feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Changes for various failing build configs

Browse Source
This commit is contained in:
Colton Willey
2024-10-18 16:34:25 -07:00
committed by Daniel Pouzzner
parent 1afbf55a80
commit 87ce96527a
3 changed files with 35 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/ssl_certman.c
View File

@@ -455,8 +455,8 @@ int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
return ret; return ret;
} }
static int wolfSSL_CertManagerUnloadIntermediateCertsEx(WOLFSSL_CERT_MANAGER* cm, static int wolfSSL_CertManagerUnloadIntermediateCertsEx(
byte type) WOLFSSL_CERT_MANAGER* cm, byte type)
{ {
int ret = WOLFSSL_SUCCESS; int ret = WOLFSSL_SUCCESS;
@@ -483,14 +483,16 @@ static int wolfSSL_CertManagerUnloadIntermediateCertsEx(WOLFSSL_CERT_MANAGER* cm
} }
#if defined(OPENSSL_EXTRA) #if defined(OPENSSL_EXTRA)
static int wolfSSL_CertManagerUnloadTempIntermediateCerts(WOLFSSL_CERT_MANAGER* cm) static int wolfSSL_CertManagerUnloadTempIntermediateCerts(
WOLFSSL_CERT_MANAGER* cm)
{ {
WOLFSSL_ENTER("wolfSSL_CertManagerUnloadTempIntermediateCerts"); WOLFSSL_ENTER("wolfSSL_CertManagerUnloadTempIntermediateCerts");
return wolfSSL_CertManagerUnloadIntermediateCertsEx(cm, WOLFSSL_INTER_CA); return wolfSSL_CertManagerUnloadIntermediateCertsEx(cm, WOLFSSL_INTER_CA);
} }
#endif #endif
int wolfSSL_CertManagerUnloadIntermediateCerts(WOLFSSL_CERT_MANAGER* cm) int wolfSSL_CertManagerUnloadIntermediateCerts(
WOLFSSL_CERT_MANAGER* cm)
{ {
WOLFSSL_ENTER("wolfSSL_CertManagerUnloadIntermediateCerts"); WOLFSSL_ENTER("wolfSSL_CertManagerUnloadIntermediateCerts");
return wolfSSL_CertManagerUnloadIntermediateCertsEx(cm, WOLFSSL_CHAIN_CA); return wolfSSL_CertManagerUnloadIntermediateCertsEx(cm, WOLFSSL_CHAIN_CA);

7
src/x509.c
View File

@@ -7597,7 +7597,7 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
else if (wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer) == 0 && else if (wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer) == 0 &&
XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) { XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) {
ret = X509StoreLoadCertBuffer(lookup->store, curr, ret = X509StoreLoadCertBuffer(lookup->store, curr,
(word32)sz, WOLFSSL_FILETYPE_PEM); (word32)sz, WOLFSSL_FILETYPE_PEM);
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
goto end; goto end;
curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz); curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz);
@@ -14205,8 +14205,9 @@ int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *name,
#if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#if defined(OPENSSL_EXTRA) && (defined(SESSION_CERTS) || \ #if defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_SIGNER_DER_CERT)) ((defined(SESSION_CERTS) && !defined(WOLFSSL_QT)) || \
defined(WOLFSSL_SIGNER_DER_CERT))
/** /**
* Find the issuing cert of the input cert. On a self-signed cert this * Find the issuing cert of the input cert. On a self-signed cert this

31
src/x509_str.c
View File

@@ -247,6 +247,7 @@ static void SetupStoreCtxError(WOLFSSL_X509_STORE_CTX* ctx, int ret)
static int X509StoreVerifyCert(WOLFSSL_X509_STORE_CTX* ctx) static int X509StoreVerifyCert(WOLFSSL_X509_STORE_CTX* ctx)
{ {
int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE); int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
WOLFSSL_ENTER("X509StoreVerifyCert");
if (ctx->current_cert != NULL && ctx->current_cert->derCert != NULL) { if (ctx->current_cert != NULL && ctx->current_cert->derCert != NULL) {
ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm, ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
@@ -874,7 +875,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs(
int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer,
WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x) WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x)
{ {
int ret = WOLFSSL_FAILURE; int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get1_issuer"); WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get1_issuer");
if (issuer == NULL || ctx == NULL || x == NULL) if (issuer == NULL || ctx == NULL || x == NULL)
@@ -960,6 +961,7 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
if ((store->cm = wolfSSL_CertManagerNew()) == NULL) if ((store->cm = wolfSSL_CertManagerNew()) == NULL)
goto err_exit; goto err_exit;
#ifdef OPENSSL_EXTRA
if ((store->certs = wolfSSL_sk_X509_new_null()) == NULL) if ((store->certs = wolfSSL_sk_X509_new_null()) == NULL)
goto err_exit; goto err_exit;
@@ -970,6 +972,7 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
if ((store->trusted = wolfSSL_sk_X509_new_null()) == NULL) if ((store->trusted = wolfSSL_sk_X509_new_null()) == NULL)
goto err_exit; goto err_exit;
#endif #endif
#endif
#ifdef HAVE_CRL #ifdef HAVE_CRL
store->crl = store->cm->crl; store->crl = store->cm->crl;
@@ -1057,6 +1060,7 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
wolfSSL_CertManagerFree(store->cm); wolfSSL_CertManagerFree(store->cm);
store->cm = NULL; store->cm = NULL;
} }
#if defined(OPENSSL_EXTRA)
if (store->certs != NULL) { if (store->certs != NULL) {
wolfSSL_sk_X509_free(store->certs); wolfSSL_sk_X509_free(store->certs);
store->certs = NULL; store->certs = NULL;
@@ -1071,6 +1075,7 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
store->trusted = NULL; store->trusted = NULL;
} }
#endif #endif
#endif
#ifdef OPENSSL_ALL #ifdef OPENSSL_ALL
if (store->objs != NULL) { if (store->objs != NULL) {
X509StoreFreeObjList(store, store->objs); X509StoreFreeObjList(store, store->objs);
@@ -1270,14 +1275,24 @@ int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509)
#if !defined(WOLFSSL_SIGNER_DER_CERT) #if !defined(WOLFSSL_SIGNER_DER_CERT)
if (result == WOLFSSL_SUCCESS && store->trusted != NULL) { if (result == WOLFSSL_SUCCESS && store->trusted != NULL) {
result = wolfSSL_sk_X509_push(store->trusted, x509); result = wolfSSL_sk_X509_push(store->trusted, x509);
result = (result > 0) ? WOLFSSL_SUCCESS : WOLFSSL_FATAL_ERROR; if (result > 0) {
result = WOLFSSL_SUCCESS;
}
else {
result = WOLFSSL_FATAL_ERROR;
}
} }
#endif #endif
} }
else { else {
if (store->certs != NULL) { if (store->certs != NULL) {
result = wolfSSL_sk_X509_push(store->certs, x509); result = wolfSSL_sk_X509_push(store->certs, x509);
result = (result > 0) ? WOLFSSL_SUCCESS : WOLFSSL_FATAL_ERROR; if (result > 0) {
result = WOLFSSL_SUCCESS;
}
else {
result = WOLFSSL_FATAL_ERROR;
}
} }
else { else {
/* If store->certs is NULL, this is an X509_STORE managed by an /* If store->certs is NULL, this is an X509_STORE managed by an
@@ -1327,7 +1342,7 @@ int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE* store)
int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE *str, int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE *str,
byte *buf, word32 bufLen, int type) byte *buf, word32 bufLen, int type)
{ {
int ret = WOLFSSL_FAILURE; int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
WOLFSSL_X509 *x509 = NULL; WOLFSSL_X509 *x509 = NULL;
if (str == NULL || buf == NULL) { if (str == NULL || buf == NULL) {
@@ -1654,6 +1669,10 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
{ {
WOLFSSL_STACK* ret = NULL; WOLFSSL_STACK* ret = NULL;
WOLFSSL_STACK* cert_stack = NULL; WOLFSSL_STACK* cert_stack = NULL;
#if ((defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM)) || \
(defined(HAVE_CRL)))
WOLFSSL_X509_OBJECT* obj = NULL;
#endif
#if defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM) #if defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM)
WOLFSSL_X509* x509 = NULL; WOLFSSL_X509* x509 = NULL;
int i = 0; int i = 0;
@@ -1698,7 +1717,7 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
* simplify cleanup logic handling cert merging above */ * simplify cleanup logic handling cert merging above */
for (i = 0; i < wolfSSL_sk_X509_num(cert_stack); i++) { for (i = 0; i < wolfSSL_sk_X509_num(cert_stack); i++) {
x509 = wolfSSL_sk_value(cert_stack, i); x509 = wolfSSL_sk_value(cert_stack, i);
WOLFSSL_X509_OBJECT* obj = wolfSSL_X509_OBJECT_new(); obj = wolfSSL_X509_OBJECT_new();
if (obj == NULL) { if (obj == NULL) {
WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error"); WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error");
goto err_cleanup; goto err_cleanup;
@@ -1720,7 +1739,7 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
#ifdef HAVE_CRL #ifdef HAVE_CRL
if (store->cm->crl != NULL) { if (store->cm->crl != NULL) {
WOLFSSL_X509_OBJECT* obj = wolfSSL_X509_OBJECT_new(); obj = wolfSSL_X509_OBJECT_new();
if (obj == NULL) { if (obj == NULL) {
WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error"); WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error");
goto err_cleanup; goto err_cleanup;