Added new “wolfSSL_mcast_get_max_peers” API. Minor cleanup with examples/client failure case. Fix possible unused var in wolfSSL_set_secret with DTLS disabled.

examples/client/client.c

@@ -861,7 +861,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 #ifdef WOLFSSL_EARLY_DATA
     int earlyData = 0;
 #endif
+#ifdef WOLFSSL_MULTICAST
     byte mcastID = 0;
+#endif
 
 #ifdef HAVE_OCSP
     int    useOcsp  = 0;
@@ -903,7 +905,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     (void)updateKeysIVs;
     (void)useX25519;
     (void)helloRetry;
-    (void)mcastID;
 
     StackTrap();
 
@@ -1678,8 +1679,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     if (doMcast) {
 #ifdef WOLFSSL_MULTICAST
         wolfSSL_CTX_mcast_set_member_id(ctx, mcastID);
-        if (wolfSSL_CTX_set_cipher_list(ctx, "WDM-NULL-SHA256") != SSL_SUCCESS)
+        if (wolfSSL_CTX_set_cipher_list(ctx, "WDM-NULL-SHA256") != SSL_SUCCESS) {
+            wolfSSL_CTX_free(ctx);
             err_sys("Couldn't set multicast cipher list.");
+        }
 #endif
     }
 
@@ -1730,9 +1733,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 
     if (doMcast) {
 #ifdef WOLFSSL_MULTICAST
-        byte pms[512];
+        byte pms[512]; /* pre master secret */
-        byte cr[32];
+        byte cr[32];   /* client random */
-        byte sr[32];
+        byte sr[32];   /* server random */
         const byte suite[2] = {0, 0xfe};  /* WDM_WITH_NULL_SHA256 */
 
         XMEMSET(pms, 0x23, sizeof(pms));
@@ -1740,8 +1743,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         XMEMSET(sr, 0x5A, sizeof(sr));
 
         if (wolfSSL_set_secret(ssl, 1, pms, sizeof(pms), cr, sr, suite)
-                != SSL_SUCCESS)
+                                                               != SSL_SUCCESS) {
+            wolfSSL_CTX_free(ctx);
             err_sys("unable to set mcast secret");
+        }
 #endif
     }
 

src/ssl.c

@@ -870,6 +870,10 @@ int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX* ctx, word16 id)
     return ret;
 }
 
+int wolfSSL_mcast_get_max_peers(void)
+{
+    return WOLFSSL_MULTICAST_PEERS;
+}
 
 #ifdef WOLFSSL_DTLS
 static INLINE word32 UpdateHighwaterMark(word32 cur, word32 first,
@@ -889,7 +893,7 @@ static INLINE word32 UpdateHighwaterMark(word32 cur, word32 first,
 #endif /* WOLFSSL_DTLS */
 
 
-int wolfSSL_set_secret(WOLFSSL* ssl, unsigned short epoch,
+int wolfSSL_set_secret(WOLFSSL* ssl, word16 epoch,
                        const byte* preMasterSecret, word32 preMasterSz,
                        const byte* clientRandom, const byte* serverRandom,
                        const byte* suite)
@@ -947,6 +951,8 @@ int wolfSSL_set_secret(WOLFSSL* ssl, unsigned short epoch,
                         ssl->ctx->mcastSecondSeq,
                         ssl->ctx->mcastMaxSeq);
             }
+        #else
+            (void)epoch;
         #endif
         }
         ret = SSL_SUCCESS;

wolfssl/ssl.h

@@ -516,6 +516,7 @@ WOLFSSL_API int  wolfSSL_set_secret(WOLFSSL*, unsigned short,
                      const unsigned char*);
 WOLFSSL_API int  wolfSSL_mcast_read(WOLFSSL*, unsigned short*, void*, int);
 WOLFSSL_API int  wolfSSL_mcast_peer_add(WOLFSSL*, unsigned short, int);
+WOLFSSL_API int  wolfSSL_mcast_get_max_peers(void);
 typedef int (*CallbackMcastHighwater)(unsigned short peerId,
                                       unsigned int maxSeq,
                                       unsigned int curSeq, void* ctx);