diff --git a/src/ssl.c b/src/ssl.c index dc8c08eb2..2ac9c7dd7 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -6916,7 +6916,7 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file, int ret = wolfSSL_CTX_load_verify_locations_ex(ctx, file, path, WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS); - return RETURN_CODE(ret,WOLFSSL_FAILURE); + return WS_RETURN_CODE(ret,WOLFSSL_FAILURE); } @@ -24409,15 +24409,15 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup, const char* footer = NULL; if (type != X509_FILETYPE_PEM) - return RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE); + return WS_RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE); fp = XFOPEN(file, "rb"); if (fp == XBADFILE) - return RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE); + return WS_RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE); if(XFSEEK(fp, 0, XSEEK_END) != 0) { XFCLOSE(fp); - return RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE); + return WS_RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE); } sz = XFTELL(fp); XREWIND(fp); @@ -24487,12 +24487,12 @@ end: if (pem != NULL) XFREE(pem, 0, DYNAMIC_TYPE_PEM); XFCLOSE(fp); - return RETURN_CODE(ret,WOLFSSL_FAILURE); + return WS_RETURN_CODE(ret,WOLFSSL_FAILURE); #else (void)lookup; (void)file; (void)type; - return RETURN_CODE(WOLFSSL_FAILURE,WOLFSSL_FAILURE); + return WS_RETURN_CODE(WOLFSSL_FAILURE,WOLFSSL_FAILURE); #endif } diff --git a/tests/api.c b/tests/api.c index ccfc954d9..b62454fe0 100644 --- a/tests/api.c +++ b/tests/api.c @@ -954,19 +954,19 @@ static void test_wolfSSL_CTX_load_verify_locations(void) /* invalid ca file */ AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, bogusFile, NULL), - RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE)); + WS_RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE)); #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) /* invalid path */ AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile), - RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE)); + WS_RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE)); #endif /* load ca cert */ #ifdef NO_RSA AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL), - RETURN_CODE(ASN_UNKNOWN_OID_E,WOLFSSL_FAILURE)); + WS_RETURN_CODE(ASN_UNKNOWN_OID_E,WOLFSSL_FAILURE)); #else /* Skip the following test without RSA certs. */ AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL), WOLFSSL_SUCCESS); diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 9a086ca0f..45cf82d6d 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -674,19 +674,26 @@ enum AlertLevel { alert_fatal = 2 }; -/* RETURN_CODE macro +/* WS_RETURN_CODE macro * Some OpenSSL APIs specify "0" as the return value when an error occurs. - * However, some corresponding wolfSSL APIs(eg. - * wolfSSL_CTX_load_verify_locations) return negative values. Such functions - * should use this macro to fill this gap. Users who want them to return - * the same return value as OpenSSL can define WOLFSSL_ERR_CODE_OPENSSL. + * However, some corresponding wolfSSL APIs return negative values. Such + * functions should use this macro to fill this gap. Users who want them + * to return the same return value as OpenSSL can define + * WOLFSSL_ERR_CODE_OPENSSL. + * Give item1 a variable that contains the potentially negative + * wolfSSL-defined return value or the return value itself, and + * give item2 the openSSL-defined return value. * Note that this macro replaces only negative return values with the * specified value. + * Since wolfSSL 4.7.0, the following functions use this macro: + * - wolfSSL_CTX_load_verify_locations + * - wolfSSL_X509_LOOKUP_load_file */ #if defined(WOLFSSL_ERROR_CODE_OPENSSL) - #define RETURN_CODE(w,o) ((w < 0)?o:w) + #define WS_RETURN_CODE(item1,item2) \ + ((item1 < 0) ? item2 : item1) #else - #define RETURN_CODE(w,o) (w) + #define WS_RETURN_CODE(item1,item2) (item1) #endif /* Maximum master key length (SECRET_LEN) */