forked from wolfSSL/wolfssl
Added new WOLFSSL_EXTRA define for expanded API's without openssl extra. Removed old GOAHEAD_WS, which had build errors and current project requires full openssl extra compatability. Fix unused arg build warnings for OCSP. The WOLFSSL_EXTRA adds: wolfSSL_CTX_set_quiet_shutdown, wolfSSL_set_quiet_shutdown, wolfSSL_set_accept_state and wolfSSL_set_connect_state.
This commit is contained in:
David Garske
@@ -4242,7 +4242,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
|||||||
ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer;
|
ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer;
|
||||||
ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN;
|
ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN;
|
||||||
|
|
||||||
#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
|
#ifdef KEEP_PEER_CERT
|
||||||
InitX509(&ssl->peerCert, 0, ssl->heap);
|
InitX509(&ssl->peerCert, 0, ssl->heap);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -4760,7 +4760,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
|||||||
DYNAMIC_TYPE_COOKIE_PWD);
|
DYNAMIC_TYPE_COOKIE_PWD);
|
||||||
#endif
|
#endif
|
||||||
#endif /* WOLFSSL_DTLS */
|
#endif /* WOLFSSL_DTLS */
|
||||||
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
|
#ifdef OPENSSL_EXTRA
|
||||||
if (ssl->biord != ssl->biowr) /* only free write if different */
|
if (ssl->biord != ssl->biowr) /* only free write if different */
|
||||||
wolfSSL_BIO_free(ssl->biowr);
|
wolfSSL_BIO_free(ssl->biowr);
|
||||||
wolfSSL_BIO_free(ssl->biord); /* always free read bio */
|
wolfSSL_BIO_free(ssl->biord); /* always free read bio */
|
||||||
@@ -4823,7 +4823,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
|||||||
if (ssl->nxCtx.nxPacket)
|
if (ssl->nxCtx.nxPacket)
|
||||||
nx_packet_release(ssl->nxCtx.nxPacket);
|
nx_packet_release(ssl->nxCtx.nxPacket);
|
||||||
#endif
|
#endif
|
||||||
#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
|
#ifdef KEEP_PEER_CERT
|
||||||
FreeX509(&ssl->peerCert);
|
FreeX509(&ssl->peerCert);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
44
src/ssl.c
44
src/ssl.c
@@ -5880,7 +5880,6 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl)
|
|||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_OCSP
|
#ifdef HAVE_OCSP
|
||||||
|
|
||||||
|
|
||||||
/* check CRL if enabled, WOLFSSL_SUCCESS */
|
/* check CRL if enabled, WOLFSSL_SUCCESS */
|
||||||
int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
|
int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
|
||||||
{
|
{
|
||||||
@@ -11020,8 +11019,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
#endif /* !NO_CERTS */
|
#endif /* !NO_CERTS */
|
||||||
|
|
||||||
|
|
||||||
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
|
#ifdef OPENSSL_EXTRA
|
||||||
|
|
||||||
|
|
||||||
int wolfSSL_add_all_algorithms(void)
|
int wolfSSL_add_all_algorithms(void)
|
||||||
{
|
{
|
||||||
@@ -11047,7 +11045,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
|
||||||
void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX* ctx, int mode)
|
void wolfSSL_CTX_set_quiet_shutdown(WOLFSSL_CTX* ctx, int mode)
|
||||||
{
|
{
|
||||||
WOLFSSL_ENTER("wolfSSL_CTX_set_quiet_shutdown");
|
WOLFSSL_ENTER("wolfSSL_CTX_set_quiet_shutdown");
|
||||||
@@ -11062,6 +11060,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
if (mode)
|
if (mode)
|
||||||
ssl->options.quietShutdown = 1;
|
ssl->options.quietShutdown = 1;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr)
|
void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr)
|
||||||
@@ -11074,7 +11073,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
ssl->biowr = wr;
|
ssl->biowr = wr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx,
|
void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx,
|
||||||
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names)
|
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names)
|
||||||
{
|
{
|
||||||
@@ -11202,7 +11200,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \
|
#if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \
|
||||||
&& !defined(WC_NO_RNG)
|
&& !defined(WC_NO_RNG)
|
||||||
static const byte srp_N[] = {
|
static const byte srp_N[] = {
|
||||||
0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, 0x9C, 0x33, 0xF8,
|
0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, 0x9C, 0x33, 0xF8,
|
||||||
0x0A, 0xFA, 0x8F, 0xC5, 0xE8, 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF,
|
0x0A, 0xFA, 0x8F, 0xC5, 0xE8, 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF,
|
||||||
@@ -11379,7 +11377,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#endif /* OPENSSL_EXTRA */
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
|
||||||
void wolfSSL_set_accept_state(WOLFSSL* ssl)
|
void wolfSSL_set_accept_state(WOLFSSL* ssl)
|
||||||
{
|
{
|
||||||
word16 haveRSA = 1;
|
word16 haveRSA = 1;
|
||||||
@@ -11425,7 +11425,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
ssl->options.haveECDSAsig, ssl->options.haveECC,
|
ssl->options.haveECDSAsig, ssl->options.haveECC,
|
||||||
ssl->options.haveStaticECC, ssl->options.side);
|
ssl->options.haveStaticECC, ssl->options.side);
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */
|
||||||
|
|
||||||
/* return true if connection established */
|
/* return true if connection established */
|
||||||
int wolfSSL_is_init_finished(WOLFSSL* ssl)
|
int wolfSSL_is_init_finished(WOLFSSL* ssl)
|
||||||
@@ -11439,7 +11440,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
|
#ifdef OPENSSL_EXTRA
|
||||||
|
|
||||||
void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX* ctx,
|
void wolfSSL_CTX_set_tmp_rsa_callback(WOLFSSL_CTX* ctx,
|
||||||
WOLFSSL_RSA*(*f)(WOLFSSL*, int, int))
|
WOLFSSL_RSA*(*f)(WOLFSSL*, int, int))
|
||||||
{
|
{
|
||||||
@@ -11530,17 +11532,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef NO_CERTS
|
||||||
WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx)
|
WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx)
|
||||||
{
|
{
|
||||||
if (ctx == NULL) {
|
if (ctx == NULL) {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
return &(ctx->x509_store);
|
return &ctx->x509_store;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#ifndef NO_CERTS
|
|
||||||
void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str)
|
void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str)
|
||||||
{
|
{
|
||||||
if (ctx == NULL || str == NULL) {
|
if (ctx == NULL || str == NULL) {
|
||||||
@@ -11591,8 +11593,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
return;
|
return;
|
||||||
ctx->verify_cb = verify_cb;
|
ctx->verify_cb = verify_cb;
|
||||||
}
|
}
|
||||||
#endif
|
#endif /* !NO_CERTS */
|
||||||
|
|
||||||
|
|
||||||
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void)
|
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void)
|
||||||
{
|
{
|
||||||
@@ -12037,10 +12038,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
|||||||
(void)bio;
|
(void)bio;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
#endif /* OPENSSL_EXTRA */
|
||||||
|
|
||||||
#endif /* OPENSSL_EXTRA || GOAHEAD_WS */
|
|
||||||
|
|
||||||
|
|
||||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
||||||
|
|
||||||
@@ -14193,7 +14191,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSSL_EXTRA */
|
#endif /* KEEP_PEER_CERT || SESSION_CERTS || OPENSSL_EXTRA */
|
||||||
|
|
||||||
#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
|
#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)
|
||||||
|
|
||||||
@@ -15312,7 +15310,10 @@ int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#endif /* OPENSSL_EXTRA */
|
||||||
|
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
|
||||||
void wolfSSL_set_connect_state(WOLFSSL* ssl)
|
void wolfSSL_set_connect_state(WOLFSSL* ssl)
|
||||||
{
|
{
|
||||||
word16 haveRSA = 1;
|
word16 haveRSA = 1;
|
||||||
@@ -15351,7 +15352,8 @@ void wolfSSL_set_connect_state(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
ssl->options.side = WOLFSSL_CLIENT_END;
|
ssl->options.side = WOLFSSL_CLIENT_END;
|
||||||
}
|
}
|
||||||
#endif
|
#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA */
|
||||||
|
|
||||||
|
|
||||||
int wolfSSL_get_shutdown(const WOLFSSL* ssl)
|
int wolfSSL_get_shutdown(const WOLFSSL* ssl)
|
||||||
{
|
{
|
||||||
@@ -26325,6 +26327,8 @@ int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx,
|
|||||||
if (ctx == NULL || ctx->cm == NULL)
|
if (ctx == NULL || ctx->cm == NULL)
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
|
|
||||||
|
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|
||||||
|
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
||||||
/* Ensure stapling is on for callback to be used. */
|
/* Ensure stapling is on for callback to be used. */
|
||||||
wolfSSL_CTX_EnableOCSPStapling(ctx);
|
wolfSSL_CTX_EnableOCSPStapling(ctx);
|
||||||
|
|
||||||
@@ -26332,6 +26336,10 @@ int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx,
|
|||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
|
|
||||||
ctx->cm->ocsp_stapling->statusCb = cb;
|
ctx->cm->ocsp_stapling->statusCb = cb;
|
||||||
|
#else
|
||||||
|
(void)cb;
|
||||||
|
#endif
|
||||||
|
|
||||||
return WOLFSSL_SUCCESS;
|
return WOLFSSL_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -159,7 +159,7 @@
|
|||||||
#define WOLFSSL_PTHREADS
|
#define WOLFSSL_PTHREADS
|
||||||
#include <pthread.h>
|
#include <pthread.h>
|
||||||
#endif
|
#endif
|
||||||
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
|
#ifdef OPENSSL_EXTRA
|
||||||
#include <unistd.h> /* for close of BIO */
|
#include <unistd.h> /* for close of BIO */
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
@@ -2356,7 +2356,7 @@ struct WOLFSSL_CTX {
|
|||||||
WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */
|
WOLFSSL_X509_STORE x509_store; /* points to ctx->cm */
|
||||||
byte readAhead;
|
byte readAhead;
|
||||||
void* userPRFArg; /* passed to prf callback */
|
void* userPRFArg; /* passed to prf callback */
|
||||||
#endif /* OPENSSL_EXTRA */
|
#endif
|
||||||
#ifdef HAVE_EX_DATA
|
#ifdef HAVE_EX_DATA
|
||||||
void* ex_data[MAX_EX_DATA];
|
void* ex_data[MAX_EX_DATA];
|
||||||
#endif
|
#endif
|
||||||
@@ -3322,7 +3322,7 @@ struct WOLFSSL {
|
|||||||
#ifdef HAVE_PK_CALLBACKS
|
#ifdef HAVE_PK_CALLBACKS
|
||||||
void* loggingCtx; /* logging callback argument */
|
void* loggingCtx; /* logging callback argument */
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif /* OPENSSL_EXTRA */
|
||||||
#ifndef NO_RSA
|
#ifndef NO_RSA
|
||||||
RsaKey* peerRsaKey;
|
RsaKey* peerRsaKey;
|
||||||
byte peerRsaKeyPresent;
|
byte peerRsaKeyPresent;
|
||||||
|
|||||||
Reference in New Issue
Block a user