSL_X509_check_host(); @@ -37772,11 +37861,13 @@ void ApiTest(void) test_wolfSSL_ASN1_GENERALIZEDTIME_free(); test_wolfSSL_private_keys(); test_wolfSSL_PEM_PrivateKey(); +#ifndef NO_BIO test_wolfSSL_PEM_bio_RSAKey(); test_wolfSSL_PEM_bio_DSAKey(); test_wolfSSL_PEM_bio_ECKey(); test_wolfSSL_PEM_RSAPrivateKey(); test_wolfSSL_PEM_PUBKEY(); +#endif test_DSA_do_sign_verify(); test_wolfSSL_tmp_dh(); test_wolfSSL_ctrl(); @@ -37790,11 +37881,13 @@ void ApiTest(void) #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) test_wolfSSL_ERR_peek_last_error_line(); #endif +#ifndef NO_BIO test_wolfSSL_ERR_print_errors_cb(); AssertFalse(test_wolfSSL_GetLoggingCb()); AssertFalse(test_WOLFSSL_ERROR_MSG()); AssertFalse(test_wc_ERR_remove_state()); AssertFalse(test_wc_ERR_print_errors_fp()); +#endif test_wolfSSL_set_options(); test_wolfSSL_sk_SSL_CIPHER(); test_wolfSSL_X509_STORE_CTX(); @@ -37813,8 +37906,10 @@ void ApiTest(void) test_wolfSSL_X509_STORE(); test_wolfSSL_X509_STORE_load_locations(); test_wolfSSL_BN(); +#ifndef NO_BIO test_wolfSSL_PEM_read_bio(); test_wolfSSL_BIO(); +#endif test_wolfSSL_ASN1_STRING(); test_wolfSSL_ASN1_BIT_STRING(); test_wolfSSL_X509(); @@ -37838,7 +37933,9 @@ void ApiTest(void) test_wolfSSL_PKCS8_Compat(); test_wolfSSL_PKCS8_d2i(); test_wolfSSL_ERR_put_error(); +#ifndef NO_BIO test_wolfSSL_ERR_print_errors(); +#endif test_wolfSSL_HMAC(); test_wolfSSL_OBJ(); test_wolfSSL_i2a_ASN1_OBJECT(); @@ -37850,6 +37947,7 @@ void ApiTest(void) test_wolfSSL_X509_set_notAfter(); test_wolfSSL_X509_set_notBefore(); test_wolfSSL_X509_set_version(); +#ifndef NO_BIO test_wolfSSL_BIO_gets(); test_wolfSSL_BIO_puts(); test_wolfSSL_BIO_should_retry(); @@ -37857,6 +37955,7 @@ void ApiTest(void) test_wolfSSL_BIO_write(); test_wolfSSL_BIO_printf(); test_wolfSSL_BIO_f_md(); +#endif test_wolfSSL_SESSION(); test_wolfSSL_DES_ecb_encrypt(); test_wolfSSL_sk_GENERAL_NAME(); @@ -37877,8 +37976,10 @@ void ApiTest(void) test_wolfSSL_X509_CRL(); test_wolfSSL_PEM_read_X509(); test_wolfSSL_PEM_read(); +#ifndef NO_BIO test_wolfSSL_PEM_X509_INFO_read_bio(); test_wolfSSL_PEM_read_bio_ECPKParameters(); +#endif test_wolfSSL_X509_NAME_ENTRY_get_object(); test_wolfSSL_OpenSSL_add_all_algorithms(); test_wolfSSL_ASN1_STRING_print_ex(); @@ -37920,13 +38021,17 @@ void ApiTest(void) #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) AssertIntEQ(test_wolfSSL_CTX_use_certificate_ASN1(), WOLFSSL_SUCCESS); +#ifndef NO_BIO test_wolfSSL_d2i_PrivateKeys_bio(); +#endif #endif /* OPENSSL_ALL || WOLFSSL_ASIO */ test_wolfSSL_X509_CA_num(); test_wolfSSL_X509_get_version(); +#ifndef NO_BIO test_wolfSSL_X509_print(); test_wolfSSL_BIO_get_len(); +#endif test_wolfSSL_RSA_verify(); test_wolfSSL_X509V3_EXT_get(); test_wolfSSL_X509V3_EXT(); @@ -37939,8 +38044,10 @@ void ApiTest(void) test_wolfSSL_X509_EXTENSION_get_critical(); test_wolfSSL_X509V3_EXT_print(); test_wolfSSL_X509_cmp(); +#ifndef NO_BIO test_wolfSSL_RSA_print(); test_wolfSSL_ASN1_STRING_print(); +#endif test_openssl_generate_key_and_cert(); test_wolfSSL_EC_get_builtin_curves(); @@ -37967,7 +38074,9 @@ void ApiTest(void) /* OpenSSL PKCS7 API test */ test_wolfssl_PKCS7(); test_wolfSSL_PKCS7_SIGNED_new(); +#ifndef NO_BIO test_wolfSSL_PEM_write_bio_PKCS7(); +#endif /* wolfCrypt ASN tests */ test_wc_GetPkcs8TraditionalOffset(); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 7b524c43d..e0df1438b 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1713,7 +1713,7 @@ WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz); WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz); -#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl); #endif #ifdef WOLFSSL_TLS13 @@ -2648,7 +2648,7 @@ struct WOLFSSL_CTX { DerBuffer* certificate; DerBuffer* certChain; /* chain after self, in DER, with leading size for each cert */ - #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) + #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY) WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names; #endif #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \ @@ -2808,7 +2808,7 @@ struct WOLFSSL_CTX { #ifdef HAVE_EX_DATA WOLFSSL_CRYPTO_EX_DATA ex_data; #endif -#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) +#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)) CallbackALPNSelect alpnSelect; void* alpnSelectArg; #endif @@ -3633,7 +3633,7 @@ struct WOLFSSL_X509_NAME { WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */ WOLFSSL_X509* x509; /* x509 that struct belongs to */ #endif /* OPENSSL_EXTRA */ -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) byte raw[ASN_NAME_MAX]; int rawLen; #endif diff --git a/wolfssl/ocsp.h b/wolfssl/ocsp.h index 5159d4c43..3a80f3693 100644 --- a/wolfssl/ocsp.h +++ b/wolfssl/ocsp.h @@ -38,7 +38,7 @@ typedef struct WOLFSSL_OCSP WOLFSSL_OCSP; #if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\ - defined(WOLFSSL_HAPROXY) + defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP; typedef struct OcspRequest WOLFSSL_OCSP_CERTID; @@ -62,7 +62,7 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp OcspEntry *entry, OcspRequest *ocspRequest); #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_APACHE_HTTPD) + defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY) WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs, WOLFSSL_OCSP_CERTID *id, int *status, int *reason, @@ -82,8 +82,10 @@ WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs, WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags); WOLFSSL_API void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response); +#ifndef NO_BIO WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio, OcspResponse** response); +#endif WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response, const unsigned char** data, int len); WOLFSSL_API int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response, @@ -100,8 +102,10 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request, WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req, WOLFSSL_OCSP_CERTID *cid); WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*); +#ifndef NO_BIO WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out, WOLFSSL_OCSP_REQUEST *req); +#endif #endif #ifdef OPENSSL_EXTRA diff --git a/wolfssl/openssl/crypto.h b/wolfssl/openssl/crypto.h index 6b701aaec..4c1e9b024 100644 --- a/wolfssl/openssl/crypto.h +++ b/wolfssl/openssl/crypto.h @@ -76,7 +76,7 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SE #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ - defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) + defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_EX_DATA) #define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions #define FIPS_mode wolfSSL_FIPS_mode #define FIPS_mode_set wolfSSL_FIPS_mode_set @@ -93,6 +93,6 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i #define CRYPTO_THREAD_r_lock wc_LockMutex #define CRYPTO_THREAD_unlock wc_UnLockMutex -#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ +#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */ #endif /* header */ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index d90afd2b0..1e9d9512e 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -789,6 +789,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*, #ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS #define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE #endif + +WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); +WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); +WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); #endif /* !NO_CERTS */ #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) @@ -806,9 +810,6 @@ WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *, const char *file, int format); WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int); -WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl); -WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx); -WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth); WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*, int); WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*, @@ -2075,7 +2076,7 @@ WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk); WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i); #if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \ - (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) + (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_WPAS_SMALL)) WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx); WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx, @@ -2400,7 +2401,7 @@ WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void); WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void); WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int); WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*); -WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl); +WOLFSSL_API int wolfSSL_GetVersion(const WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version); /* moved to asn.c, old names kept for backwards compatibility */ @@ -2937,7 +2938,7 @@ enum { WOLFSSL_MAX_ALPN_NUMBER = 257 }; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out, unsigned char* outLen, const unsigned char* in, unsigned int inLen, void *arg); @@ -3775,11 +3776,12 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url); #endif -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) +#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) \ + || defined(WOLFSSL_WPAS_SMALL) WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx); WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx, void *data); -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \ || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index bbb6620cc..377577dad 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1262,7 +1262,7 @@ struct CertStatus { byte nextDate[MAX_DATE_SIZE]; byte thisDateFormat; byte nextDateFormat; -#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) WOLFSSL_ASN1_TIME thisDateParsed; WOLFSSL_ASN1_TIME nextDateParsed; byte* thisDateAsn;