diff --git a/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests b/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests index 87fc3320f..ff9961881 100644 --- a/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests +++ b/.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests @@ -191,13 +191,7 @@ ap_wpa2_psk_supp_proto_no_gtk_in_group_msg ap_wpa2_psk_supp_proto_too_long_gtk_in_group_msg ap_wpa2_psk_supp_proto_too_long_gtk_kde ap_wpa2_psk_supp_proto_gtk_not_encrypted -ap_wpa2_psk_supp_proto_no_igtk -ap_wpa2_psk_supp_proto_igtk_ok -ap_wpa2_psk_supp_proto_igtk_keyid_swap -ap_wpa2_psk_supp_proto_igtk_keyid_too_large -ap_wpa2_psk_supp_proto_igtk_keyid_unexpected ap_wpa2_psk_wep -ap_wpa2_psk_ifdown ap_wpa2_psk_drop_first_msg_4 ap_wpa2_psk_disable_enable ap_wpa2_psk_incorrect_passphrase @@ -210,10 +204,7 @@ ap_wpa2_disable_eapol_retry ap_wpa2_disable_eapol_retry_group ap_wpa2_psk_mic_0 ap_wpa2_psk_local_error -ap_wpa2_psk_inject_assoc -ap_wpa2_psk_no_control_port ap_wpa2_psk_ap_control_port -ap_wpa2_psk_ap_control_port_disabled ap_wpa2_psk_rsne_mismatch_ap ap_wpa2_psk_rsne_mismatch_ap2 ap_wpa2_psk_rsne_mismatch_ap3 @@ -253,10 +244,8 @@ ap_wpa2_eap_aka_sql ap_wpa2_eap_aka_config ap_wpa2_eap_aka_ext ap_wpa2_eap_aka_ext_auth_fail -ap_wpa2_eap_aka_prime ap_wpa2_eap_aka_prime_imsi_identity ap_wpa2_eap_aka_prime_imsi_privacy_key -ap_wpa2_eap_aka_prime_sql ap_wpa2_eap_aka_prime_ext_auth_fail ap_wpa2_eap_aka_prime_ext ap_wpa2_eap_ttls_pap @@ -416,19 +405,6 @@ ap_wpa2_radius_server_get_id ap_wpa2_eap_tls_tod ap_wpa2_eap_tls_tod_tofu ap_wpa2_eap_sake_no_control_port -ap_wpa2_tdls -ap_wpa2_tdls_concurrent_init -ap_wpa2_tdls_concurrent_init2 -ap_wpa2_tdls_decline_resp -ap_wpa2_tdls_long_lifetime -ap_wpa2_tdls_long_frame -ap_wpa2_tdls_reneg -ap_wpa2_tdls_wrong_lifetime_resp -ap_wpa2_tdls_diff_rsnie -ap_wpa2_tdls_wrong_tpk_m2_mic -ap_wpa2_tdls_wrong_tpk_m3_mic -ap_wpa2_tdls_double_tpk_m2 -ap_wpa2_tdls_responder_teardown dpp_network_intro_version dpp_network_intro_version_change dpp_network_intro_version_missing_req @@ -459,12 +435,9 @@ dpp_qr_code_curves dpp_qr_code_curves_brainpool dpp_qr_code_unsupported_curve dpp_qr_code_keygen_fail -dpp_qr_code_curve_select dpp_qr_code_auth_broadcast -dpp_configurator_enrollee dpp_configurator_enrollee_prime256v1 dpp_configurator_enrollee_secp384r1 -dpp_configurator_enrollee_secp521r1 dpp_configurator_enrollee_brainpoolP256r1 dpp_configurator_enrollee_brainpoolP384r1 dpp_configurator_enrollee_brainpoolP512r1 @@ -477,7 +450,6 @@ dpp_qr_code_curve_brainpoolP384r1 dpp_qr_code_curve_brainpoolP512r1 dpp_qr_code_set_key dpp_qr_code_auth_mutual -dpp_qr_code_auth_mutual2 dpp_qr_code_auth_mutual_p_256 dpp_qr_code_auth_mutual_p_384 dpp_qr_code_auth_mutual_p_521 @@ -514,13 +486,11 @@ dpp_config_no_signed_connector dpp_config_unexpected_signed_connector_char dpp_config_root_not_an_object dpp_config_no_wi_fi_tech -dpp_config_unsupported_wi_fi_tech dpp_config_no_discovery dpp_config_no_discovery_ssid dpp_config_too_long_discovery_ssid dpp_config_no_cred dpp_config_no_cred_akm -dpp_config_unsupported_cred_akm dpp_config_error_legacy_no_pass dpp_config_error_legacy_too_long_pass dpp_config_error_legacy_psk_with_sae @@ -531,13 +501,10 @@ dpp_config_connector_error_ext_sign dpp_config_connector_error_too_short_timestamp dpp_config_connector_error_invalid_timestamp dpp_config_connector_error_invalid_timestamp_date -dpp_config_connector_error_invalid_time_zone -dpp_config_connector_error_invalid_time_zone_2 dpp_config_connector_error_expired_1 dpp_config_connector_error_expired_2 dpp_config_connector_error_expired_3 dpp_config_connector_error_expired_4 -dpp_config_connector_error_expired_5 dpp_config_connector_error_expired_6 dpp_config_connector_error_no_groups dpp_config_connector_error_empty_groups @@ -565,13 +532,6 @@ dpp_ap_config_p256_bp256 dpp_ap_config_bp256_p256 dpp_ap_config_p521_bp512 dpp_ap_config_reconfig_configurator -dpp_auto_connect_1 -dpp_auto_connect_2 -dpp_auto_connect_2_connect_cmd -dpp_auto_connect_2_sta_ver1 -dpp_auto_connect_2_ap_ver1 -dpp_auto_connect_2_ver1 -dpp_auto_connect_2_conf_ver1 dpp_auto_connect_legacy dpp_auto_connect_legacy_ssid_charset dpp_auto_connect_legacy_sae_1 @@ -580,13 +540,6 @@ dpp_auto_connect_legacy_psk_sae_1 dpp_auto_connect_legacy_psk_sae_2 dpp_auto_connect_legacy_psk_sae_3 dpp_auto_connect_legacy_pmf_required -dpp_qr_code_auth_responder_configurator -dpp_qr_code_auth_responder_configurator_group_id -dpp_qr_code_auth_enrollee_init_netrole -dpp_qr_code_hostapd_init -dpp_qr_code_hostapd_init_offchannel -dpp_qr_code_hostapd_init_offchannel_neg_freq -dpp_qr_code_hostapd_ignore_mismatch dpp_test_vector_p_256 dpp_test_vector_p_256_b dpp_test_vector_p_521 @@ -603,7 +556,6 @@ dpp_pkex_no_identifier dpp_pkex_identifier_mismatch dpp_pkex_identifier_mismatch2 dpp_pkex_identifier_mismatch3 -dpp_pkex_5ghz dpp_pkex_test_vector dpp_pkex_code_mismatch dpp_pkex_code_mismatch_limit @@ -625,7 +577,6 @@ dpp_pkex_hostapd_errors dpp_pkex_nak_curve_change dpp_pkex_nak_curve_change2 dpp_hostapd_configurator -dpp_hostapd_configurator_enrollee_v1 dpp_hostapd_configurator_responder dpp_hostapd_configurator_fragmentation dpp_hostapd_enrollee_fragmentation @@ -650,7 +601,6 @@ dpp_proto_stop_at_pkex_cr_req dpp_proto_stop_at_pkex_cr_resp dpp_proto_network_introduction dpp_hostapd_auth_conf_timeout -dpp_hostapd_auth_resp_retries dpp_tcp dpp_tcp_port dpp_tcp_mutual @@ -702,6 +652,5 @@ dpp_qr_code_config_event_initiator_failure dpp_qr_code_config_event_initiator_no_response dpp_qr_code_config_event_initiator_both dpp_tcp_qr_code_config_event_initiator -dpp_qr_code_config_event_responder dpp_discard_public_action diff --git a/.github/workflows/hostap-files/configs/hostap_2_10/extra.patch b/.github/workflows/hostap-files/configs/hostap_2_10/extra.patch new file mode 100644 index 000000000..80ae312f0 --- /dev/null +++ b/.github/workflows/hostap-files/configs/hostap_2_10/extra.patch @@ -0,0 +1,47 @@ +From a53a6a67dc121b45d611318e2a37815cc209839c Mon Sep 17 00:00:00 2001 +From: Juliusz Sosinowicz +Date: Fri, 19 Apr 2024 16:41:38 +0200 +Subject: [PATCH] Fixes for running tests under UML + +- Apply commit ID fix from more recent commit +- priv_sz and pub_sz are checked and fail on UML. Probably because stack is zeroed out. +--- + src/crypto/crypto_wolfssl.c | 2 +- + tests/hwsim/run-all.sh | 8 +++++++- + 2 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c +index 00ecf61352..a57fa50697 100644 +--- a/src/crypto/crypto_wolfssl.c ++++ b/src/crypto/crypto_wolfssl.c +@@ -785,7 +785,7 @@ int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey, + int ret = -1; + WC_RNG rng; + DhKey *dh = NULL; +- word32 priv_sz, pub_sz; ++ word32 priv_sz = prime_len, pub_sz = prime_len; + + if (TEST_FAIL()) + return -1; +diff --git a/tests/hwsim/run-all.sh b/tests/hwsim/run-all.sh +index ee48cd0581..75c3a58b52 100755 +--- a/tests/hwsim/run-all.sh ++++ b/tests/hwsim/run-all.sh +@@ -15,7 +15,13 @@ export LOGDIR + if [ -z "$DBFILE" ]; then + DB="" + else +- DB="-S $DBFILE --commit $(git rev-parse HEAD)" ++ DB="-S $DBFILE" ++ if [ -z "$COMMITID" ]; then ++ COMMITID="$(git rev-parse HEAD)" ++ fi ++ if [ -n "$COMMITID" ]; then ++ DB="$DB --commit $COMMITID" ++ fi + if [ -n "$BUILD" ]; then + DB="$DB -b $BUILD" + fi +-- +2.34.1 + diff --git a/.github/workflows/hostap-files/configs/hostap_2_10/tests b/.github/workflows/hostap-files/configs/hostap_2_10/tests index 732a05441..5679cbda9 100644 --- a/.github/workflows/hostap-files/configs/hostap_2_10/tests +++ b/.github/workflows/hostap-files/configs/hostap_2_10/tests @@ -163,7 +163,6 @@ ap_wpa2_disable_eapol_retry_group ap_wpa2_psk_mic_0 ap_wpa2_psk_local_error ap_wpa2_psk_inject_assoc -ap_wpa2_psk_no_control_port ap_wpa2_psk_ap_control_port ap_wpa2_psk_ap_control_port_disabled ap_wpa2_psk_rsne_mismatch_ap @@ -269,16 +268,3 @@ ap_wpa2_eap_psk_mac_addr_change ap_wpa2_eap_server_get_id ap_wpa2_radius_server_get_id ap_wpa2_eap_sake_no_control_port -ap_wpa2_tdls -ap_wpa2_tdls_concurrent_init -ap_wpa2_tdls_concurrent_init2 -ap_wpa2_tdls_decline_resp -ap_wpa2_tdls_long_lifetime -ap_wpa2_tdls_long_frame -ap_wpa2_tdls_reneg -ap_wpa2_tdls_wrong_lifetime_resp -ap_wpa2_tdls_diff_rsnie -ap_wpa2_tdls_wrong_tpk_m2_mic -ap_wpa2_tdls_wrong_tpk_m3_mic -ap_wpa2_tdls_double_tpk_m2 -ap_wpa2_tdls_responder_teardown diff --git a/.github/workflows/hostap-vm.yml b/.github/workflows/hostap-vm.yml new file mode 100644 index 000000000..fa8e6886e --- /dev/null +++ b/.github/workflows/hostap-vm.yml @@ -0,0 +1,303 @@ +name: hostap and wpa-supplicant Tests + +on: + workflow_call: + +env: + LINUX_REF: v6.6 + +jobs: + build_wolfssl: + strategy: + matrix: + include: + - build_id: hostap-vm-build1 + wolf_extra_config: --disable-tls13 + - build_id: hostap-vm-build2 + wolf_extra_config: >- + --enable-wpas-dpp --enable-brainpool --with-eccminsz=192 + --enable-tlsv10 --enable-oldtls + # - build_id: hostap-vm-build3 + # wolf_extra_config: >- + # --enable-wpas-dpp --enable-brainpool --with-eccminsz=192 + # --enable-tlsv10 --enable-oldtls + name: Build wolfSSL + runs-on: ubuntu-latest + # This should be a safe limit for the tests to run. + timeout-minutes: 10 + steps: + # No way to view the full strategy in the browser (really weird) + - name: Print strategy + run: | + cat <> $GITHUB_ENV + + - name: Build wolfSSL + uses: wolfSSL/actions-build-autotools-project@v1 + with: + path: wolfssl + configure: >- + --enable-wpas CPPFLAGS=-DWOLFSSL_STATIC_RSA + ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }} + install: true + + - name: Upload built lib + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.build_id }} + path: build-dir + retention-days: 5 + + build_uml_linux: + name: Build UML (UserMode Linux) + runs-on: ubuntu-latest + # This should be a safe limit for the tests to run. + timeout-minutes: 10 + steps: + - name: Checking if we have kernel in cache + uses: actions/cache@v4 + id: cache + with: + path: linux/linux + key: ${{ env.LINUX_REF }} + lookup-only: true + + - name: Checkout hostap + if: steps.cache.outputs.cache-hit != 'true' + uses: actions/checkout@v4 + with: + repository: julek-wolfssl/hostap-mirror + path: hostap + + - name: Checkout linux + if: steps.cache.outputs.cache-hit != 'true' + uses: actions/checkout@v4 + with: + repository: torvalds/linux + path: linux + + - name: Compile linux + if: steps.cache.outputs.cache-hit != 'true' + run: | + cp hostap/tests/hwsim/vm/kernel-config.uml linux/.config + cd linux + yes "" | ARCH=um make -j $(nproc) + + hostap_test: + strategy: + fail-fast: false + matrix: + # should hostapd be compiled with wolfssl + hostapd: [true, false] + # should wpa_supplicant be compiled with wolfssl + wpa_supplicant: [true, false] + # Fix the versions of hostap and osp to not break testing when a new + # patch is added in to osp. Tests are read from the corresponding + # configs/hostap_ref/tests file. + config: [ + { + hostap_ref: hostap_2_10, + remove_teap: true, + # TLS 1.3 does not work for this version + build_id: hostap-vm-build1, + }, + # Test the dpp patch + { + hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb, + osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446, + build_id: hostap-vm-build2 + }, + ] + exclude: + # don't test openssl on both sides + - hostapd: false + wpa_supplicant: false + # no hostapd support for dpp yet + - hostapd: true + config: { + hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb, + osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446, + build_id: hostap-vm-build2 + } + name: hwsim test + # For openssl 1.1 + runs-on: ubuntu-latest + # This should be a safe limit for the tests to run. + timeout-minutes: 12 + needs: [build_wolfssl, build_uml_linux] + steps: + - name: Checking if we have kernel in cache + uses: actions/cache/restore@v4 + id: cache + with: + path: linux/linux + key: ${{ env.LINUX_REF }} + fail-on-cache-miss: true + + - name: show file structure + run: tree + + # No way to view the full strategy in the browser (really weird) + - name: Print strategy + run: | + cat <> $GITHUB_ENV + echo Our job run ID is $SHA_SUM + + - name: Checkout wolfSSL + uses: actions/checkout@v4 + with: + path: wolfssl + + - name: Download lib + uses: actions/download-artifact@v4 + with: + name: ${{ matrix.config.build_id }} + path: build-dir + + - name: Install dependencies + run: | + # Don't prompt for anything + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + # hostap dependencies + sudo apt-get install -y libpcap0.8 libpcap-dev curl libcurl4-openssl-dev \ + libnl-3-dev binutils-dev libssl-dev libiberty-dev libnl-genl-3-dev \ + libnl-route-3-dev libdbus-1-dev bridge-utils tshark + sudo pip3 install pycryptodome + + - name: Checkout hostap + uses: actions/checkout@v4 + with: + repository: julek-wolfssl/hostap-mirror + path: hostap + ref: ${{ matrix.config.hostap_ref }} + + - name: Update certs + working-directory: hostap/tests/hwsim/auth_serv + run: ./update.sh + + - if: ${{ matrix.config.osp_ref }} + name: Checkout OSP + uses: actions/checkout@v4 + with: + repository: wolfssl/osp + path: osp + ref: ${{ matrix.config.osp_ref }} + + - if: ${{ matrix.config.osp_ref }} + name: Apply patch files + working-directory: hostap + run: | + for f in $GITHUB_WORKSPACE/osp/hostap-patches/pending/* + do + patch -p1 < $f + done + + - name: Apply extra patches + working-directory: hostap + run: | + FILE=$GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/extra.patch + if [ -f "$FILE" ]; then + patch -p1 < $FILE + fi + + - if: ${{ matrix.hostapd }} + name: Setup hostapd config file + run: | + cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/hostapd.config \ + hostap/hostapd/.config + cat <> hostap/hostapd/.config + CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib + LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib + EOF + + - if: ${{ matrix.wpa_supplicant }} + name: Setup wpa_supplicant config file + run: | + cp wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/wpa_supplicant.config \ + hostap/wpa_supplicant/.config + cat <> hostap/wpa_supplicant/.config + CFLAGS += -I$GITHUB_WORKSPACE/build-dir/include -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib + LIBS += -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib + EOF + + - name: Build hostap and wpa_supplicant + working-directory: hostap/tests/hwsim/ + run: ./build.sh + + - if: ${{ matrix.hostapd }} + name: Confirm hostapd linking with wolfSSL + run: ldd hostap/hostapd/hostapd | grep wolfssl + + - if: ${{ matrix.wpa_supplicant }} + name: Confirm wpa_supplicant linking with wolfSSL + run: ldd hostap/wpa_supplicant/wpa_supplicant | grep wolfssl + + - if: ${{ matrix.config.remove_teap }} + name: Remove EAP-TEAP from test configuration + working-directory: hostap/tests/hwsim/auth_serv + run: | + sed -e 's/"erp-teap@example.com"\tTEAP//' -i eap_user.conf + sed -e 's/"erp-teap@example.com"\tMSCHAPV2\t"password"\t\[2\]//' -i eap_user.conf + sed -e 's/"TEAP"\t\tTEAP//' -i eap_user.conf + sed -e 's/TEAP,//' -i eap_user.conf + + - if: ${{ runner.debug }} + name: Enable hostap debug logging + run: | + echo "hostap_debug_flags=--debug" >> $GITHUB_ENV + + - name: Run tests + id: testing + working-directory: hostap/tests/hwsim/ + run: | + cat <> vm/vm-config + KERNELDIR=$GITHUB_WORKSPACE/linux + KVMARGS="-cpu host" + EOF + # Run tests in increments of 200 to not stall out the parallel-vm script + while mapfile -t -n 200 ary && ((${#ary[@]})); do + TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ') + HWSIM_RES=0 # Not set when command succeeds + ./vm/parallel-vm.py ${{ env.hostap_debug_flags }} --nocurses $(nproc) $TESTS || HWSIM_RES=$? + if [ "$HWSIM_RES" -ne "0" ]; then + # Let's re-run the failing tests. We gather the failed tests from the log file. + FAILED_TESTS=$(grep 'failed tests' /tmp/hwsim-test-logs/*-parallel.log | sed 's/failed tests: //' | tr ' ' '\n' | sort | uniq | tr '\n' ' ') + printf 'failed tests: %s\n' "$FAILED_TESTS" + ./vm/parallel-vm.py ${{ env.hostap_debug_flags }} --nocurses $(nproc) $FAILED_TESTS + fi + rm -r /tmp/hwsim-test-logs + done < $GITHUB_WORKSPACE/wolfssl/.github/workflows/hostap-files/configs/${{ matrix.config.hostap_ref }}/tests + + # The logs are quite big. It hasn't been useful so far so let's not waste + # precious gh space. + #- name: zip logs + # if: ${{ failure() && steps.testing.outcome == 'failure' }} + # working-directory: hostap/tests/hwsim/ + # run: | + # rm /tmp/hwsim-test-logs/latest + # zip -9 -r logs.zip /tmp/hwsim-test-logs + # + #- name: Upload failure logs + # if: ${{ failure() && steps.testing.outcome == 'failure' }} + # uses: actions/upload-artifact@v4 + # with: + # name: hostap-logs-${{ env.our_job_run_id }} + # path: hostap/tests/hwsim/logs.zip + # retention-days: 5 diff --git a/src/tls.c b/src/tls.c index 82587f032..d4861c025 100644 --- a/src/tls.c +++ b/src/tls.c @@ -319,7 +319,9 @@ int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, int count) if (!IsTLS_ex(ctx->method->version)) return BAD_FUNC_ARG; + #ifdef WOLFSSL_TLS13 ctx->numGroups = 0; + #endif #if !defined(NO_TLS) TLSX_Remove(&ctx->extensions, TLSX_SUPPORTED_GROUPS, ctx->heap); #endif /* !NO_TLS */ @@ -333,9 +335,13 @@ int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups, int count) #endif /* !NO_TLS */ return ret; } + #ifdef WOLFSSL_TLS13 ctx->group[i] = (word16)groups[i]; + #endif } + #ifdef WOLFSSL_TLS13 ctx->numGroups = (byte)count; + #endif return WOLFSSL_SUCCESS; } @@ -358,7 +364,9 @@ int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count) if (!IsTLS_ex(ssl->version)) return BAD_FUNC_ARG; + #ifdef WOLFSSL_TLS13 ssl->numGroups = 0; + #endif #if !defined(NO_TLS) TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_GROUPS, ssl->heap); #endif /* !NO_TLS */ @@ -372,9 +380,13 @@ int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count) #endif /* !NO_TLS */ return ret; } + #ifdef WOLFSSL_TLS13 ssl->group[i] = (word16)groups[i]; + #endif } + #ifdef WOLFSSL_TLS13 ssl->numGroups = (byte)count; + #endif return WOLFSSL_SUCCESS; } diff --git a/tests/api.c b/tests/api.c index 0e5ecc2eb..70c732d2c 100644 --- a/tests/api.c +++ b/tests/api.c @@ -40475,7 +40475,8 @@ static int test_wolfSSL_set1_curves_list(void) return EXPECT_RESULT(); } -#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) +#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ + (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && defined(HAVE_ECC) static int test_wolfSSL_curves_mismatch_ctx_ready(WOLFSSL_CTX* ctx) { static int counter = 0; @@ -40505,7 +40506,8 @@ static int test_wolfSSL_curves_mismatch_ctx_ready(WOLFSSL_CTX* ctx) static int test_wolfSSL_curves_mismatch(void) { EXPECT_DECLS; -#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) +#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \ + (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) && defined(HAVE_ECC) test_ssl_cbf func_cb_client; test_ssl_cbf func_cb_server; size_t i; @@ -55515,7 +55517,7 @@ static int test_tls13_apis(void) #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups), - BAD_FUNC_ARG); + WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG); @@ -55539,7 +55541,7 @@ static int test_tls13_apis(void) #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups), - BAD_FUNC_ARG); + WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups, WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG); @@ -55566,7 +55568,7 @@ static int test_tls13_apis(void) #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList), - WOLFSSL_FAILURE); + WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList), WOLFSSL_SUCCESS); @@ -55584,7 +55586,7 @@ static int test_tls13_apis(void) #ifndef NO_WOLFSSL_CLIENT #ifndef WOLFSSL_NO_TLS12 ExpectIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList), - WOLFSSL_FAILURE); + WOLFSSL_SUCCESS); #endif ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList), WOLFSSL_SUCCESS);