From 47801107da4b483210c6e8249a35c4ff3e78f5ca Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 15 Feb 2023 14:24:22 -0800 Subject: [PATCH 1/3] Fix to make sure API unit test always calls init/cleanup when not running all tests. --- tests/api.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tests/api.c b/tests/api.c index edf3ef01c..3634760dc 100644 --- a/tests/api.c +++ b/tests/api.c @@ -62942,6 +62942,15 @@ void ApiTest(void) printf(" Begin API Tests\n"); fflush(stdout); + /* we must perform init and cleanup if not all tests are running */ + if (!testAll) { + #ifdef WOLFCRYPT_ONLY + wolfCrypt_Init(); + #else + wolfSSL_Init(); + #endif + } + for (i = 0; i < TEST_CASE_CNT; ++i) { /* When not testing all cases then skip if not marked for running. */ if (!testAll && !testCases[i].run) { @@ -62983,7 +62992,13 @@ void ApiTest(void) wc_ecc_fp_free(); /* free per thread cache */ #endif - wolfSSL_Cleanup(); + if (!testAll) { + #ifdef WOLFCRYPT_ONLY + wolfCrypt_Cleanup(); + #else + wolfSSL_Cleanup(); + #endif + } (void)testDevId; From e8a26c673ae03be94d921155292e55e6af283a8b Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 15 Feb 2023 14:57:34 -0800 Subject: [PATCH 2/3] Fix for async with `WOLFSSL_CHECK_ALERT_ON_ERR`. --- src/internal.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/internal.c b/src/internal.c index 4c8a6c2f8..10e53e039 100644 --- a/src/internal.c +++ b/src/internal.c @@ -19124,6 +19124,16 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr) return ssl->error; } + /* If checking alert on error (allowSocketErr == 1) do not try and + * process alerts for async or ocsp non blocking */ +#if defined(WOLFSSL_CHECK_ALERT_ON_ERR) && \ + (defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)) + if (allowSocketErr == 1 && \ + (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) { + return ssl->error; + } +#endif + #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_ASYNC_CRYPT) /* process any pending DTLS messages - this flow can happen with async */ if (ssl->dtls_rx_msg_list != NULL) { From 18bee3142de99dcfaa545430c5534ff8b0cb5b95 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 15 Feb 2023 14:57:43 -0800 Subject: [PATCH 3/3] Fix to use the right cert/key in the API unit test if overridden. --- tests/api.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/api.c b/tests/api.c index 3634760dc..8a67c22a5 100644 --- a/tests/api.c +++ b/tests/api.c @@ -5290,10 +5290,10 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) } #endif #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) - if (sharedCtx && wolfSSL_use_certificate_file(ssl, svrCertFile, + if (sharedCtx && wolfSSL_use_certificate_file(ssl, certFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else - if (wolfSSL_use_certificate_file(ssl, svrCertFile, + if (wolfSSL_use_certificate_file(ssl, certFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load server cert chain file, " @@ -5301,10 +5301,10 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) goto done; } #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) - if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, + if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, keyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #else - if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, + if (wolfSSL_use_PrivateKey_file(ssl, keyFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { #endif /*err_sys("can't load server key file, "