From 2639c5e26866ff7d8323500cfafde18c726f8e6a Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 4 Mar 2022 11:26:16 -0700 Subject: [PATCH 1/4] X509V3_set_ctx arg check fix, debug log cleanup --- src/ssl.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 7085094b8..9d813eb45 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -39064,7 +39064,7 @@ int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key, if (key == NULL || key->internal == NULL || pub == NULL || pub->internal == NULL) { - WOLFSSL_MSG("wolfSSL_EC_GROUP_get_order Bad arguments"); + WOLFSSL_MSG("wolfSSL_EC_KEY_set_public_key Bad arguments"); return WOLFSSL_FAILURE; } @@ -48261,7 +48261,7 @@ int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert) #endif int ret; - WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509_AUX()"); + WOLFSSL_ENTER("wolfSSL_PEM_write_bio_X509()"); if (bio == NULL || cert == NULL) { WOLFSSL_MSG("NULL argument passed in"); @@ -57064,14 +57064,14 @@ void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, WOLFSSL_X509* issuer, { int ret = WOLFSSL_SUCCESS; WOLFSSL_ENTER("wolfSSL_X509V3_set_ctx"); - if (!ctx || !ctx->x509) + if (!ctx) return; - if (!ctx->x509) { - ctx->x509 = wolfSSL_X509_new(); - if (!ctx->x509) - return; - } + /* not checking ctx->x509 for null first since app won't have initalized + * this X509V3_CTX before this function call */ + ctx->x509 = wolfSSL_X509_new(); + if (!ctx->x509) + return; /* Set parameters in ctx as long as ret == WOLFSSL_SUCCESS */ if (issuer) @@ -62043,6 +62043,7 @@ PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len, } if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len) != 0) { + WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed"); wolfSSL_PKCS7_free((PKCS7*)pkcs7); return NULL; } @@ -62176,6 +62177,7 @@ PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7) if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len) != 0) { + WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed"); wolfSSL_PKCS7_free((PKCS7*)pkcs7); return NULL; } From 238072c84df1bd0648f2a6bca4ad6a252111b621 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 4 Mar 2022 11:12:10 -0700 Subject: [PATCH 2/4] map BIO_s_accept to BIO_s_socket for basic use --- wolfssl/openssl/bio.h | 1 + 1 file changed, 1 insertion(+) diff --git a/wolfssl/openssl/bio.h b/wolfssl/openssl/bio.h index 368c63eea..5ddf4858a 100644 --- a/wolfssl/openssl/bio.h +++ b/wolfssl/openssl/bio.h @@ -56,6 +56,7 @@ #define BIO_s_file wolfSSL_BIO_s_file #define BIO_s_bio wolfSSL_BIO_s_bio #define BIO_s_socket wolfSSL_BIO_s_socket +#define BIO_s_accept wolfSSL_BIO_s_socket #define BIO_set_fd wolfSSL_BIO_set_fd #define BIO_set_close wolfSSL_BIO_set_close #define BIO_ctrl_reset_read_request wolfSSL_BIO_ctrl_reset_read_request From 6e6108bb983d19d712463638394b2a4ac0ffaa0b Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Fri, 21 Jan 2022 13:03:13 -0700 Subject: [PATCH 3/4] remove duplicate BIO_CLOSE/BIO_NOCLOSE definition, already in openssl/bio.h --- wolfssl/ssl.h | 3 --- 1 file changed, 3 deletions(-) diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index b720f525c..34e45d81c 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -2209,9 +2209,6 @@ enum { */ SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ - BIO_CLOSE = 1, - BIO_NOCLOSE = 0, - X509_FILETYPE_PEM = 8, X509_V_OK = 0, From 82c6f58eb0c321673de72aa468cee5bdff990cc5 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 24 Jan 2022 14:42:00 -0700 Subject: [PATCH 4/4] define BIO_CTRL_SET, BIO_CTRL_GET --- wolfssl/openssl/bio.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfssl/openssl/bio.h b/wolfssl/openssl/bio.h index 5ddf4858a..afc8cf509 100644 --- a/wolfssl/openssl/bio.h +++ b/wolfssl/openssl/bio.h @@ -140,6 +140,8 @@ #define BIO_CTRL_RESET 1 #define BIO_CTRL_EOF 2 #define BIO_CTRL_INFO 3 +#define BIO_CTRL_SET 4 +#define BIO_CTRL_GET 5 #define BIO_CTRL_PUSH 6 #define BIO_CTRL_POP 7 #define BIO_CTRL_GET_CLOSE 8