From d75c2e2a919c3299edf4b8d272797de4d6feb198 Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 8 Dec 2017 08:30:26 +0100 Subject: [PATCH] Added new `WOLFSSL_EXTRA` define for expanded API's without openssl extra. Removed old `GOAHEAD_WS`, which had build errors and current project requires full openssl extra compatability. Fix unused arg build warnings for OCSP. The `WOLFSSL_EXTRA` adds: `wolfSSL_CTX_set_quiet_shutdown`, `wolfSSL_set_quiet_shutdown`, `wolfSSL_set_accept_state` and `wolfSSL_set_connect_state`. --- src/internal.c | 6 +++--- src/ssl.c | 44 ++++++++++++++++++++++++++------------------ wolfssl/internal.h | 6 +++--- 3 files changed, 32 insertions(+), 24 deletions(-) diff --git a/src/internal.c b/src/internal.c index ddfc5f94e..6046b1ec2 100644 --- a/src/internal.c +++ b/src/internal.c @@ -4242,7 +4242,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer; ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; -#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS) +#ifdef KEEP_PEER_CERT InitX509(&ssl->peerCert, 0, ssl->heap); #endif @@ -4760,7 +4760,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) DYNAMIC_TYPE_COOKIE_PWD); #endif #endif /* WOLFSSL_DTLS */ -#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) +#ifdef OPENSSL_EXTRA if (ssl->biord != ssl->biowr) /* only free write if different */ wolfSSL_BIO_free(ssl->biowr); wolfSSL_BIO_free(ssl->biord); /* always free read bio */ @@ -4823,7 +4823,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) if (ssl->nxCtx.nxPacket) nx_packet_release(ssl->nxCtx.nxPacket); #endif -#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS) +#ifdef KEEP_PEER_CERT FreeX509(&ssl->peerCert); #endif diff --git a/src/ssl.c b/src/ssl.c index d6db75755..c596b9489 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5880,7 +5880,6 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl) #endif #ifdef HAVE_OCSP - /* check CRL if enabled, WOLFSSL_SUCCESS */ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz) { @@ -11020,8 +11019,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #endif /* !NO_CERTS */ -#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) - +#ifdef OPENSSL_EXTRA int wolfSSL_add_all_algorithms(void) { @@ -11047,7 +11045,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #endif } - +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX* ctx, int mode) { WOLFSSL_ENTER("wolfSSL_CTX_set_quiet_shutdown"); @@ -11062,6 +11060,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) if (mode) ssl->options.quietShutdown = 1; } +#endif void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr) @@ -11074,7 +11073,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl) ssl->biowr = wr; } - void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx, WOLF_STACK_OF(WOLFSSL_X509_NAME)* names) { @@ -11202,7 +11200,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) } #if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \ - && !defined(WC_NO_RNG) + && !defined(WC_NO_RNG) static const byte srp_N[] = { 0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, 0x9C, 0x33, 0xF8, 0x0A, 0xFA, 0x8F, 0xC5, 0xE8, 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF, @@ -11379,7 +11377,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return WOLFSSL_SUCCESS; } +#endif /* OPENSSL_EXTRA */ +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) void wolfSSL_set_accept_state(WOLFSSL* ssl) { word16 haveRSA = 1; @@ -11425,7 +11425,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) ssl->options.haveECDSAsig, ssl->options.haveECC, ssl->options.haveStaticECC, ssl->options.side); } -#endif + +#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */ /* return true if connection established */ int wolfSSL_is_init_finished(WOLFSSL* ssl) @@ -11439,7 +11440,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return 0; } -#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) +#ifdef OPENSSL_EXTRA + void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX* ctx, WOLFSSL_RSA*(*f)(WOLFSSL*, int, int)) { @@ -11530,17 +11532,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl) } +#ifndef NO_CERTS WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx) { if (ctx == NULL) { return NULL; } - return &(ctx->x509_store); + return &ctx->x509_store; } -#ifndef NO_CERTS void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str) { if (ctx == NULL || str == NULL) { @@ -11591,8 +11593,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) return; ctx->verify_cb = verify_cb; } -#endif - +#endif /* !NO_CERTS */ WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void) { @@ -12037,10 +12038,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) (void)bio; return 1; } - - -#endif /* OPENSSL_EXTRA || GOAHEAD_WS */ - +#endif /* OPENSSL_EXTRA */ #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) @@ -14193,7 +14191,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509) } } -#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSSL_EXTRA */ +#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA */ #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) @@ -15312,7 +15310,10 @@ int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id, return 0; } +#endif /* OPENSSL_EXTRA */ + +#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) void wolfSSL_set_connect_state(WOLFSSL* ssl) { word16 haveRSA = 1; @@ -15351,7 +15352,8 @@ void wolfSSL_set_connect_state(WOLFSSL* ssl) } ssl->options.side = WOLFSSL_CLIENT_END; } -#endif +#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */ + int wolfSSL_get_shutdown(const WOLFSSL* ssl) { @@ -26325,6 +26327,8 @@ int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, if (ctx == NULL || ctx->cm == NULL) return WOLFSSL_FAILURE; +#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ + || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) /* Ensure stapling is on for callback to be used. */ wolfSSL_CTX_EnableOCSPStapling(ctx); @@ -26332,6 +26336,10 @@ int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, return WOLFSSL_FAILURE; ctx->cm->ocsp_stapling->statusCb = cb; +#else + (void)cb; +#endif + return WOLFSSL_SUCCESS; } diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 3a011850c..1d6014a55 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -159,7 +159,7 @@ #define WOLFSSL_PTHREADS #include #endif - #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) + #ifdef OPENSSL_EXTRA #include /* for close of BIO */ #endif #endif @@ -2356,7 +2356,7 @@ struct WOLFSSL_CTX { WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */ byte readAhead; void* userPRFArg; /* passed to prf callback */ -#endif /* OPENSSL_EXTRA */ +#endif #ifdef HAVE_EX_DATA void* ex_data[MAX_EX_DATA]; #endif @@ -3322,7 +3322,7 @@ struct WOLFSSL { #ifdef HAVE_PK_CALLBACKS void* loggingCtx; /* logging callback argument */ #endif -#endif +#endif /* OPENSSL_EXTRA */ #ifndef NO_RSA RsaKey* peerRsaKey; byte peerRsaKeyPresent;