mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 11:17:29 +02:00
address peer review around WOLFSSL_HAVE_BIO_ADDR:
refactor housekeeping for bio->bytes_read and bio->bytes_write, and add WOLFSSL_BIO_HAVE_FLOW_STATS gate; add WOLFSSL_BIO_FLAG_RETRY housekeeping for WOLFSSL_BIO_SOCKET and WOLFSSL_BIO_DGRAM; refactor WOLFSSL_BIO.peer_addr to be inline rather than a pointer; add wolfSSL_set_mtu_compat() and wolfSSL_CTX_load_verify_locations_compat() implementations; enable WOLFSSL_HAVE_BIO_ADDR and WOLFSSL_DTLS_MTU when OPENSSL_ALL.
This commit is contained in:
Daniel Pouzzner
159
src/bio.c
159
src/bio.c
@ -145,7 +145,6 @@ static int wolfSSL_BIO_MEMORY_read(WOLFSSL_BIO* bio, void* buf, int len)
|
||||
|
||||
XMEMCPY(buf, bio->mem_buf->data + bio->rdIdx, sz);
|
||||
bio->rdIdx += sz;
|
||||
bio->bytes_read += (word32)sz;
|
||||
|
||||
if (bio->rdIdx >= bio->wrSz) {
|
||||
if (bio->flags & BIO_FLAGS_MEM_RDONLY) {
|
||||
@ -291,6 +290,9 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
|
||||
}
|
||||
|
||||
while (bio != NULL && ret >= 0) {
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
int inhibit_flow_increment = 0;
|
||||
#endif
|
||||
/* check for custom read */
|
||||
if (bio->method && bio->method->readCb) {
|
||||
ret = bio->method->readCb(bio, (char*)buf, len);
|
||||
@ -303,6 +305,9 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
|
||||
break;
|
||||
case WOLFSSL_BIO_BIO: /* read BIOs */
|
||||
ret = wolfSSL_BIO_BIO_read(bio, buf, len);
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
inhibit_flow_increment = 1;
|
||||
#endif
|
||||
break;
|
||||
case WOLFSSL_BIO_MEMORY:
|
||||
ret = wolfSSL_BIO_MEMORY_read(bio, buf, len);
|
||||
@ -346,7 +351,17 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
|
||||
#ifdef USE_WOLFSSL_IO
|
||||
/* BIO requires built-in socket support
|
||||
* (cannot be used with WOLFSSL_USER_IO) */
|
||||
bio->flags &= ~WOLFSSL_BIO_FLAG_RETRY;
|
||||
ret = wolfIO_Recv(bio->num, (char*)buf, len, 0);
|
||||
if (ret < 0) {
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (WSAGetLastError() == WSAEWOULDBLOCK)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#else
|
||||
if (errno == EAGAIN)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
ret = NOT_COMPILED_IN;
|
||||
#endif
|
||||
@ -357,17 +372,21 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
|
||||
#ifdef USE_WOLFSSL_IO
|
||||
/* BIO requires built-in socket support
|
||||
* (cannot be used with WOLFSSL_USER_IO) */
|
||||
bio->flags &= ~WOLFSSL_BIO_FLAG_RETRY;
|
||||
if (bio->connected)
|
||||
ret = wolfIO_Recv(bio->num, (char*)buf, len, 0);
|
||||
else {
|
||||
if (bio->peer_addr == NULL)
|
||||
bio->peer_addr = wolfSSL_BIO_ADDR_new();
|
||||
else
|
||||
wolfSSL_BIO_ADDR_clear(bio->peer_addr);
|
||||
if (bio->peer_addr == NULL)
|
||||
ret = wolfIO_RecvFrom(bio->num, bio->peer_addr, (char*)buf, len, 0);
|
||||
else
|
||||
ret = MEMORY_E;
|
||||
wolfSSL_BIO_ADDR_clear(&bio->peer_addr);
|
||||
ret = wolfIO_RecvFrom(bio->num, &bio->peer_addr, (char*)buf, len, 0);
|
||||
}
|
||||
if ((ret < 0) && (ret != WC_NO_ERR_TRACE(MEMORY_E))) {
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (WSAGetLastError() == WSAEWOULDBLOCK)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#else
|
||||
if (errno == EAGAIN)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
ret = NOT_COMPILED_IN;
|
||||
@ -378,6 +397,12 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len)
|
||||
} /* switch */
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
if ((ret > 0) && (! inhibit_flow_increment)) {
|
||||
bio->bytes_read += (word32)ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* case where front of list is done */
|
||||
if (bio == front) {
|
||||
break; /* at front of list so be done */
|
||||
@ -605,7 +630,6 @@ static int wolfSSL_BIO_MEMORY_write(WOLFSSL_BIO* bio, const void* data,
|
||||
bio->num = (int)bio->mem_buf->max;
|
||||
bio->wrSz += len;
|
||||
bio->wrIdx += len;
|
||||
bio->bytes_written += (word32)len;
|
||||
|
||||
return len;
|
||||
}
|
||||
@ -673,6 +697,9 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
||||
}
|
||||
|
||||
while (bio != NULL && ret >= 0) {
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
int inhibit_flow_increment = 0;
|
||||
#endif
|
||||
/* check for custom write */
|
||||
if (bio->method && bio->method->writeCb) {
|
||||
ret = bio->method->writeCb(bio, (const char*)data, len);
|
||||
@ -698,6 +725,9 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
||||
}
|
||||
case WOLFSSL_BIO_BIO: /* write bios */
|
||||
ret = wolfSSL_BIO_BIO_write(bio, data, len);
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
inhibit_flow_increment = 1;
|
||||
#endif
|
||||
break;
|
||||
case WOLFSSL_BIO_MEMORY:
|
||||
ret = wolfSSL_BIO_MEMORY_write(bio, data, len);
|
||||
@ -751,7 +781,15 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
||||
#ifdef USE_WOLFSSL_IO
|
||||
/* BIO requires built-in socket support
|
||||
* (cannot be used with WOLFSSL_USER_IO) */
|
||||
bio->flags &= ~WOLFSSL_BIO_FLAG_RETRY;
|
||||
ret = wolfIO_Send(bio->num, (char*)data, len, 0);
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (WSAGetLastError() == WSAEWOULDBLOCK)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#else
|
||||
if (errno == EAGAIN)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#endif
|
||||
#else
|
||||
ret = NOT_COMPILED_IN;
|
||||
#endif
|
||||
@ -762,12 +800,22 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
||||
#ifdef USE_WOLFSSL_IO
|
||||
/* BIO requires built-in socket support
|
||||
* (cannot be used with WOLFSSL_USER_IO) */
|
||||
bio->flags &= ~WOLFSSL_BIO_FLAG_RETRY;
|
||||
if (bio->connected)
|
||||
ret = wolfIO_Send(bio->num, (char*)data, len, 0);
|
||||
else if (bio->peer_addr != NULL)
|
||||
ret = wolfIO_SendTo(bio->num, bio->peer_addr, (char*)data, len, 0);
|
||||
else if (bio->peer_addr.sa.sa_family == AF_UNSPEC)
|
||||
ret = SOCKET_ERROR_E;
|
||||
else
|
||||
ret = SOCKET_NOT_CONNECTED_E;
|
||||
ret = wolfIO_SendTo(bio->num, &bio->peer_addr, (char*)data, len, 0);
|
||||
if (ret < 0) {
|
||||
#ifdef USE_WINDOWS_API
|
||||
if (WSAGetLastError() == WSAEWOULDBLOCK)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#else
|
||||
if (errno == EAGAIN)
|
||||
bio->flags |= WOLFSSL_BIO_FLAG_RETRY;
|
||||
#endif
|
||||
}
|
||||
#else
|
||||
ret = NOT_COMPILED_IN;
|
||||
#endif
|
||||
@ -777,6 +825,11 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
||||
} /* switch */
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
if ((ret > 0) && (! inhibit_flow_increment))
|
||||
bio->bytes_written += (word32)ret;
|
||||
#endif
|
||||
|
||||
/* advance to the next bio in list */
|
||||
bio = bio->next;
|
||||
}
|
||||
@ -841,22 +894,38 @@ long wolfSSL_BIO_ctrl(WOLFSSL_BIO *bio, int cmd, long larg, void *parg)
|
||||
#ifdef WOLFSSL_HAVE_BIO_ADDR
|
||||
case BIO_CTRL_DGRAM_CONNECT:
|
||||
case BIO_CTRL_DGRAM_SET_PEER:
|
||||
if (bio->peer_addr)
|
||||
wolfSSL_BIO_ADDR_free(bio->peer_addr);
|
||||
bio->peer_addr = (WOLFSSL_BIO_ADDR *)parg;
|
||||
{
|
||||
socklen_t addr_size;
|
||||
if (parg == NULL) {
|
||||
ret = WOLFSSL_FAILURE;
|
||||
break;
|
||||
}
|
||||
addr_size = wolfSSL_BIO_ADDR_size((WOLFSSL_BIO_ADDR *)parg);
|
||||
if (addr_size == 0) {
|
||||
ret = WOLFSSL_FAILURE;
|
||||
break;
|
||||
}
|
||||
XMEMCPY(&bio->peer_addr, parg, addr_size);
|
||||
ret = WOLFSSL_SUCCESS;
|
||||
break;
|
||||
}
|
||||
|
||||
case BIO_CTRL_DGRAM_SET_CONNECTED:
|
||||
bio->connected = (parg != NULL);
|
||||
if (bio->peer_addr)
|
||||
wolfSSL_BIO_ADDR_free(bio->peer_addr);
|
||||
bio->peer_addr = (WOLFSSL_BIO_ADDR *)parg;
|
||||
if (parg == NULL)
|
||||
wolfSSL_BIO_ADDR_clear(&bio->peer_addr);
|
||||
else {
|
||||
socklen_t addr_size = wolfSSL_BIO_ADDR_size((WOLFSSL_BIO_ADDR *)parg);
|
||||
if (addr_size == 0) {
|
||||
ret = WOLFSSL_FAILURE;
|
||||
break;
|
||||
}
|
||||
XMEMCPY(&bio->peer_addr, parg, addr_size);
|
||||
}
|
||||
ret = WOLFSSL_SUCCESS;
|
||||
break;
|
||||
|
||||
case BIO_CTRL_DGRAM_QUERY_MTU:
|
||||
return 0; /* not implemented */
|
||||
ret = 0; /* not implemented */
|
||||
break;
|
||||
|
||||
#endif /* WOLFSSL_HAVE_BIO_ADDR */
|
||||
@ -897,7 +966,8 @@ int wolfSSL_BIO_up_ref(WOLFSSL_BIO* bio)
|
||||
|
||||
#ifdef WOLFSSL_HAVE_BIO_ADDR
|
||||
WOLFSSL_BIO_ADDR *wolfSSL_BIO_ADDR_new(void) {
|
||||
WOLFSSL_BIO_ADDR *addr = XMALLOC(sizeof(*addr), NULL, DYNAMIC_TYPE_BIO);
|
||||
WOLFSSL_BIO_ADDR *addr =
|
||||
(WOLFSSL_BIO_ADDR *)XMALLOC(sizeof(*addr), NULL, DYNAMIC_TYPE_BIO);
|
||||
if (addr)
|
||||
addr->sa.sa_family = AF_UNSPEC;
|
||||
return addr;
|
||||
@ -929,7 +999,10 @@ socklen_t wolfSSL_BIO_ADDR_size(const WOLFSSL_BIO_ADDR *addr) {
|
||||
return sizeof(addr->sa_un);
|
||||
#endif
|
||||
default:
|
||||
return sizeof(*addr);
|
||||
/* must return zero if length can't be determined, to avoid buffer
|
||||
* overruns in callers.
|
||||
*/
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
#endif /* WOLFSSL_HAVE_BIO_ADDR */
|
||||
@ -1494,7 +1567,9 @@ int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num)
|
||||
sz = num;
|
||||
}
|
||||
bio->pair->rdIdx += sz;
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
bio->pair->bytes_read += (word32)sz;
|
||||
#endif
|
||||
|
||||
/* check if have read to the end of the buffer and need to reset */
|
||||
if (bio->pair->rdIdx == bio->pair->wrSz) {
|
||||
@ -1573,7 +1648,9 @@ int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
|
||||
}
|
||||
*buf = (char*)bio->ptr + bio->wrIdx;
|
||||
bio->wrIdx += sz;
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
bio->bytes_written += (word32)sz;
|
||||
#endif
|
||||
|
||||
/* if at the end of the buffer and space for wrap around then set
|
||||
* write index back to 0 */
|
||||
@ -1585,33 +1662,37 @@ int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num)
|
||||
return sz;
|
||||
}
|
||||
|
||||
#ifdef WORD64_AVAILABLE
|
||||
word64
|
||||
#else
|
||||
word32
|
||||
#endif
|
||||
wolfSSL_BIO_number_read(WOLFSSL_BIO *bio)
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
word64 wolfSSL_BIO_number_read(WOLFSSL_BIO *bio)
|
||||
{
|
||||
word64 ret = 0;
|
||||
if (bio == NULL) {
|
||||
WOLFSSL_MSG("NULL argument passed in");
|
||||
return 0;
|
||||
}
|
||||
return bio->bytes_read;
|
||||
while (bio) {
|
||||
ret += bio->bytes_read;
|
||||
bio = bio->next;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifdef WORD64_AVAILABLE
|
||||
word64
|
||||
#else
|
||||
word32
|
||||
#endif
|
||||
wolfSSL_BIO_number_written(WOLFSSL_BIO *bio)
|
||||
word64 wolfSSL_BIO_number_written(WOLFSSL_BIO *bio)
|
||||
{
|
||||
word64 ret = 0;
|
||||
if (bio == NULL) {
|
||||
WOLFSSL_MSG("NULL argument passed in");
|
||||
return 0;
|
||||
}
|
||||
return bio->bytes_written;
|
||||
while (bio) {
|
||||
ret += bio->bytes_written;
|
||||
bio = bio->next;
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_BIO_HAVE_FLOW_STATS */
|
||||
|
||||
/* Reset BIO to initial state */
|
||||
int wolfSSL_BIO_reset(WOLFSSL_BIO *bio)
|
||||
@ -2897,10 +2978,6 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
|
||||
if ((bio->type == WOLFSSL_BIO_SOCKET) && (bio->num > 0))
|
||||
CloseSocket(bio->num);
|
||||
#endif
|
||||
#ifdef WOLFSSL_HAVE_BIO_ADDR
|
||||
if (bio->peer_addr != NULL)
|
||||
wolfSSL_BIO_ADDR_free(bio->peer_addr);
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifndef NO_FILESYSTEM
|
||||
|
||||
@ -25639,9 +25639,6 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
|
||||
case DUPLICATE_TLS_EXT_E:
|
||||
return "Duplicate TLS extension in message.";
|
||||
|
||||
case SOCKET_NOT_CONNECTED_E:
|
||||
return "Socket has no associated peer.";
|
||||
|
||||
default :
|
||||
return "unknown error number";
|
||||
}
|
||||
|
||||
30
src/ssl.c
30
src/ssl.c
@ -1954,6 +1954,15 @@ int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, word16 newMtu)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
|
||||
int wolfSSL_set_mtu_compat(WOLFSSL* ssl, unsigned short mtu) {
|
||||
if (wolfSSL_dtls_set_mtu(ssl, mtu) == 0)
|
||||
return SSL_SUCCESS;
|
||||
else
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA */
|
||||
|
||||
#endif /* WOLFSSL_DTLS && (WOLFSSL_SCTP || WOLFSSL_DTLS_MTU) */
|
||||
|
||||
#ifdef WOLFSSL_SRTP
|
||||
@ -7340,6 +7349,8 @@ int wolfSSL_i2d_PUBKEY(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
|
||||
|
||||
int wolfSSL_i2d_X509_PUBKEY(WOLFSSL_X509_PUBKEY* x509_PubKey, unsigned char** der)
|
||||
{
|
||||
if (x509_PubKey == NULL)
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
return wolfSSL_i2d_PublicKey(x509_PubKey->pkey, der);
|
||||
}
|
||||
|
||||
@ -10954,7 +10965,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#ifndef NO_BIO
|
||||
static void wolfSSL_set_bio_1(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr, int flags)
|
||||
static void ssl_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr, int flags)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_set_bio");
|
||||
|
||||
@ -11017,17 +11028,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
|
||||
|
||||
void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr)
|
||||
{
|
||||
wolfSSL_set_bio_1(ssl, rd, wr, WOLFSSL_BIO_FLAG_READ | WOLFSSL_BIO_FLAG_WRITE);
|
||||
ssl_set_bio(ssl, rd, wr, WOLFSSL_BIO_FLAG_READ | WOLFSSL_BIO_FLAG_WRITE);
|
||||
}
|
||||
|
||||
void wolfSSL_set_rbio(WOLFSSL* ssl, WOLFSSL_BIO* rd)
|
||||
{
|
||||
wolfSSL_set_bio_1(ssl, rd, NULL, WOLFSSL_BIO_FLAG_READ);
|
||||
ssl_set_bio(ssl, rd, NULL, WOLFSSL_BIO_FLAG_READ);
|
||||
}
|
||||
|
||||
void wolfSSL_set_wbio(WOLFSSL* ssl, WOLFSSL_BIO* wr)
|
||||
{
|
||||
wolfSSL_set_bio_1(ssl, NULL, wr, WOLFSSL_BIO_FLAG_WRITE);
|
||||
ssl_set_bio(ssl, NULL, wr, WOLFSSL_BIO_FLAG_WRITE);
|
||||
}
|
||||
|
||||
#endif /* !NO_BIO */
|
||||
@ -14982,12 +14993,6 @@ int wolfSSL_COMP_add_compression_method(int method, void* data)
|
||||
return 0;
|
||||
}
|
||||
|
||||
const char *wolfSSL_COMP_get_name(const WOLFSSL_COMP_METHOD *comp)
|
||||
{
|
||||
(void)comp;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
const WOLFSSL_COMP_METHOD* wolfSSL_get_current_compression(const WOLFSSL *ssl) {
|
||||
(void)ssl;
|
||||
return NULL;
|
||||
@ -14998,10 +15003,7 @@ const WOLFSSL_COMP_METHOD* wolfSSL_get_current_expansion(const WOLFSSL *ssl) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
#endif /* NO_WOLFSSL_STUB */
|
||||
|
||||
#ifndef NO_WOLFSSL_STUB
|
||||
const char* wolfSSL_COMP_get_name(const void* comp)
|
||||
const char* wolfSSL_COMP_get_name(const WOLFSSL_COMP_METHOD *comp)
|
||||
{
|
||||
static const char ret[] = "not supported";
|
||||
|
||||
|
||||
@ -2871,6 +2871,29 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
|
||||
WOLFSSL_ABI
|
||||
int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
|
||||
const char* path)
|
||||
{
|
||||
/* Load using default flags/options. */
|
||||
int ret = wolfSSL_CTX_load_verify_locations_ex(ctx, file, path,
|
||||
WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS);
|
||||
|
||||
/* Return 1 on success or 0 on failure. */
|
||||
return WS_RETURN_CODE(ret, 0);
|
||||
}
|
||||
|
||||
/* Load a file and/or files in path, with OpenSSL-compatible semantics.
|
||||
*
|
||||
* No c_rehash.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [in] file Name of file to load. May be NULL.
|
||||
* @param [in] path Path to directory containing PEM CA files.
|
||||
* May be NULL.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
WOLFSSL_API
|
||||
int wolfSSL_CTX_load_verify_locations_compat(WOLFSSL_CTX* ctx, const char* file,
|
||||
const char* path)
|
||||
{
|
||||
/* We want to keep trying to load more CA certs even if one cert in the
|
||||
* directory is bad and can't be used (e.g. if one is expired), and we
|
||||
|
||||
@ -8798,7 +8798,7 @@ const WOLFSSL_X509_VERIFY_PARAM *wolfSSL_X509_VERIFY_PARAM_lookup(const char *na
|
||||
const WOLFSSL_X509_VERIFY_PARAM *param = &x509_verify_param_builtins[0],
|
||||
*param_end = &x509_verify_param_builtins[XELEM_CNT(x509_verify_param_builtins)];
|
||||
while (param < param_end) {
|
||||
if (! XSTRCMP(name, param->name))
|
||||
if (XSTRCMP(name, param->name) == 0)
|
||||
return param;
|
||||
++param;
|
||||
}
|
||||
|
||||
71
tests/api.c
71
tests/api.c
@ -56973,7 +56973,7 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
EXPECT_DECLS;
|
||||
#if !defined(NO_BIO) && defined(WOLFSSL_DTLS) && defined(WOLFSSL_HAVE_BIO_ADDR) && defined(OPENSSL_EXTRA)
|
||||
int ret;
|
||||
SOCKET_T fd1 = 0, fd2 = 0; /* SOCKET_T is unsigned on Windows */
|
||||
SOCKET_T fd1 = SOCKET_INVALID, fd2 = SOCKET_INVALID;
|
||||
WOLFSSL_BIO *bio1 = NULL, *bio2 = NULL;
|
||||
WOLFSSL_BIO_ADDR *bio_addr1 = NULL, *bio_addr2 = NULL;
|
||||
SOCKADDR_IN sin1, sin2;
|
||||
@ -56991,12 +56991,12 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
#endif
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
fd1 = socket(AF_INET, SOCK_DGRAM, 17 /* UDP */);
|
||||
ExpectIntGT(fd1, 0);
|
||||
fd1 = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
|
||||
ExpectIntNE(fd1, SOCKET_INVALID);
|
||||
}
|
||||
if (EXPECT_SUCCESS()) {
|
||||
fd2 = socket(AF_INET, SOCK_DGRAM, 17 /* UDP */);
|
||||
ExpectIntGT(fd2, 0);
|
||||
fd2 = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
|
||||
ExpectIntNE(fd2, SOCKET_INVALID);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
@ -57029,16 +57029,21 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
ExpectIntEQ(getsockname(fd2, (struct sockaddr *)&sin2, &slen), 0);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
bio_addr1 = wolfSSL_BIO_ADDR_new();
|
||||
ExpectNotNull(bio_addr1);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
bio_addr2 = wolfSSL_BIO_ADDR_new();
|
||||
ExpectNotNull(bio_addr2);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
/* for OpenSSL compatibility, direct copying of sockaddrs into BIO_ADDRs must work right. */
|
||||
XMEMCPY(&bio_addr2->sa_in, &sin2, sizeof(sin2));
|
||||
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_PEER, 0, bio_addr2), WOLFSSL_SUCCESS);
|
||||
if (EXPECT_SUCCESS())
|
||||
bio_addr2 = NULL;
|
||||
wolfSSL_BIO_ADDR_clear(bio_addr2);
|
||||
}
|
||||
|
||||
test_msg_recvd[0] = 0;
|
||||
@ -57046,6 +57051,11 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
ExpectIntEQ(wolfSSL_BIO_read(bio2, test_msg_recvd, sizeof(test_msg_recvd)), (int)sizeof(test_msg));
|
||||
ExpectIntEQ(XMEMCMP(test_msg_recvd, test_msg, sizeof(test_msg)), 0);
|
||||
|
||||
#ifdef WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
ExpectIntEQ(wolfSSL_BIO_number_written(bio1), sizeof(test_msg));
|
||||
ExpectIntEQ(wolfSSL_BIO_number_read(bio2), sizeof(test_msg));
|
||||
#endif
|
||||
|
||||
/* bio2 should now have bio1's addr stored as its peer_addr, because the
|
||||
* BIOs aren't "connected" yet. use it to send a reply.
|
||||
*/
|
||||
@ -57056,47 +57066,26 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
ExpectIntEQ(XMEMCMP(test_msg_recvd, test_msg, sizeof(test_msg)), 0);
|
||||
|
||||
ExpectIntEQ(wolfSSL_BIO_read(bio1, test_msg_recvd, sizeof(test_msg_recvd)), WOLFSSL_BIO_ERROR);
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
ExpectIntEQ(WSAGetLastError(), WSAEWOULDBLOCK);
|
||||
#else
|
||||
ExpectIntEQ(errno, EAGAIN);
|
||||
#endif
|
||||
ExpectIntNE(BIO_should_retry(bio1), 0);
|
||||
|
||||
ExpectIntEQ(wolfSSL_BIO_read(bio2, test_msg_recvd, sizeof(test_msg_recvd)), WOLFSSL_BIO_ERROR);
|
||||
#ifdef USE_WINDOWS_API
|
||||
ExpectIntEQ(WSAGetLastError(), WSAEWOULDBLOCK);
|
||||
#else
|
||||
ExpectIntEQ(errno, EAGAIN);
|
||||
#endif
|
||||
ExpectIntNE(BIO_should_retry(bio2), 0);
|
||||
|
||||
/* now "connect" the sockets. */
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
bio_addr1 = wolfSSL_BIO_ADDR_new();
|
||||
ExpectNotNull(bio_addr1);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
bio_addr2 = wolfSSL_BIO_ADDR_new();
|
||||
ExpectNotNull(bio_addr2);
|
||||
}
|
||||
|
||||
ExpectIntEQ(connect(fd1, (const struct sockaddr *)&sin2, (socklen_t)sizeof(sin2)), 0);
|
||||
ExpectIntEQ(connect(fd2, (const struct sockaddr *)&sin1, (socklen_t)sizeof(sin1)), 0);
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
XMEMCPY(&bio_addr2->sa_in, &sin2, sizeof(sin2));
|
||||
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_CONNECTED, 0, bio_addr2), WOLFSSL_SUCCESS);
|
||||
if (EXPECT_SUCCESS())
|
||||
bio_addr2 = NULL;
|
||||
wolfSSL_BIO_ADDR_clear(bio_addr2);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
XMEMCPY(&bio_addr1->sa_in, &sin1, sizeof(sin1));
|
||||
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio2, BIO_CTRL_DGRAM_SET_CONNECTED, 0, bio_addr1), WOLFSSL_SUCCESS);
|
||||
if (EXPECT_SUCCESS())
|
||||
bio_addr1 = NULL;
|
||||
wolfSSL_BIO_ADDR_clear(bio_addr1);
|
||||
}
|
||||
|
||||
test_msg_recvd[0] = 0;
|
||||
@ -57120,23 +57109,17 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_CONNECTED, 0, NULL), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio2, BIO_CTRL_DGRAM_SET_CONNECTED, 0, NULL), WOLFSSL_SUCCESS);
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
bio_addr2 = wolfSSL_BIO_ADDR_new();
|
||||
ExpectNotNull(bio_addr2);
|
||||
}
|
||||
|
||||
if (EXPECT_SUCCESS()) {
|
||||
sin2.sin_addr.s_addr = htonl(0xc0a8c0a8); /* 192.168.192.168 -- invalid for loopback interface. */
|
||||
XMEMCPY(&bio_addr2->sa_in, &sin2, sizeof(sin2));
|
||||
ExpectIntEQ((int)wolfSSL_BIO_ctrl(bio1, BIO_CTRL_DGRAM_SET_PEER, 0, bio_addr2), WOLFSSL_SUCCESS);
|
||||
if (EXPECT_SUCCESS())
|
||||
bio_addr2 = NULL;
|
||||
wolfSSL_BIO_ADDR_clear(bio_addr2);
|
||||
}
|
||||
|
||||
test_msg_recvd[0] = 0;
|
||||
errno = 0;
|
||||
ExpectIntEQ(wolfSSL_BIO_write(bio1, test_msg, sizeof(test_msg)), -1);
|
||||
ExpectIntEQ(errno, EINVAL);
|
||||
ExpectTrue((errno == EINVAL) || (errno == ENETUNREACH));
|
||||
|
||||
#endif /* __linux__ */
|
||||
|
||||
@ -57144,12 +57127,12 @@ static int test_wolfSSL_BIO_datagram(void)
|
||||
if (bio1) {
|
||||
ret = wolfSSL_BIO_free(bio1);
|
||||
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
|
||||
} else if (fd1 > 0)
|
||||
} else if (fd1 != SOCKET_INVALID)
|
||||
CloseSocket(fd1);
|
||||
if (bio2) {
|
||||
ret = wolfSSL_BIO_free(bio2);
|
||||
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
|
||||
} else if (fd2 > 0)
|
||||
} else if (fd2 != SOCKET_INVALID)
|
||||
CloseSocket(fd2);
|
||||
if (bio_addr1)
|
||||
wolfSSL_BIO_ADDR_free(bio_addr1);
|
||||
@ -73724,13 +73707,13 @@ static int test_stubs_are_stubs(void)
|
||||
|
||||
/* when implemented this should take WOLFSSL object insted, right now
|
||||
* always returns 0 */
|
||||
ExpectIntEQ(SSL_get_current_expansion(NULL), 0);
|
||||
ExpectPtrEq(SSL_get_current_expansion(NULL), NULL);
|
||||
|
||||
wolfSSL_CTX_free(ctx);
|
||||
ctx = NULL;
|
||||
|
||||
ExpectStrEQ(SSL_COMP_get_name(NULL), "not supported");
|
||||
ExpectIntEQ(SSL_get_current_expansion(), 0);
|
||||
ExpectPtrEq(SSL_get_current_expansion(NULL), NULL);
|
||||
#endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB && (!NO_WOLFSSL_CLIENT ||
|
||||
* !NO_WOLFSSL_SERVER) */
|
||||
return EXPECT_RESULT();
|
||||
|
||||
@ -2771,19 +2771,17 @@ struct WOLFSSL_BIO {
|
||||
* struct WOLFSSL_DTLS_CTX, when set, sendto and
|
||||
* recvfrom leave the peer_addr unchanged. */
|
||||
#ifdef WOLFSSL_HAVE_BIO_ADDR
|
||||
union WOLFSSL_BIO_ADDR *peer_addr; /* for datagram BIOs, the socket address stored
|
||||
* with BIO_CTRL_DGRAM_CONNECT,
|
||||
* BIO_CTRL_DGRAM_SET_CONNECTED, or
|
||||
* BIO_CTRL_DGRAM_SET_PEER, or stored when a
|
||||
* packet was received on an unconnected BIO. */
|
||||
union WOLFSSL_BIO_ADDR peer_addr; /* for datagram BIOs, the socket address stored
|
||||
* with BIO_CTRL_DGRAM_CONNECT,
|
||||
* BIO_CTRL_DGRAM_SET_CONNECTED, or
|
||||
* BIO_CTRL_DGRAM_SET_PEER, or stored when a
|
||||
* packet was received on an unconnected BIO. */
|
||||
#endif
|
||||
|
||||
#ifdef WORD64_AVAILABLE
|
||||
word64 bytes_read;
|
||||
word64 bytes_written;
|
||||
#else
|
||||
word32 bytes_read;
|
||||
word32 bytes_written;
|
||||
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_BIO_NO_FLOW_STATS)
|
||||
#define WOLFSSL_BIO_HAVE_FLOW_STATS
|
||||
word64 bytes_read;
|
||||
word64 bytes_written;
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_EX_DATA
|
||||
|
||||
@ -268,13 +268,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
|
||||
#ifndef NO_FILESYSTEM
|
||||
#define SSL_CTX_use_certificate_file wolfSSL_CTX_use_certificate_file
|
||||
#define SSL_CTX_use_PrivateKey_file wolfSSL_CTX_use_PrivateKey_file
|
||||
#ifdef WOLFSSL_APACHE_HTTPD
|
||||
#define SSL_CTX_load_verify_locations(ctx,file,path) \
|
||||
wolfSSL_CTX_load_verify_locations_ex(ctx,file,path,\
|
||||
WOLFSSL_LOAD_FLAG_IGNORE_ERR)
|
||||
#else
|
||||
#define SSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
|
||||
#endif
|
||||
#define SSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations_compat
|
||||
#define SSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
|
||||
#define SSL_CTX_use_certificate_chain_file wolfSSL_CTX_use_certificate_chain_file
|
||||
#define SSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
|
||||
@ -851,10 +845,6 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
||||
#define SSL_get_current_compression wolfSSL_get_current_compression
|
||||
#define SSL_get_current_expansion wolfSSL_get_current_expansion
|
||||
|
||||
#define SSL_get_current_compression(ssl) 0
|
||||
#define SSL_get_current_expansion(ssl) 0
|
||||
#define SSL_COMP_get_name wolfSSL_COMP_get_name
|
||||
|
||||
#define SSL_get_ex_new_index wolfSSL_get_ex_new_index
|
||||
#define RSA_get_ex_new_index wolfSSL_get_ex_new_index
|
||||
|
||||
@ -1164,8 +1154,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
|
||||
#define DTLSv1_get_timeout(ssl, timeleft) wolfSSL_DTLSv1_get_timeout((ssl), (WOLFSSL_TIMEVAL*)(timeleft))
|
||||
#define DTLSv1_handle_timeout wolfSSL_DTLSv1_handle_timeout
|
||||
#define DTLSv1_set_initial_timeout_duration wolfSSL_DTLSv1_set_initial_timeout_duration
|
||||
|
||||
#define SSL_set_mtu(ssl, mtu) ((wolfSSL_dtls_set_mtu(ssl, mtu) == 0) ? SSL_SUCCESS : SSL_FAILURE)
|
||||
#define SSL_set_mtu wolfSSL_set_mtu_compat
|
||||
|
||||
/* DTLS SRTP */
|
||||
#ifdef WOLFSSL_SRTP
|
||||
|
||||
@ -67,6 +67,15 @@
|
||||
#undef OCSP_RESPONSE
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_ALL
|
||||
#ifndef WOLFSSL_HAVE_BIO_ADDR
|
||||
#define WOLFSSL_HAVE_BIO_ADDR
|
||||
#endif
|
||||
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_DTLS_MTU)
|
||||
#define WOLFSSL_DTLS_MTU
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_COEXIST
|
||||
/* mode to allow wolfSSL and OpenSSL to exist together */
|
||||
#ifdef TEST_OPENSSL_COEXIST
|
||||
@ -1074,6 +1083,8 @@ WOLFSSL_API int wolfSSL_CTX_load_verify_locations_ex(
|
||||
WOLFSSL_CTX* ctx, const char* file, const char* path, word32 flags);
|
||||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_load_verify_locations(
|
||||
WOLFSSL_CTX* ctx, const char* file, const char* path);
|
||||
WOLFSSL_API WOLFSSL_API int wolfSSL_CTX_load_verify_locations_compat(
|
||||
WOLFSSL_CTX* ctx, const char* file, const char* path);
|
||||
#ifndef _WIN32
|
||||
WOLFSSL_API const char** wolfSSL_get_system_CA_dirs(word32* num);
|
||||
#endif /* !_WIN32 */
|
||||
@ -1459,8 +1470,11 @@ WOLFSSL_API int wolfSSL_dtls_set_sctp(WOLFSSL* ssl);
|
||||
#endif
|
||||
#if (defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)) && \
|
||||
defined(WOLFSSL_DTLS)
|
||||
WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX* ctx, unsigned short);
|
||||
WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, unsigned short);
|
||||
WOLFSSL_API int wolfSSL_CTX_dtls_set_mtu(WOLFSSL_CTX* ctx, unsigned short mtu);
|
||||
WOLFSSL_API int wolfSSL_dtls_set_mtu(WOLFSSL* ssl, unsigned short mtu);
|
||||
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
|
||||
WOLFSSL_API int wolfSSL_set_mtu_compat(WOLFSSL* ssl, unsigned short mtu);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SRTP
|
||||
@ -1824,12 +1838,9 @@ WOLFSSL_API int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
|
||||
WOLFSSL_API int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf);
|
||||
WOLFSSL_API int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num);
|
||||
WOLFSSL_API int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num);
|
||||
#ifdef WORD64_AVAILABLE
|
||||
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_BIO_NO_FLOW_STATS)
|
||||
WOLFSSL_API word64 wolfSSL_BIO_number_read(WOLFSSL_BIO *bio);
|
||||
WOLFSSL_API word64 wolfSSL_BIO_number_written(WOLFSSL_BIO *bio);
|
||||
#else
|
||||
WOLFSSL_API word32 wolfSSL_BIO_number_read(WOLFSSL_BIO *bio);
|
||||
WOLFSSL_API word32 wolfSSL_BIO_number_written(WOLFSSL_BIO *bio);
|
||||
#endif
|
||||
WOLFSSL_API int wolfSSL_BIO_reset(WOLFSSL_BIO *bio);
|
||||
|
||||
@ -5218,7 +5229,6 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp, WOLFSSL_ASN1_OBJECT *a)
|
||||
WOLFSSL_API int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp);
|
||||
WOLFSSL_API void SSL_CTX_set_tmp_dh_callback(WOLFSSL_CTX *ctx, WOLFSSL_DH *(*dh) (WOLFSSL *ssl, int is_export, int keylength));
|
||||
WOLFSSL_API WOLF_STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
|
||||
WOLFSSL_API const char* wolfSSL_COMP_get_name(const void* comp);
|
||||
WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, const char *file, const char *dir);
|
||||
WOLFSSL_API int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *ctx, WOLFSSL_X509_CRL *x);
|
||||
WOLFSSL_API int wolfSSL_sk_SSL_CIPHER_num(const WOLF_STACK_OF(WOLFSSL_CIPHER)* p);
|
||||
|
||||
@ -473,9 +473,6 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
|
||||
#error WOLFSSL_HAVE_BIO_ADDR and WOLFSSL_NO_SOCK are mutually incompatible.
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_NO_BIO_ADDR_UN
|
||||
#endif
|
||||
|
||||
union WOLFSSL_BIO_ADDR {
|
||||
SOCKADDR sa;
|
||||
SOCKADDR_IN sa_in;
|
||||
|
||||
Reference in New Issue
Block a user