feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4405 from anhu/truncating_last_char

Browse Source 
Fix for `set1_curves_list` ignoring last character
This commit is contained in:
John Safranek
2021-09-21 08:49:53 -07:00
committed by GitHub
parent 34c6e8f975 c733be728f
commit 7ec7faddef
2 changed files with 38 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/ssl.c
View File

@ -49226,13 +49226,18 @@ int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
word16 curve; word16 curve;
char name[MAX_CURVE_NAME_SZ]; char name[MAX_CURVE_NAME_SZ];
if (ctx == NULL || names == NULL) {
WOLFSSL_MSG("ctx or names was NULL");
return WOLFSSL_FAILURE;
}
/* Disable all curves so that only the ones the user wants are enabled. */ /* Disable all curves so that only the ones the user wants are enabled. */
ctx->disabledCurves = 0xFFFFFFFFUL; ctx->disabledCurves = 0xFFFFFFFFUL;
for (idx = 1; names[idx-1] != '\0'; idx++) { for (idx = 1; names[idx-1] != '\0'; idx++) {
if (names[idx] != ':' && names[idx] != '\0') if (names[idx] != ':' && names[idx] != '\0')
continue; continue;
len = idx - 1 - start; len = idx - start;
if (len > MAX_CURVE_NAME_SZ - 1) if (len > MAX_CURVE_NAME_SZ - 1)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;

32
tests/api.c
View File

@ -33392,6 +33392,37 @@ static void test_wolfSSL_sk_SSL_CIPHER(void)
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */ !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
} }
static void test_wolfSSL_set1_curves_list(void)
{
#if defined(OPENSSL_EXTRA) && defined(HAVE_RSA)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
#ifndef NO_WOLFSSL_SERVER
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
AssertNotNull(ssl = SSL_new(ctx));
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WOLFSSL_FAILURE);
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-25X"), WOLFSSL_FAILURE);
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-256"), WOLFSSL_SUCCESS);
AssertIntEQ(SSL_set1_curves_list(ssl, NULL), WOLFSSL_FAILURE);
AssertIntEQ(SSL_set1_curves_list(ssl, "P-25X"), WOLFSSL_FAILURE);
AssertIntEQ(SSL_set1_curves_list(ssl, "P-256"), WOLFSSL_SUCCESS);
SSL_free(ssl);
SSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_set1_sigalgs_list(void) static void test_wolfSSL_set1_sigalgs_list(void)
{ {
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
@ -49018,6 +49049,7 @@ void ApiTest(void)
#endif #endif
test_wolfSSL_set_options(); test_wolfSSL_set_options();
test_wolfSSL_sk_SSL_CIPHER(); test_wolfSSL_sk_SSL_CIPHER();
test_wolfSSL_set1_curves_list();
test_wolfSSL_set1_sigalgs_list(); test_wolfSSL_set1_sigalgs_list();
test_wolfSSL_PKCS7_certs(); test_wolfSSL_PKCS7_certs();
test_wolfSSL_X509_STORE_CTX(); test_wolfSSL_X509_STORE_CTX();