From 9290b2e464fef403e149b0e7b08c967268f2ca31 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Tue, 10 Jan 2017 15:44:03 -0700
Subject: [PATCH] RAND cleanup and no-op functions for compatibility --
 brackets added to ssl.c if statements for gcc-6

---
 src/ssl.c                | 16 +++++++++++++++-
 tests/api.c              | 40 +++++++++++++++++++++++++++++++++++++++-
 wolfssl/openssl/crypto.h |  5 ++++-
 wolfssl/openssl/engine.h |  1 +
 wolfssl/openssl/err.h    |  1 +
 wolfssl/openssl/ssl.h    |  1 +
 wolfssl/ssl.h            |  1 +
 7 files changed, 62 insertions(+), 3 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 39cebb223..89e8a55ce 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -18560,7 +18560,18 @@ int wolfSSL_RAND_seed(const void* seed, int len)
 }
 
 
-/* WOLFSSL_SUCCESS on ok */
+void wolfSSL_RAND_Cleanup(void)
+{
+    WOLFSSL_ENTER("wolfSSL_RAND_Cleanup()");
+
+    if (initGlobalRNG != 0) {
+        wc_FreeRng(&globalRNG);
+        initGlobalRNG = 0;
+    }
+}
+
+
+/* SSL_SUCCESS on ok */
 int wolfSSL_RAND_bytes(unsigned char* buf, int num)
 {
     int     ret = 0;
@@ -20536,6 +20547,9 @@ int wolfSSL_RSA_public_encrypt(int len, const unsigned char* fr,
         if (ret <= 0) {
             WOLFSSL_MSG("Bad Rsa Encrypt");
         }
+        if (len <= 0) {
+            WOLFSSL_MSG("Bad Rsa Encrypt");
+        }
     }
 
     if (initTmpRng)
diff --git a/tests/api.c b/tests/api.c
index 5a77b8fa3..b312613b6 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -217,7 +217,8 @@
     #include <wolfssl/openssl/dh.h>
     #include <wolfssl/openssl/bn.h>
     #include <wolfssl/openssl/pem.h>
-    #include <wolfssl/openssl/ec.h>
+    #include <wolfssl/openssl/engine.h>
+    #include <wolfssl/openssl/crypto.h>
 #ifndef NO_DES3
     #include <wolfssl/openssl/des.h>
 #endif
@@ -14642,6 +14643,37 @@ static void test_wolfSSL_X509(void)
 }
 
 
+static void test_wolfSSL_RAND(void)
+{
+    #if defined(OPENSSL_EXTRA)
+    byte seed[16];
+
+    printf(testingFmt, "wolfSSL_RAND()");
+
+    RAND_seed(seed, sizeof(seed));
+    RAND_cleanup();
+
+    printf(resultFmt, passed);
+    #endif
+}
+
+
+static void test_no_op_functions(void)
+{
+    #if defined(OPENSSL_EXTRA)
+    printf(testingFmt, "no_op_functions()");
+
+    /* this makes sure wolfSSL can compile and run these no-op functions */
+    SSL_load_error_strings();
+    ENGINE_load_builtin_engines();
+    OpenSSL_add_all_ciphers();
+    CRYPTO_malloc_init();
+
+    printf(resultFmt, passed);
+    #endif
+}
+
+
 /*----------------------------------------------------------------------------*
  | wolfCrypt ASN
  *----------------------------------------------------------------------------*/
@@ -15414,6 +15446,7 @@ void ApiTest(void)
     test_wolfSSL_DES_ecb_encrypt();
     test_wolfSSL_ASN1_STRING();
     test_wolfSSL_X509();
+    test_wolfSSL_RAND();
     test_wolfSSL_DES_ecb_encrypt();
     test_wolfSSL_set_tlsext_status_type();
     test_wolfSSL_ASN1_TIME_adj();
@@ -15423,6 +15456,11 @@ void ApiTest(void)
     test_wolfSSL_CTX_set_srp_password();
     AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS);
 
+    /* test the no op functions for compatibility */
+    test_no_op_functions();
+
+    AssertIntEQ(test_wolfSSL_Cleanup(), SSL_SUCCESS);
+
     /* wolfCrypt ASN tests */
     test_wc_GetPkcs8TraditionalOffset();
 
diff --git a/wolfssl/openssl/crypto.h b/wolfssl/openssl/crypto.h
index 09d00ee4f..2267c09b3 100644
--- a/wolfssl/openssl/crypto.h
+++ b/wolfssl/openssl/crypto.h
@@ -45,7 +45,10 @@ WOLFSSL_API unsigned long wolfSSLeay(void);
 #define SSLEAY_VERSION 0x0090600fL
 #define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
 
-#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+/* this function was used to set the default malloc, free, and realloc */
+#define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */
+
+#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(HAPROXY)
 #define CRYPTO_set_mem_ex_functions      wolfSSL_CRYPTO_set_mem_ex_functions
 #define FIPS_mode                        wolfSSL_FIPS_mode
 #define FIPS_mode_set                    wolfSSL_FIPS_mode_set
diff --git a/wolfssl/openssl/engine.h b/wolfssl/openssl/engine.h
index 39952fcae..a4e74a957 100644
--- a/wolfssl/openssl/engine.h
+++ b/wolfssl/openssl/engine.h
@@ -2,4 +2,5 @@
 
 #undef HAVE_OPENSSL_ENGINE_H
 
+#define ENGINE_load_builtin_engines() /*ENGINE_load_builtin_engines not needed*/
 
diff --git a/wolfssl/openssl/err.h b/wolfssl/openssl/err.h
index ea131a8e9..30360a885 100644
--- a/wolfssl/openssl/err.h
+++ b/wolfssl/openssl/err.h
@@ -22,3 +22,4 @@
 /* err.h for openssl */
 #define ERR_load_crypto_strings          wolfSSL_ERR_load_crypto_strings
 #define ERR_peek_last_error              wolfSSL_ERR_peek_last_error
+#define SSL_load_error_strings() /* SSL_load_error_strings not needed */
diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h
index fd29deab8..e44185c08 100644
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -282,6 +282,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
 #define RAND_load_file  wolfSSL_RAND_load_file
 #define RAND_egd        wolfSSL_RAND_egd
 #define RAND_seed       wolfSSL_RAND_seed
+#define RAND_cleanup    wolfSSL_RAND_Cleanup
 #define RAND_add        wolfSSL_RAND_add
 
 #define COMP_zlib                       wolfSSL_COMP_zlib
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index 4c2d38c42..0a8754283 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -726,6 +726,7 @@ WOLFSSL_API int         wolfSSL_RAND_write_file(const char*);
 WOLFSSL_API int         wolfSSL_RAND_load_file(const char*, long);
 WOLFSSL_API int         wolfSSL_RAND_egd(const char*);
 WOLFSSL_API int         wolfSSL_RAND_seed(const void*, int);
+WOLFSSL_API void        wolfSSL_RAND_Cleanup(void);
 WOLFSSL_API void        wolfSSL_RAND_add(const void*, int, double);
 
 WOLFSSL_API WOLFSSL_COMP_METHOD* wolfSSL_COMP_zlib(void);