diff --git a/examples/client/client.c b/examples/client/client.c index f31ac1e06..d305a4082 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -31,16 +31,10 @@ #include #ifdef WOLFSSL_WOLFSENTRY_HOOKS -# include -# include -# include - -static struct wolfsentry_context *wolfsentry = NULL; - +#include #if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) static const char *wolfsentry_config_path = NULL; #endif - #endif /* WOLFSSL_WOLFSENTRY_HOOKS */ #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) @@ -52,10 +46,6 @@ static const char *wolfsentry_config_path = NULL; #include -#ifdef WOLFSSL_WOLFSENTRY_HOOKS -#define tcp_connect(sockfd, ip, port, udp, sctp, ssl) tcp_connect_with_wolfSentry(sockfd, ip, port, udp, sctp, ssl, wolfsentry) -#endif - #include #include @@ -2573,125 +2563,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef WOLFSSL_WOLFSENTRY_HOOKS - wolfsentry_ret = wolfsentry_init(NULL /* hpi */, NULL /* default config */, - &wolfsentry); - if (wolfsentry_ret < 0) { - fprintf(stderr, "wolfsentry_init() returned " WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); + if (wolfsentry_setup(&wolfsentry, wolfsentry_config_path, WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT) < 0) err_sys("unable to initialize wolfSentry"); - } - - if (wolfsentry_data_index < 0) - wolfsentry_data_index = wolfSSL_get_ex_new_index(0, NULL, NULL, NULL, - NULL); - -#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) - if (wolfsentry_config_path != NULL) { - char buf[512], err_buf[512]; - struct wolfsentry_json_process_state *jps; - - FILE *f = fopen(wolfsentry_config_path, "r"); - - if (f == NULL) { - fprintf(stderr, "fopen(%s): %s\n",wolfsentry_config_path,strerror(errno)); - err_sys("unable to open wolfSentry config file"); - } - - if ((wolfsentry_ret = wolfsentry_config_json_init( - wolfsentry, - WOLFSENTRY_CONFIG_LOAD_FLAG_NONE, - &jps)) < 0) { - fprintf(stderr, "wolfsentry_config_json_init() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - err_sys("error while initlalizing wolfSentry config parser"); - } - - for (;;) { - size_t n = fread(buf, 1, sizeof buf, f); - if ((n < sizeof buf) && ferror(f)) { - fprintf(stderr,"fread(%s): %s\n",wolfsentry_config_path, strerror(errno)); - err_sys("error while reading wolfSentry config file"); - } - - wolfsentry_ret = wolfsentry_config_json_feed(jps, buf, n, err_buf, sizeof err_buf); - if (wolfsentry_ret < 0) { - fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf); - err_sys("error while loading wolfSentry config file"); - } - if ((n < sizeof buf) && feof(f)) - break; - } - fclose(f); - - if ((wolfsentry_ret = wolfsentry_config_json_fini(jps, err_buf, sizeof err_buf)) < 0) { - fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf); - err_sys("error while loading wolfSentry config file"); - } - - } else -#endif /* !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) */ - { - - struct wolfsentry_route_table *table; - - if ((wolfsentry_ret = wolfsentry_route_get_table_static(wolfsentry, - &table)) < 0) - fprintf(stderr, "wolfsentry_route_get_table_static() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - if (wolfsentry_ret >= 0) { - if ((wolfsentry_ret = wolfsentry_route_table_default_policy_set( - wolfsentry, table, - WOLFSENTRY_ACTION_RES_ACCEPT)) - < 0) - fprintf(stderr, - "wolfsentry_route_table_default_policy_set() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - } - - if (wolfsentry_ret >= 0) { - struct { - struct wolfsentry_sockaddr sa; - byte buf[16]; - } remote, local; - wolfsentry_ent_id_t id; - wolfsentry_action_res_t action_results; - - memset(&remote, 0, sizeof remote); - memset(&local, 0, sizeof local); -#ifdef TEST_IPV6 - remote.sa.sa_family = local.sa.sa_family = AF_INET6; - remote.sa.addr_len = 128; - memcpy(remote.sa.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16); -#else - remote.sa.sa_family = local.sa.sa_family = AF_INET; - remote.sa.addr_len = 32; - memcpy(remote.sa.addr, "\177\000\000\001", 4); -#endif - - if ((wolfsentry_ret = wolfsentry_route_insert_static - (wolfsentry, NULL /* caller_context */, &remote.sa, &local.sa, - WOLFSENTRY_ROUTE_FLAG_GREENLISTED | - WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT | - WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD| - WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD, - 0 /* event_label_len */, 0 /* event_label */, &id, - &action_results)) < 0) - fprintf(stderr, "wolfsentry_route_insert_static() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - } - - if (wolfsentry_ret < 0) - err_sys("unable to configure route table"); - } if (wolfSSL_CTX_set_ConnectFilter( ctx, diff --git a/examples/server/server.c b/examples/server/server.c index 047969be6..b20f2d43d 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -36,15 +36,11 @@ #endif #ifdef WOLFSSL_WOLFSENTRY_HOOKS -# include -# include -# include - +#include #if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) static const char *wolfsentry_config_path = NULL; #endif - -#endif +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) #include @@ -1119,7 +1115,6 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) SSL_CTX* ctx = 0; SSL* ssl = 0; #ifdef WOLFSSL_WOLFSENTRY_HOOKS - struct wolfsentry_context *wolfsentry = NULL; wolfsentry_errcode_t wolfsentry_ret; #endif @@ -1984,125 +1979,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) err_sys_ex(catastrophic, "unable to get ctx"); #ifdef WOLFSSL_WOLFSENTRY_HOOKS - wolfsentry_ret = wolfsentry_init(NULL /* hpi */, NULL /* default config */, - &wolfsentry); - if (wolfsentry_ret < 0) { - fprintf(stderr, "wolfsentry_init() returned " WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - err_sys_ex(catastrophic, "unable to initialize wolfSentry"); - } - - if (wolfsentry_data_index < 0) - wolfsentry_data_index = wolfSSL_get_ex_new_index(0, NULL, NULL, NULL, - NULL); - -#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) - if (wolfsentry_config_path != NULL) { - char buf[512], err_buf[512]; - struct wolfsentry_json_process_state *jps; - - FILE *f = fopen(wolfsentry_config_path, "r"); - - if (f == NULL) { - fprintf(stderr, "fopen(%s): %s\n",wolfsentry_config_path,strerror(errno)); - err_sys_ex(catastrophic, "unable to open wolfSentry config file"); - } - - if ((wolfsentry_ret = wolfsentry_config_json_init( - wolfsentry, - WOLFSENTRY_CONFIG_LOAD_FLAG_NONE, - &jps)) < 0) { - fprintf(stderr, "wolfsentry_config_json_init() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - err_sys_ex(catastrophic, "error while initlalizing wolfSentry config parser"); - } - - for (;;) { - size_t n = fread(buf, 1, sizeof buf, f); - if ((n < sizeof buf) && ferror(f)) { - fprintf(stderr,"fread(%s): %s\n",wolfsentry_config_path, strerror(errno)); - err_sys_ex(catastrophic, "error while reading wolfSentry config file"); - } - - wolfsentry_ret = wolfsentry_config_json_feed(jps, buf, n, err_buf, sizeof err_buf); - if (wolfsentry_ret < 0) { - fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf); - err_sys_ex(catastrophic, "error while loading wolfSentry config file"); - } - if ((n < sizeof buf) && feof(f)) - break; - } - fclose(f); - - if ((wolfsentry_ret = wolfsentry_config_json_fini(jps, err_buf, sizeof err_buf)) < 0) { - fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf); - err_sys_ex(catastrophic, "error while loading wolfSentry config file"); - } - - } else -#endif /* !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) */ - { - struct wolfsentry_route_table *table; - - if ((wolfsentry_ret = wolfsentry_route_get_table_static(wolfsentry, - &table)) < 0) - fprintf(stderr, "wolfsentry_route_get_table_static() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - if (wolfsentry_ret >= 0) { - if ((wolfsentry_ret = wolfsentry_route_table_default_policy_set( - wolfsentry, table, - WOLFSENTRY_ACTION_RES_REJECT|WOLFSENTRY_ACTION_RES_STOP)) - < 0) - fprintf(stderr, - "wolfsentry_route_table_default_policy_set() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - } - - if (wolfsentry_ret >= 0) { - struct { - struct wolfsentry_sockaddr sa; - byte buf[16]; - } remote, local; - wolfsentry_ent_id_t id; - wolfsentry_action_res_t action_results; - - memset(&remote, 0, sizeof remote); - memset(&local, 0, sizeof local); -#ifdef TEST_IPV6 - remote.sa.sa_family = local.sa.sa_family = AF_INET6; - remote.sa.addr_len = 128; - memcpy(remote.sa.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16); -#else - remote.sa.sa_family = local.sa.sa_family = AF_INET; - remote.sa.addr_len = 32; - memcpy(remote.sa.addr, "\177\000\000\001", 4); -#endif - - if ((wolfsentry_ret = wolfsentry_route_insert_static - (wolfsentry, NULL /* caller_context */, &remote.sa, &local.sa, - WOLFSENTRY_ROUTE_FLAG_GREENLISTED | - WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN | - WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD| - WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD | - WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD, - 0 /* event_label_len */, 0 /* event_label */, &id, - &action_results)) < 0) - fprintf(stderr, "wolfsentry_route_insert_static() returned " - WOLFSENTRY_ERROR_FMT "\n", - WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret)); - } - - if (wolfsentry_ret < 0) - err_sys_ex(catastrophic, "unable to configure route table"); - } - + if (wolfsentry_setup(&wolfsentry, wolfsentry_config_path, WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN) < 0) + err_sys("unable to initialize wolfSentry"); if (wolfSSL_CTX_set_AcceptFilter( ctx, diff --git a/src/ssl.c b/src/ssl.c index d6444c5e0..8ff728f7b 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1025,7 +1025,7 @@ int wolfSSL_CTX_set_AcceptFilter( return BAD_FUNC_ARG; ctx->AcceptFilter = AcceptFilter; ctx->AcceptFilter_arg = AcceptFilter_arg; - return WOLFSSL_SUCCESS; + return 0; } int wolfSSL_set_AcceptFilter( @@ -1037,7 +1037,7 @@ int wolfSSL_set_AcceptFilter( return BAD_FUNC_ARG; ssl->AcceptFilter = AcceptFilter; ssl->AcceptFilter_arg = AcceptFilter_arg; - return WOLFSSL_SUCCESS; + return 0; } int wolfSSL_CTX_set_ConnectFilter( @@ -1049,7 +1049,7 @@ int wolfSSL_CTX_set_ConnectFilter( return BAD_FUNC_ARG; ctx->ConnectFilter = ConnectFilter; ctx->ConnectFilter_arg = ConnectFilter_arg; - return WOLFSSL_SUCCESS; + return 0; } int wolfSSL_set_ConnectFilter( @@ -1061,7 +1061,7 @@ int wolfSSL_set_ConnectFilter( return BAD_FUNC_ARG; ssl->ConnectFilter = ConnectFilter; ssl->ConnectFilter_arg = ConnectFilter_arg; - return WOLFSSL_SUCCESS; + return 0; } #endif /* WOLFSSL_WOLFSENTRY_HOOKS */ diff --git a/wolfssl/test.h b/wolfssl/test.h index ffd11ea8c..1246ec5dd 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -1053,7 +1053,7 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, struct zsock_addrinfo hints, *addrInfo; char portStr[6]; XSNPRINTF(portStr, sizeof(portStr), "%d", port); - memset(&hints, 0, sizeof(hints)); + XMEMSET(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = udp ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = udp ? IPPROTO_UDP : IPPROTO_TCP; @@ -1178,6 +1178,12 @@ static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp) #if defined(WOLFSSL_WOLFSENTRY_HOOKS) && defined(WOLFSENTRY_H) +#include + +#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) +#include +#endif + struct wolfsentry_data { struct wolfsentry_sockaddr remote; byte remote_addrbuf[16]; @@ -1192,6 +1198,8 @@ static void free_wolfsentry_data(struct wolfsentry_data *data) { XFREE(data, data->heap, data->alloctype); } +static struct wolfsentry_context *wolfsentry = NULL; + static int wolfsentry_data_index = -1; static WC_INLINE int wolfsentry_store_endpoints( @@ -1329,6 +1337,186 @@ static int wolfSentry_NetworkFilterCallback( return WOLFSSL_SUCCESS; } +static int wolfsentry_setup( + struct wolfsentry_context **_wolfsentry, + const char *_wolfsentry_config_path, + wolfsentry_route_flags_t route_flags) +{ + wolfsentry_errcode_t ret; + ret = wolfsentry_init(NULL /* hpi */, NULL /* default config */, + _wolfsentry); + if (ret < 0) { + fprintf(stderr, "wolfsentry_init() returned " WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + err_sys("unable to initialize wolfSentry"); + } + + if (wolfsentry_data_index < 0) + wolfsentry_data_index = wolfSSL_get_ex_new_index(0, NULL, NULL, NULL, + NULL); + +#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) + if (_wolfsentry_config_path != NULL) { + char buf[512], err_buf[512]; + struct wolfsentry_json_process_state *jps; + + FILE *f = fopen(_wolfsentry_config_path, "r"); + + if (f == NULL) { + fprintf(stderr, "fopen(%s): %s\n",_wolfsentry_config_path,strerror(errno)); + err_sys("unable to open wolfSentry config file"); + } + + if ((ret = wolfsentry_config_json_init( + *_wolfsentry, + WOLFSENTRY_CONFIG_LOAD_FLAG_NONE, + &jps)) < 0) { + fprintf(stderr, "wolfsentry_config_json_init() returned " + WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + err_sys("error while initlalizing wolfSentry config parser"); + } + + for (;;) { + size_t n = fread(buf, 1, sizeof buf, f); + if ((n < sizeof buf) && ferror(f)) { + fprintf(stderr,"fread(%s): %s\n",_wolfsentry_config_path, strerror(errno)); + err_sys("error while reading wolfSentry config file"); + } + + ret = wolfsentry_config_json_feed(jps, buf, n, err_buf, sizeof err_buf); + if (ret < 0) { + fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf); + err_sys("error while loading wolfSentry config file"); + } + if ((n < sizeof buf) && feof(f)) + break; + } + fclose(f); + + if ((ret = wolfsentry_config_json_fini(jps, err_buf, sizeof err_buf)) < 0) { + fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf); + err_sys("error while loading wolfSentry config file"); + } + + } else +#endif /* !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) */ + { + struct wolfsentry_route_table *table; + + if ((ret = wolfsentry_route_get_table_static(*_wolfsentry, + &table)) < 0) + fprintf(stderr, "wolfsentry_route_get_table_static() returned " + WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + + if (ret < 0) + return ret; + + if (WOLFSENTRY_CHECK_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT)) { + struct { + struct wolfsentry_sockaddr sa; + byte buf[16]; + } remote, local; + wolfsentry_ent_id_t id; + wolfsentry_action_res_t action_results; + + if ((ret = wolfsentry_route_table_default_policy_set( + *_wolfsentry, table, + WOLFSENTRY_ACTION_RES_ACCEPT)) + < 0) { + fprintf(stderr, + "wolfsentry_route_table_default_policy_set() returned " + WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + return ret; + } + + XMEMSET(&remote, 0, sizeof remote); + XMEMSET(&local, 0, sizeof local); +#ifdef TEST_IPV6 + remote.sa.sa_family = local.sa.sa_family = AF_INET6; + remote.sa.addr_len = 128; + XMEMCPY(remote.sa.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16); +#else + remote.sa.sa_family = local.sa.sa_family = AF_INET; + remote.sa.addr_len = 32; + XMEMCPY(remote.sa.addr, "\177\000\000\001", 4); +#endif + + if ((ret = wolfsentry_route_insert_static + (*_wolfsentry, NULL /* caller_context */, &remote.sa, &local.sa, + route_flags | + WOLFSENTRY_ROUTE_FLAG_GREENLISTED | + WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD| + WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD, + 0 /* event_label_len */, 0 /* event_label */, &id, + &action_results)) < 0) { + fprintf(stderr, "wolfsentry_route_insert_static() returned " + WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + return ret; + } + } else if (WOLFSENTRY_CHECK_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN)) { + struct { + struct wolfsentry_sockaddr sa; + byte buf[16]; + } remote, local; + wolfsentry_ent_id_t id; + wolfsentry_action_res_t action_results; + + if ((ret = wolfsentry_route_table_default_policy_set( + *_wolfsentry, table, + WOLFSENTRY_ACTION_RES_REJECT|WOLFSENTRY_ACTION_RES_STOP)) + < 0) { + fprintf(stderr, + "wolfsentry_route_table_default_policy_set() returned " + WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + return ret; + } + + XMEMSET(&remote, 0, sizeof remote); + XMEMSET(&local, 0, sizeof local); +#ifdef TEST_IPV6 + remote.sa.sa_family = local.sa.sa_family = AF_INET6; + remote.sa.addr_len = 128; + XMEMCPY(remote.sa.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16); +#else + remote.sa.sa_family = local.sa.sa_family = AF_INET; + remote.sa.addr_len = 32; + XMEMCPY(remote.sa.addr, "\177\000\000\001", 4); +#endif + + if ((ret = wolfsentry_route_insert_static + (*_wolfsentry, NULL /* caller_context */, &remote.sa, &local.sa, + route_flags | + WOLFSENTRY_ROUTE_FLAG_GREENLISTED | + WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD| + WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD | + WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD, + 0 /* event_label_len */, 0 /* event_label */, &id, + &action_results)) < 0) { + fprintf(stderr, "wolfsentry_route_insert_static() returned " + WOLFSENTRY_ERROR_FMT "\n", + WOLFSENTRY_ERROR_FMT_ARGS(ret)); + return ret; + } + } + } + + return 0; +} + static WC_INLINE int tcp_connect_with_wolfSentry( SOCKET_T* sockfd, const char* ip, @@ -1423,7 +1611,9 @@ static WC_INLINE int tcp_connect_with_wolfSentry( return WOLFSSL_SUCCESS; } -#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ +#define tcp_connect(sockfd, ip, port, udp, sctp, ssl) tcp_connect_with_wolfSentry(sockfd, ip, port, udp, sctp, ssl, wolfsentry) + +#else /* !WOLFSSL_WOLFSENTRY_HOOKS */ static WC_INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, int udp, int sctp, WOLFSSL* ssl) @@ -1441,6 +1631,8 @@ static WC_INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, } } +#endif /* WOLFSSL_WOLFSENTRY_HOOKS */ + static WC_INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz) {