From e7f1d39456156720f363999684f2694e249a4868 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Sat, 25 Jul 2020 00:47:59 +0200 Subject: [PATCH] OpenSSL Compat layer Implement WOLFSSL_CONF_VALUE: - wolfSSL_CONF_VALUE_new - wolfSSL_CONF_VALUE_new_values - wolfSSL_CONF_add_string - wolfSSL_X509V3_conf_free - wolfSSL_sk_CONF_VALUE_push - wolfSSL_NCONF_load - wolfSSL_NCONF_free - wolfSSL_CONF_new_section - wolfSSL_CONF_get_section Implment some buffer functions - wolfSSL_strlcat - wolfSSL_strlcpy --- src/ssl.c | 413 ++++++++++++++++++++++++++++++++++++++- wolfssl/openssl/asn1.h | 5 +- wolfssl/openssl/buffer.h | 4 + wolfssl/openssl/conf.h | 20 ++ wolfssl/openssl/lhash.h | 23 ++- wolfssl/openssl/ssl.h | 6 + wolfssl/openssl/txt_db.h | 4 + wolfssl/openssl/x509.h | 12 ++ wolfssl/ssl.h | 2 + 9 files changed, 478 insertions(+), 11 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index c6683b449..e23cd196b 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -19191,9 +19191,174 @@ int wolfSSL_CONF_modules_load(const WOLFSSL_CONF *cnf, const char *appname, WOLFSSL_ENTER("wolfSSL_CONF_modules_load"); WOLFSSL_MSG("All wolfSSL modules are already compiled in. " "wolfSSL_CONF_modules_load doesn't load anything new."); + (void)cnf; + (void)appname; + (void)flags; return WOLFSSL_SUCCESS; } +WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void) +{ + WOLFSSL_CONF_VALUE* ret; + + WOLFSSL_ENTER("wolfSSL_CONF_new"); + + ret = (WOLFSSL_CONF_VALUE*)XMALLOC(sizeof(WOLFSSL_CONF_VALUE), + NULL, DYNAMIC_TYPE_OPENSSL); + if (ret) + XMEMSET(ret, 0, sizeof(WOLFSSL_CONF_VALUE)); + return ret; +} + +WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section, + char* name, char* value) +{ + WOLFSSL_CONF_VALUE* ret; + int len; + + WOLFSSL_ENTER("wolfSSL_CONF_VALUE_new_values"); + + if (!(ret = wolfSSL_CONF_VALUE_new())) { + WOLFSSL_MSG("wolfSSL_CONF_VALUE_new error"); + return NULL; + } + + if (section) { + len = XSTRLEN(section); + ret->section = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); + if (!ret->section) { + WOLFSSL_MSG("malloc error"); + wolfSSL_X509V3_conf_free(ret); + return NULL; + } + } + + if (name) { + len = XSTRLEN(name); + ret->name = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); + if (!ret->name) { + WOLFSSL_MSG("malloc error"); + wolfSSL_X509V3_conf_free(ret); + return NULL; + } + } + + if (value) { + len = XSTRLEN(value); + ret->value = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_OPENSSL); + if (!ret->value) { + WOLFSSL_MSG("malloc error"); + wolfSSL_X509V3_conf_free(ret); + return NULL; + } + } + + return ret; +} + +int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf, + WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value) +{ + WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; + + if (!conf || !section || !value) { + WOLFSSL_MSG("Bad parameter"); + return WOLFSSL_FAILURE; + } + + sk = (WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *)section->value; + value->section = section->section; + + if (wolfSSL_sk_CONF_VALUE_push(sk, value) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error"); + return WOLFSSL_FAILURE; + } + if (wolfSSL_sk_CONF_VALUE_push(conf->data, value) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error"); + return WOLFSSL_FAILURE; + } + + return WOLFSSL_SUCCESS; +} + +WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf, + const char *section) +{ + WOLFSSL_CONF_VALUE* ret = NULL; + WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; + int slen; + + WOLFSSL_ENTER("wolfSSL_CONF_new_section"); + + if (!conf || !section) { + WOLFSSL_MSG("Bad parameter"); + return NULL; + } + + slen = XSTRLEN(section); + + if (!(ret = wolfSSL_CONF_VALUE_new())) { + WOLFSSL_MSG("wolfSSL_CONF_new error"); + goto error; + } + + if (!(ret->section = (char*)XMALLOC(slen+1, NULL, DYNAMIC_TYPE_OPENSSL))) { + WOLFSSL_MSG("section malloc error"); + goto error; + } + + if (!(sk = wolfSSL_sk_CONF_VALUE_new(NULL))) { + WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_new error"); + goto error; + } + + ret->value = (char*)sk; + + if (wolfSSL_sk_CONF_VALUE_push(conf->data, ret) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error"); + goto error; + } + + return ret; +error: + if (ret) { + /* NULL so that wolfSSL_X509V3_conf_free doesn't attempt to free it */ + ret->value = NULL; + wolfSSL_X509V3_conf_free(ret); + } + if (sk) { + wolfSSL_sk_CONF_VALUE_free(sk); + } + return NULL; +} + +WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf, + const char *section) +{ + WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; + + WOLFSSL_ENTER("wolfSSL_CONF_get_section"); + + if (!conf || !section) { + WOLFSSL_MSG("Bad parameter"); + return NULL; + } + + sk = conf->data; + + while (sk) { + WOLFSSL_CONF_VALUE* val = sk->data.conf; + if (val) { + if (XSTRCMP(section, val->section) == 0) { + return val; + } + } + sk = sk->next; + } + + return NULL; +} + WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth) { WOLFSSL_CONF* ret; @@ -19279,6 +19444,191 @@ WOLFSSL_STACK *wolfSSL_NCONF_get_section( return NULL; } +#define SKIP_WHITESPACE(idx, max_idx) \ + while (idx < max_idx && (*idx == ' ' || *idx == '\t')) \ + {idx++;} +int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline) +{ + int ret = WOLFSSL_FAILURE; + WOLFSSL_BIO *in = NULL; + char* buf = NULL; + char* idx = NULL; + char* bufEnd = NULL; + CONF_VALUE* section = NULL; + long line = 0; + int bufLen = 0; + + if (!conf || !file) { + WOLFSSL_MSG("Bad parameter"); + return WOLFSSL_FAILURE; + } + + /* Open file */ + if (!(in = wolfSSL_BIO_new_file(file, "rb"))) { + WOLFSSL_MSG("wolfSSL_BIO_new_file error"); + return WOLFSSL_FAILURE; + } + + /* Read file */ + bufLen = wolfSSL_BIO_get_len(in); + if (bufLen <= 0) { + WOLFSSL_MSG("wolfSSL_BIO_get_len error"); + goto cleanup; + } + if (!(buf = (char*)XMALLOC(bufLen, NULL, DYNAMIC_TYPE_TMP_BUFFER))) { + WOLFSSL_MSG("malloc error"); + goto cleanup; + } + if (wolfSSL_BIO_read(in, buf, bufLen) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_BIO_read error"); + goto cleanup; + } + + if (!(section = wolfSSL_CONF_new_section(conf, "default"))) { + WOLFSSL_MSG("wolfSSL_CONF_new_section error"); + goto cleanup; + } + + /* LETS START READING SOME CONFIGS */ + idx = buf; + bufEnd = buf + bufLen; + while (idx < bufEnd) { + char* lineEnd = XSTRNSTR(idx, "\n", bufEnd - idx); + char* maxIdx; + if (!lineEnd) + lineEnd = bufEnd; /* Last line in file */ + maxIdx = XSTRNSTR(idx, "#", lineEnd - idx); + if (!maxIdx) + maxIdx = lineEnd; + line++; + SKIP_WHITESPACE(idx, maxIdx); + if (idx == maxIdx) { + /* Empty line */ + idx = lineEnd + 1; + continue; + } + + if (*idx == '[') { + /* New section. Spaces not allowed in section name. */ + char* sectionName; + int sectionNameLen; + + SKIP_WHITESPACE(idx, maxIdx); + sectionName = idx; + /* Find end of section name */ + while (idx < maxIdx && *idx != ' ' && *idx != ']') + idx++; + sectionNameLen = idx - sectionName; + SKIP_WHITESPACE(idx, maxIdx); + + if (*idx != ']') { + WOLFSSL_MSG("Section definition error. " + "Closing brace not found."); + goto cleanup; + } + + sectionName[sectionNameLen] = '\0'; + if (!(section = wolfSSL_CONF_get_section(conf, sectionName))) + section = wolfSSL_CONF_new_section(conf, sectionName); + } + else { + char* name; + int nameLen; + char* value; + int valueLen; + WOLFSSL_CONF_VALUE* newVal = NULL; + + SKIP_WHITESPACE(idx, maxIdx); + name = idx; + /* Find end of name */ + while (idx < maxIdx && *idx != ' ' && *idx != '=') + idx++; + nameLen = idx - name; + SKIP_WHITESPACE(idx, maxIdx); + if (*idx != '=') { + WOLFSSL_MSG("Missing equals sign"); + goto cleanup; + } + idx++; + SKIP_WHITESPACE(idx, maxIdx); + value = idx; + /* Find end of value */ + idx = maxIdx; + while (*idx == ' ' || *idx == '\t') + idx--; + valueLen = idx - value; + + /* Sanity checks */ + if (nameLen <= 0 || valueLen <= 0) { + WOLFSSL_MSG("Sanity checks failed"); + goto cleanup; + } + name[nameLen] = '\0'; + value[valueLen] = '\0'; + + if (!(newVal = wolfSSL_CONF_VALUE_new_values(section->section, + name, value))) { + WOLFSSL_MSG("wolfSSL_CONF_VALUE_new_values error"); + goto cleanup; + } + + if (wolfSSL_CONF_add_string(conf, section, newVal) != + WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_CONF_add_string error"); + goto cleanup; + } + } + idx = lineEnd + 1; + } + + ret = WOLFSSL_SUCCESS; +cleanup: + if (in) + wolfSSL_BIO_free(in); + if (buf) + XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (eline) + *eline = line; + return ret; +} + + +void wolfSSL_NCONF_free(WOLFSSL_CONF *conf) +{ + WOLFSSL_ENTER("wolfSSL_NCONF_free"); + if (conf) { + wolfSSL_sk_CONF_VALUE_free(conf->data); + } +} + +void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val) +{ + WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *sk = NULL; + + if (val) { + if (val->name) { + /* Not a section. Don't free section as it is a shared pointer. */ + XFREE(val->name, NULL, DYNAMIC_TYPE_OPENSSL); + if (val->value) + XFREE(val->value, NULL, DYNAMIC_TYPE_OPENSSL); + } + else { + /* Section so val->value is a stack */ + if (val->section) + XFREE(val->section, NULL, DYNAMIC_TYPE_OPENSSL); + /* Only free the stack structures. The contained conf values + * will be freed in wolfSSL_NCONF_free */ + sk = (WOLF_STACK_OF(WOLFSSL_CONF_VALUE)*)val->value; + while (sk) { + WOLF_STACK_OF(WOLFSSL_CONF_VALUE) *tmp = sk->next; + XFREE(sk, NULL, DYNAMIC_TYPE_OPENSSL); + sk = tmp; + } + } + XFREE(val, NULL, DYNAMIC_TYPE_OPENSSL); + } +} + WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc) { WOLFSSL_STACK* ret; @@ -19310,6 +19660,7 @@ void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk) while (node) { tmp = node; node = node->next; + wolfSSL_X509V3_conf_free(tmp->data.conf); XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL); } @@ -19333,6 +19684,19 @@ WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value(const WOLFSSL_STACK *sk, int i) return NULL; } +/* return 1 on success 0 on fail */ +int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk, + WOLFSSL_CONF_VALUE* val) +{ + WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_push"); + + if (sk == NULL || val == NULL) { + return WOLFSSL_FAILURE; + } + + return wolfSSL_sk_push(sk, val); +} + WOLF_STACK_OF(WOLFSSL_X509_EXTENSION)* wolfSSL_sk_X509_EXTENSION_new_null(void) { WOLFSSL_STACK* sk = wolfSSL_sk_new_node(NULL); @@ -41263,6 +41627,37 @@ void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf) } /* End Functions for openssl/buffer.h */ +size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize) +{ + size_t i; + + if (!dstSize) + return 0; + + /* Always have to leave a space for NULL */ + for (i = 0; i < (dstSize - 1) && *src != '\0'; i++) { + *dst++ = *src++; + } + *dst = '\0'; + + return i; /* return length without NULL */ +} + +size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize) +{ + size_t dstLen; + + if (!dstSize) + return 0; + + dstLen = XSTRLEN(dst); + + if (dstSize < dstLen) + return dstLen + XSTRLEN(src); + + return dstLen + wolfSSL_strlcpy(dst + dstLen, src, dstSize - dstLen); + +} #endif /* OPENSSL_EXTRA */ @@ -45627,7 +46022,23 @@ WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x) return wolfSSL_X509_d2i(NULL, x->derCert->buffer, x->derCert->length); } -#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ +char* wolfSSL_sk_WOLFSSL_STRING_value(WOLF_STACK_OF(WOLFSSL_STRING)* strings, + int idx) +{ + for (; idx > 0 && strings != NULL; idx--) + strings = strings->next; + if (strings == NULL) + return NULL; + return strings->data.string; +} + +int wolfSSL_sk_WOLFSSL_STRING_num(WOLF_STACK_OF(WOLFSSL_STRING)* strings) +{ + if (strings) + return strings->num; + return 0; +} +#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || OPENSSL_EXTRA || OPENSSL_ALL */ #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) diff --git a/wolfssl/openssl/asn1.h b/wolfssl/openssl/asn1.h index 3f11e4f0c..9eea76d9b 100644 --- a/wolfssl/openssl/asn1.h +++ b/wolfssl/openssl/asn1.h @@ -75,10 +75,13 @@ #define V_ASN1_UTF8STRING 12 #define V_ASN1_SEQUENCE 16 #define V_ASN1_SET 17 +#define V_ASN1_PRINTABLESTRING 19 +#define V_ASN1_T61STRING 20 #define V_ASN1_IA5STRING 22 #define V_ASN1_UTCTIME 23 #define V_ASN1_GENERALIZEDTIME 24 -#define V_ASN1_PRINTABLESTRING 19 +#define V_ASN1_UNIVERSALSTRING 28 +#define V_ASN1_BMPSTRING 30 #define V_ASN1_CONSTRUCTED 0x20 diff --git a/wolfssl/openssl/buffer.h b/wolfssl/openssl/buffer.h index 600c66eff..5f1946dda 100644 --- a/wolfssl/openssl/buffer.h +++ b/wolfssl/openssl/buffer.h @@ -34,6 +34,8 @@ WOLFSSL_API WOLFSSL_BUF_MEM* wolfSSL_BUF_MEM_new(void); WOLFSSL_API int wolfSSL_BUF_MEM_grow(WOLFSSL_BUF_MEM* buf, size_t len); WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf); +WOLFSSL_API size_t wolfSSL_strlcpy(char *dst, const char *src, size_t dstSize); +WOLFSSL_API size_t wolfSSL_strlcat(char *dst, const char *src, size_t dstSize); #define BUF_MEM_new wolfSSL_BUF_MEM_new @@ -41,6 +43,8 @@ WOLFSSL_API void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf); #define BUF_MEM_free wolfSSL_BUF_MEM_free #define BUF_strdup strdup +#define BUF_strlcpy wolfSSL_strlcpy +#define BUF_strlcat wolfSSL_strlcat #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/conf.h b/wolfssl/openssl/conf.h index bfceb602f..9898b44e7 100644 --- a/wolfssl/openssl/conf.h +++ b/wolfssl/openssl/conf.h @@ -49,35 +49,55 @@ typedef WOLFSSL_CONF CONF; typedef WOLFSSL_CONF_VALUE CONF_VALUE; typedef WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new(void); +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_VALUE_new_values(char* section, + char* name, char* value); +WOLFSSL_API int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf, + WOLFSSL_CONF_VALUE *section, WOLFSSL_CONF_VALUE *value); +WOLFSSL_API void wolfSSL_X509V3_conf_free(WOLFSSL_CONF_VALUE *val); + WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_CONF_VALUE_new(wolf_sk_compare_cb compFunc); WOLFSSL_API void wolfSSL_sk_CONF_VALUE_free(struct WOLFSSL_STACK *sk); WOLFSSL_API int wolfSSL_sk_CONF_VALUE_num(const WOLFSSL_STACK *sk); WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_sk_CONF_VALUE_value( const struct WOLFSSL_STACK *sk, int i); +WOLFSSL_API int wolfSSL_sk_CONF_VALUE_push(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk, + WOLFSSL_CONF_VALUE* val); WOLFSSL_API WOLFSSL_CONF *wolfSSL_NCONF_new(void *meth); WOLFSSL_API char *wolfSSL_NCONF_get_string(const WOLFSSL_CONF *conf, const char *group, const char *name); WOLFSSL_API WOLFSSL_STACK *wolfSSL_NCONF_get_section( const WOLFSSL_CONF *conf, const char *section); +WOLFSSL_API int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline); +WOLFSSL_API void wolfSSL_NCONF_free(WOLFSSL_CONF *conf); WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve( WOLF_LHASH_OF(WOLFSSL_CONF_VALUE) *sk, WOLFSSL_CONF_VALUE *data); WOLFSSL_API int wolfSSL_CONF_modules_load(const WOLFSSL_CONF *cnf, const char *appname, unsigned long flags); +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_new_section(WOLFSSL_CONF *conf, + const char *section); +WOLFSSL_API WOLFSSL_CONF_VALUE *wolfSSL_CONF_get_section(WOLFSSL_CONF *conf, + const char *section); #define sk_CONF_VALUE_new wolfSSL_sk_CONF_VALUE_new #define sk_CONF_VALUE_free wolfSSL_sk_CONF_VALUE_free +#define sk_CONF_VALUE_pop_free(a,b) wolfSSL_sk_CONF_VALUE_free(a) #define sk_CONF_VALUE_num wolfSSL_sk_CONF_VALUE_num #define sk_CONF_VALUE_value wolfSSL_sk_CONF_VALUE_value #define lh_CONF_VALUE_retrieve wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve +#define lh_CONF_VALUE_insert wolfSSL_sk_CONF_VALUE_push #define NCONF_new wolfSSL_NCONF_new #define NCONF_get_string wolfSSL_NCONF_get_string #define NCONF_get_section wolfSSL_NCONF_get_section +#define CONF_modules_load wolfSSL_CONF_modules_load + +#define X509V3_conf_free wolfSSL_X509V3_conf_free #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/lhash.h b/wolfssl/openssl/lhash.h index ab3ee4642..ee0fba18e 100644 --- a/wolfssl/openssl/lhash.h +++ b/wolfssl/openssl/lhash.h @@ -32,23 +32,28 @@ #ifdef OPENSSL_ALL #define IMPLEMENT_LHASH_HASH_FN(name, type) \ - unsigned long name##_LHASH_HASH(const void *arg) \ - { \ - const o_type *a = arg; \ - return name##_hash(a); \ + unsigned long wolfSSL_##name##_LHASH_HASH(const void *arg) \ + { \ + const type *a = arg; \ + return name##_hash(a); \ } #define IMPLEMENT_LHASH_COMP_FN(name, type) \ - int name##_LHASH_COMP(const void *p1, const void *p2) \ - { \ - const type *_p1 = p1; \ - const type *_p2 = p2; \ - return name##_cmp(_p1, _p2); \ + int wolfSSL_##name##_LHASH_COMP(const void *p1, const void *p2) \ + { \ + const type *_p1 = p1; \ + const type *_p2 = p2; \ + return name##_cmp(_p1, _p2); \ } +#define LHASH_HASH_FN(name) wolfSSL_##name##_LHASH_HASH +#define LHASH_COMP_FN(name) wolfSSL_##name##_LHASH_COMP + WOLFSSL_API unsigned long wolfSSL_LH_strhash(const char *str); WOLFSSL_API void *wolfSSL_lh_retrieve(WOLFSSL_STACK *sk, void *data); +#define lh_strhash wolfSSL_LH_strhash + #endif diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 9430d1aa8..bd1f7bc92 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -402,6 +402,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i #define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d #define X509_get0_extensions wolfSSL_X509_get0_extensions +#define X509_get_extensions wolfSSL_X509_get0_extensions +#define X509_REQ_get_extensions wolfSSL_X509_get0_extensions #define X509_get_ext wolfSSL_X509_get_ext #define X509_get_ext_by_NID wolfSSL_X509_get_ext_by_NID #define X509_get_issuer_name wolfSSL_X509_get_issuer_name @@ -1222,7 +1224,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb #define SSL_CTX_set_tlsext_status_cb wolfSSL_CTX_set_tlsext_status_cb #define SSL_CTX_get_extra_chain_certs wolfSSL_CTX_get_extra_chain_certs +#define sk_OPENSSL_STRING_num wolfSSL_sk_WOLFSSL_STRING_num #define sk_OPENSSL_STRING_value wolfSSL_sk_WOLFSSL_STRING_value +#define sk_OPENSSL_PSTRING_num wolfSSL_sk_WOLFSSL_STRING_num +#define sk_OPENSSL_PSTRING_value wolfSSL_sk_WOLFSSL_STRING_value +#define sk_OPENSSL_STRING_free wolfSSL_sk_free #define SSL_get0_alpn_selected wolfSSL_get0_alpn_selected #define SSL_select_next_proto wolfSSL_select_next_proto #define SSL_CTX_set_alpn_select_cb wolfSSL_CTX_set_alpn_select_cb diff --git a/wolfssl/openssl/txt_db.h b/wolfssl/openssl/txt_db.h index 4865fcbb7..578463e34 100644 --- a/wolfssl/openssl/txt_db.h +++ b/wolfssl/openssl/txt_db.h @@ -26,6 +26,10 @@ struct WOLFSSL_TXT_DB { WOLF_STACK_OF(WOLFSSL_STRING) *data; + WOLF_LHASH_OF(WOLFSSL_STRING) **index; + long error; + long arg1; + long arg2; }; typedef struct WOLFSSL_TXT_DB TXT_DB; diff --git a/wolfssl/openssl/x509.h b/wolfssl/openssl/x509.h index dd98f3d30..bf7ae25e3 100644 --- a/wolfssl/openssl/x509.h +++ b/wolfssl/openssl/x509.h @@ -25,8 +25,20 @@ #define XN_FLAG_FN_SN 0 #define XN_FLAG_ONELINE 0 +#define XN_FLAG_COMPAT 0 #define XN_FLAG_RFC2253 1 +#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) #define XN_FLAG_SEP_CPLUS_SPC (2 << 16) #define XN_FLAG_SEP_SPLUS_SPC (3 << 16) +#define XN_FLAG_SEP_MULTILINE (4 << 16) +#define XN_FLAG_SEP_MASK (0xF << 16) #define XN_FLAG_DN_REV (1 << 20) +#define XN_FLAG_FN_LN (1 << 21) +#define XN_FLAG_FN_OID (2 << 21) +#define XN_FLAG_FN_NONE (3 << 21) +#define XN_FLAG_FN_MASK (3 << 21) #define XN_FLAG_SPC_EQ (1 << 23) +#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) +#define XN_FLAG_FN_ALIGN (1 << 25) + +#define XN_FLAG_MULTILINE 0xFFFF diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index a3d5eb5a7..c9633ea7b 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3902,6 +3902,8 @@ WOLFSSL_API int wolfSSL_X509_check_issued(WOLFSSL_X509 *issuer, WOLFSSL_API char* wolfSSL_sk_WOLFSSL_STRING_value( WOLF_STACK_OF(WOLFSSL_STRING)* strings, int idx); +WOLFSSL_API int wolfSSL_sk_WOLFSSL_STRING_num( + WOLF_STACK_OF(WOLFSSL_STRING)* strings); #endif /* HAVE_OCSP || OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */ WOLFSSL_API int PEM_write_bio_WOLFSSL_X509(WOLFSSL_BIO *bio,