forked from wolfSSL/wolfssl
Fix to properly trap errors in sniffer SetupKeys after async changes. Fix minor scan-build warnings.
This commit is contained in:
David Garske
@ -2863,13 +2863,14 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (ret != 0) {
|
|
||||||
goto exit_sk;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* make sure a key type was found */
|
/* make sure a key type was found */
|
||||||
if (args->key->type == WC_PK_TYPE_NONE) {
|
if (args->key->type == WC_PK_TYPE_NONE) {
|
||||||
ERROR_OUT(NOT_COMPILED_IN, exit_sk);
|
ret = NOT_COMPILED_IN;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* check for errors before moving to next state */
|
||||||
|
if (ret < 0) {
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
@ -2949,6 +2950,11 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
}
|
}
|
||||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||||
|
|
||||||
|
/* check for errors before moving to next state */
|
||||||
|
if (ret < 0) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
ssl->options.asyncState = TLS_ASYNC_VERIFY;
|
||||||
} /* case TLS_ASYNC_DO */
|
} /* case TLS_ASYNC_DO */
|
||||||
@ -2960,6 +2966,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
if (args->key->type == WC_PK_TYPE_RSA) {
|
if (args->key->type == WC_PK_TYPE_RSA) {
|
||||||
if (ret != SECRET_LEN) {
|
if (ret != SECRET_LEN) {
|
||||||
SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
|
SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
|
||||||
|
ret = RSA_BUFFER_E;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* !NO_RSA */
|
#endif /* !NO_RSA */
|
||||||
@ -2979,6 +2986,11 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
}
|
}
|
||||||
#endif /* !NO_DH && WOLFSSL_DH_EXTRA */
|
#endif /* !NO_DH && WOLFSSL_DH_EXTRA */
|
||||||
|
|
||||||
|
/* check for errors before moving to next state */
|
||||||
|
if (ret < 0) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
/* Advance state and proceed */
|
/* Advance state and proceed */
|
||||||
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
ssl->options.asyncState = TLS_ASYNC_FINALIZE;
|
||||||
} /* case TLS_ASYNC_VERIFY */
|
} /* case TLS_ASYNC_VERIFY */
|
||||||
@ -3001,12 +3013,12 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
|
|
||||||
if (SetCipherSpecs(session->sslServer) != 0) {
|
if (SetCipherSpecs(session->sslServer) != 0) {
|
||||||
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
|
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
|
||||||
ret = -1; goto exit_sk;
|
ret = -1; break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (SetCipherSpecs(session->sslClient) != 0) {
|
if (SetCipherSpecs(session->sslClient) != 0) {
|
||||||
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
|
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
|
||||||
ret = -1; goto exit_sk;
|
ret = -1; break;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef WOLFSSL_TLS13
|
#ifdef WOLFSSL_TLS13
|
||||||
@ -3038,7 +3050,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
}
|
}
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
|
SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
|
||||||
ret = -1; goto exit_sk;
|
ret = -1; break;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef SHOW_SECRETS
|
#ifdef SHOW_SECRETS
|
||||||
@ -3059,17 +3071,17 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
|
|||||||
ret = INPUT_CASE_ERROR;
|
ret = INPUT_CASE_ERROR;
|
||||||
} /* switch(ssl->options.asyncState) */
|
} /* switch(ssl->options.asyncState) */
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
exit_sk:
|
exit_sk:
|
||||||
|
|
||||||
/* Handle async pending response */
|
/* Handle async pending response */
|
||||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
|
||||||
if (ret == WC_PENDING_E) {
|
if (ret == WC_PENDING_E) {
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||||
|
|
||||||
#ifdef WOLFSSL_SNIFFER_STATS
|
#ifdef WOLFSSL_SNIFFER_STATS
|
||||||
if (ret != 0)
|
if (ret < 0)
|
||||||
INC_STAT(SnifferStats.sslKeyFails);
|
INC_STAT(SnifferStats.sslKeyFails);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
@ -13709,6 +13709,7 @@ void AddSession(WOLFSSL* ssl)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* WOLFSSL_SESSION_STATS && WOLFSSL_PEAK_SESSIONS */
|
#endif /* WOLFSSL_SESSION_STATS && WOLFSSL_PEAK_SESSIONS */
|
||||||
|
(void)error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -7899,7 +7899,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||||||
|
|
||||||
/* check for async hardware acceleration */
|
/* check for async hardware acceleration */
|
||||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
|
||||||
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
if (err == MP_OKAY && key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
||||||
#if defined(HAVE_CAVIUM_V) || defined(HAVE_INTEL_QA)
|
#if defined(HAVE_CAVIUM_V) || defined(HAVE_INTEL_QA)
|
||||||
#ifdef HAVE_CAVIUM_V
|
#ifdef HAVE_CAVIUM_V
|
||||||
if (NitroxEccIsCurveSupported(key))
|
if (NitroxEccIsCurveSupported(key))
|
||||||
|
|||||||
Reference in New Issue
Block a user