diff --git a/src/bio.c b/src/bio.c index 791034980..921f3d496 100644 --- a/src/bio.c +++ b/src/bio.c @@ -118,7 +118,7 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len) sz = len; } - memSz = bio->mem_buf->length - bio->rdIdx; + memSz = (int)bio->mem_buf->length - bio->rdIdx; if (memSz < sz) { WOLFSSL_MSG("Not enough memory for reading"); return WOLFSSL_BIO_ERROR; @@ -528,7 +528,7 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data, XMEMCPY(bio->mem_buf->data + bio->wrSz, data, len); bio->ptr = bio->mem_buf->data; - bio->num = bio->mem_buf->max; + bio->num = (int)bio->mem_buf->max; bio->wrSz += len; return len; @@ -2542,7 +2542,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) return NULL; } - bio->num = bio->mem_buf->max; + bio->num = (int)bio->mem_buf->max; bio->wrSz = len; bio->ptr = bio->mem_buf->data; XMEMCPY(bio->ptr, buf, len); diff --git a/src/ssl.c b/src/ssl.c index bf25a3f1a..1dea38ac8 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -27071,11 +27071,11 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup, const char* footer = NULL; if (type != X509_FILETYPE_PEM) - return WS_RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE); + return WS_RETURN_CODE(BAD_FUNC_ARG, (int)WOLFSSL_FAILURE); fp = XFOPEN(file, "rb"); if (fp == XBADFILE) - return WS_RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE); + return WS_RETURN_CODE(BAD_FUNC_ARG, (int)WOLFSSL_FAILURE); if(XFSEEK(fp, 0, XSEEK_END) != 0) { XFCLOSE(fp); @@ -27149,7 +27149,7 @@ end: if (pem != NULL) XFREE(pem, 0, DYNAMIC_TYPE_PEM); XFCLOSE(fp); - return WS_RETURN_CODE(ret,WOLFSSL_FAILURE); + return WS_RETURN_CODE(ret, (int)WOLFSSL_FAILURE); #else (void)lookup; (void)file; @@ -44310,6 +44310,9 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) XMEMCPY(cert->challengePw, x509->challengePw, CTC_NAME_SIZE); #endif + /* Only makes sense to do this for OPENSSL_EXTRA because without + * this define the function will error out below */ + #ifdef OPENSSL_EXTRA if (x509->serialSz == 0 && x509->serialNumber != NULL && /* Check if the buffer contains more than just the * ASN tag and length */ @@ -44320,6 +44323,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl) return WOLFSSL_FAILURE; } } + #endif /* set serial number */ if (x509->serialSz > 0) { @@ -58567,7 +58571,7 @@ int wolfSSL_BUF_MEM_resize(WOLFSSL_BUF_MEM* buf, size_t len) int mx; /* verify provided arguments */ - if (buf == NULL || len == 0) { + if (buf == NULL || len == 0 || (int)len <= 0) { return 0; /* BAD_FUNC_ARG; */ } @@ -58578,7 +58582,7 @@ int wolfSSL_BUF_MEM_resize(WOLFSSL_BUF_MEM* buf, size_t len) return wolfSSL_BUF_MEM_grow_ex(buf, len, 0); /* expand size, to handle growth */ - mx = (len + 3) / 3 * 4; + mx = ((int)len + 3) / 3 * 4; /* We want to shrink the internal buffer */ tmp = (char*)XREALLOC(buf->data, mx, NULL, DYNAMIC_TYPE_OPENSSL); diff --git a/tests/api.c b/tests/api.c index f3ec3ff07..38e751562 100644 --- a/tests/api.c +++ b/tests/api.c @@ -46848,7 +46848,12 @@ static void test_EVP_PKEY_cmp(void) AssertIntEQ(EVP_PKEY_cmp(NULL, NULL), 0); AssertIntEQ(EVP_PKEY_cmp(a, NULL), 0); AssertIntEQ(EVP_PKEY_cmp(NULL, b), 0); +#ifdef NO_RSA + /* Type check will fail since RSA is the default EVP key type */ + AssertIntEQ(EVP_PKEY_cmp(a, b), -2); +#else AssertIntEQ(EVP_PKEY_cmp(a, b), 0); +#endif #else AssertIntNE(EVP_PKEY_cmp(NULL, NULL), 0); AssertIntNE(EVP_PKEY_cmp(a, NULL), 0); @@ -51246,7 +51251,8 @@ static int test_wolfSSL_CTX_set_ecdh_auto(void) return ret; } -#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \ + defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args) { callback_functions* callbacks = NULL; @@ -51290,6 +51296,13 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args) wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)); +#if !defined(NO_FILESYSTEM) && !defined(NO_DH) + AssertIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile, + WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); +#elif !defined(NO_DH) + SetDHCtx(ctx); /* will repick suites with DHE, higher priority than PSK */ +#endif + if (callbacks->ctx_ready) callbacks->ctx_ready(ctx); @@ -51367,7 +51380,9 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args) wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(cfd); - +#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) + wc_ecc_fp_free(); /* free per thread cache */ +#endif return 0; } static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args) @@ -51435,9 +51450,13 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args) wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); CloseSocket(sfd); +#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) + wc_ecc_fp_free(); /* free per thread cache */ +#endif return 0; } -#endif /* OPENSSL_EXTRA && WOLFSSL_ERROR_CODE_OPENSSL */ +#endif /* OPENSSL_EXTRA && WOLFSSL_ERROR_CODE_OPENSSL && + HAVE_IO_TESTS_DEPENDENCIES && !WOLFSSL_NO_TLS12 */ /* This test is to check wolfSSL_read behaves as same as * openSSL when it is called after SSL_shutdown completes. @@ -51445,7 +51464,8 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args) static int test_wolfSSL_read_detect_TCP_disconnect(void) { int ret = 0; -#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) +#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \ + defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) tcp_ready ready; func_args client_args; func_args server_args;