wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixes for edge build cases and static memory

Browse Source
This commit is contained in:
Jacob Barthelmeh
2020-07-14 09:07:23 -06:00
parent 63c8f7d1b1
commit 173b9833fc
8 changed files with 86 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
examples/server/server.c
View File

@@ -1018,7 +1018,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) \
|| defined(SESSION_CERTS)
/* big enough to handle most cases including session certs */
byte memory[220000];
byte memory[239936];
#else
byte memory[80000];
#endif

17
src/internal.c
View File

@@ -3322,14 +3322,16 @@ static enum wc_HashType HashAlgoToType(int hashAlgo)
#ifndef NO_CERTS
void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag, void* heap)
{
(void)dynamicFlag;
(void)heap;
if (name != NULL) {
name->name = name->staticName;
name->dynamicName = 0;
name->sz = 0;
name->heap = heap;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
XMEMSET(&name->entry, 0, sizeof(name->entry));
name->x509 = NULL;
@@ -3339,11 +3341,11 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
}
void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
void FreeX509Name(WOLFSSL_X509_NAME* name)
{
if (name != NULL) {
if (name->dynamicName) {
XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
XFREE(name->name, name->heap, DYNAMIC_TYPE_SUBJECT_CN);
name->name = NULL;
}
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -3358,7 +3360,6 @@ void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
}
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
}
(void)heap;
}
@@ -3373,8 +3374,8 @@ void InitX509(WOLFSSL_X509* x509, int dynamicFlag, void* heap)
XMEMSET(x509, 0, sizeof(WOLFSSL_X509));
x509->heap = heap;
InitX509Name(&x509->issuer, 0);
InitX509Name(&x509->subject, 0);
InitX509Name(&x509->issuer, 0, heap);
InitX509Name(&x509->subject, 0, heap);
x509->dynamicMemory = (byte)dynamicFlag;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
x509->refCount = 1;
@@ -3389,8 +3390,8 @@ void FreeX509(WOLFSSL_X509* x509)
if (x509 == NULL)
return;
FreeX509Name(&x509->issuer, x509->heap);
FreeX509Name(&x509->subject, x509->heap);
FreeX509Name(&x509->issuer);
FreeX509Name(&x509->subject);
if (x509->pubKey.buffer) {
XFREE(x509->pubKey.buffer, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
x509->pubKey.buffer = NULL;

111
src/ssl.c
View File

@@ -95,7 +95,6 @@
#include <wolfssl/openssl/opensslv.h>
#include <wolfssl/openssl/rc4.h>
#include <wolfssl/openssl/stack.h>
#include <wolfssl/openssl/x509v3.h>
#include <wolfssl/openssl/x509_vfy.h>
/* openssl headers end, wolfssl internal headers next */
#include <wolfssl/wolfcrypt/hmac.h>
@@ -125,7 +124,9 @@
#include <wolfssl/openssl/pkcs7.h>
#endif /* OPENSSL_ALL && HAVE_PKCS7 */
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#include <wolfssl/openssl/x509v3.h>
int SetIndividualInternal(WOLFSSL_BIGNUM* bn, mp_int* mpi);
int SetIndividualExternal(WOLFSSL_BIGNUM** bn, mp_int* mpi);
int oid2nid(word32 oid, int grp);
@@ -18984,8 +18985,9 @@ void wolfSSL_ASN1_OBJECT_free(WOLFSSL_ASN1_OBJECT* obj)
#endif /* NO_ASN */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#ifndef NO_ASN
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void)
{
WOLFSSL_ASN1_OBJECT* obj;
@@ -19004,7 +19006,9 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_new(void)
obj->dynamic |= WOLFSSL_ASN1_DYNAMIC;
return obj;
}
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
/* Creates and returns a new WOLFSSL_CIPHER stack. */
WOLFSSL_STACK* wolfSSL_sk_new_asn1_obj(void)
{
@@ -19143,8 +19147,8 @@ void wolfSSL_sk_ASN1_OBJECT_pop_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk,
XFREE(sk, NULL, DYNAMIC_TYPE_ASN1);
}
#endif /* !NO_ASN */
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#endif /* !NO_ASN */
#ifdef OPENSSL_EXTRA
#ifndef NO_ASN
@@ -20275,7 +20279,8 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
}
#endif /* !NO_CERTS && OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(OPENSSL_EXTRA_X509_SMALL)
/* Looks up the index of the first entry encountered with matching NID
* The search starts from index 'pos'
@@ -20350,7 +20355,8 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
}
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if !defined(NO_CERTS) && defined(OPENSSL_EXTRA)
#if !defined(NO_CERTS) && (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
/* Creates a new WOLFSSL_ASN1_STRING structure given the input type.
*
@@ -20394,7 +20400,8 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
#endif /* !NO_CERTS && OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(OPENSSL_EXTRA_X509_SMALL)
/* if dataSz is negative then use XSTRLEN to find length of data
* return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */
/* `data` can be NULL and only buffer will be allocated */
@@ -20449,8 +20456,8 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
}
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#ifdef OPENSSL_EXTRA
#ifndef NO_CERTS
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
unsigned char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn)
{
@@ -20476,7 +20483,9 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
return 0;
}
}
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#ifdef OPENSSL_EXTRA
#ifndef NO_WOLFSSL_STUB
WOLFSSL_ASN1_STRING* wolfSSL_d2i_DISPLAYTEXT(WOLFSSL_ASN1_STRING **asn,
const unsigned char **in, long len)
@@ -21179,8 +21188,10 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
#endif /* XSNPRINTF */
#endif /* OPENSSL_EXTRA */
#endif /* !NO_CERTS */
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
/* Creates cipher->description based on cipher->offset
* cipher->offset is set in wolfSSL_get_ciphers_compat when it is added
@@ -36354,7 +36365,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name)
{
WOLFSSL_ENTER("wolfSSL_X509_NAME_free");
FreeX509Name(name, NULL);
FreeX509Name(name);
XFREE(name, NULL, DYNAMIC_TYPE_X509);
}
@@ -36372,7 +36383,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
name = (WOLFSSL_X509_NAME*)XMALLOC(sizeof(WOLFSSL_X509_NAME), NULL,
DYNAMIC_TYPE_X509);
if (name != NULL) {
InitX509Name(name, 1);
InitX509Name(name, 1, NULL);
}
return name;
}
@@ -36395,30 +36406,13 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
}
/* copy contents */
XMEMCPY(copy, name, sizeof(WOLFSSL_X509_NAME));
InitX509Name(copy, 1);
copy->sz = name->sz;
/* handle dynamic portions */
if (name->dynamicName) {
if (!(copy->name = (char*)XMALLOC(name->sz, 0,
DYNAMIC_TYPE_OPENSSL))) {
goto err;
}
InitX509Name(copy, 1, name->heap);
if (wolfSSL_X509_NAME_copy(name, copy) != WOLFSSL_SUCCESS) {
wolfSSL_X509_NAME_free(copy);
return NULL;
}
XMEMCPY(copy->name, name->name, name->sz);
return copy;
err:
if (copy) {
if (copy->dynamicName && copy->name) {
XFREE(copy->name, 0, DYNAMIC_TYPE_OPENSSL);
copy->name = NULL;
}
wolfSSL_X509_NAME_free(copy);
}
return NULL;
}
#if defined(WOLFSSL_CERT_GEN)
@@ -36979,7 +36973,6 @@ static int CopyX509NameToCertName(WOLFSSL_X509_NAME* n, CertName* cName)
return ret;
}
/* returns the size of signature on success */
int wolfSSL_X509_sign(WOLFSSL_X509* x509, WOLFSSL_EVP_PKEY* pkey,
const WOLFSSL_EVP_MD* md)
@@ -37058,7 +37051,7 @@ static int CopyX509NameToCertName(WOLFSSL_X509_NAME* n, CertName* cName)
return sz;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
/* Compares the two X509 names. If the size of x is larger then y then a
* positive value is returned if x is smaller a negative value is returned.
@@ -37710,6 +37703,7 @@ err:
}
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
#ifdef OPENSSL_ALL
/* create and return a new WOLFSSL_X509_PKEY structure or NULL on failure */
static WOLFSSL_X509_PKEY* wolfSSL_X509_PKEY_new(void* heap)
@@ -38028,7 +38022,7 @@ err:
entryCount += AddAllEntry(name, fullName, totalLen, &idx);
if (name->dynamicName) {
XFREE(name->name, NULL, DYNAMIC_TYPE_X509);
XFREE(name->name, name->heap, DYNAMIC_TYPE_X509);
}
fullName[idx] = '\0';
name->name = fullName;
@@ -38812,7 +38806,12 @@ err:
return WOLFSSL_FATAL_ERROR;
}
#endif /* OPENSSL_EXTRA, HAVE_LIGHTY, WOLFSSL_MYSQL_COMPATIBLE, HAVE_STUNNEL,
WOLFSSL_NGINX, HAVE_POCO_LIB, WOLFSSL_HAPROXY */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY)
/* Gets the NID value that is related to the OID string passed in. Example
* string would be "2.5.29.14" for subject key ID.
*
@@ -38872,6 +38871,11 @@ err:
return NID_undef;
}
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
defined(WOLFSSL_HAPROXY)
/* Creates new ASN1_OBJECT from short name, long name, or text
* representation of oid. If no_name is 0, then short name, long name, and
@@ -38951,7 +38955,12 @@ err:
#endif
}
#endif /* OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE ||
HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_POCO_LIB) || defined(WOLFSSL_HAPROXY)
WOLFSSL_ASN1_OBJECT * wolfSSL_X509_NAME_ENTRY_get_object(WOLFSSL_X509_NAME_ENTRY *ne) {
WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_object");
if (ne == NULL) return NULL;
@@ -38966,7 +38975,8 @@ err:
#endif /* OPENSSL_ALL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE ||
HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(OPENSSL_EXTRA_X509_SMALL)
/* returns a pointer to the internal entry at location 'loc' on success,
* a null pointer is returned in fail cases */
@@ -46341,7 +46351,9 @@ int wolfSSL_X509_CA_num(WOLFSSL_X509_STORE* store)
return cnt_ret;
}
#endif /* !NO_CERTS */
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
long wolfSSL_X509_get_version(const WOLFSSL_X509 *x509)
{
int version = 0;
@@ -46358,8 +46370,9 @@ long wolfSSL_X509_get_version(const WOLFSSL_X509 *x509)
return 0L;
}
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA)
int wolfSSL_X509_get_signature_nid(const WOLFSSL_X509 *x)
{
if (x == NULL)
@@ -47397,8 +47410,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey,
/* unlike wolfSSL_X509_NAME_dup this does not malloc a duplicate, only deep
* copy. "to" is expected to be a fresh blank name, if not pointers could be
* lost */
static int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from,
WOLFSSL_X509_NAME* to, void* heap)
int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to)
{
int i;
WOLFSSL_X509_NAME_ENTRY* ne;
@@ -47411,7 +47423,7 @@ static int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from,
}
if (from->dynamicName) {
to->name = (char*)XMALLOC(from->sz, heap, DYNAMIC_TYPE_SUBJECT_CN);
to->name = (char*)XMALLOC(from->sz, to->heap, DYNAMIC_TYPE_SUBJECT_CN);
if (to->name == NULL)
return WOLFSSL_FAILURE;
to->dynamicName = 1;
@@ -47425,7 +47437,6 @@ static int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from,
wolfSSL_X509_NAME_add_entry(to, ne, i, 1);
}
to->entrySz = from->entrySz;
(void)heap;
return WOLFSSL_SUCCESS;
}
@@ -47438,12 +47449,11 @@ int wolfSSL_X509_set_subject_name(WOLFSSL_X509 *cert, WOLFSSL_X509_NAME *name)
if (cert == NULL || name == NULL)
return WOLFSSL_FAILURE;
FreeX509Name(&cert->subject, cert->heap);
InitX509Name(&cert->subject, 0);
FreeX509Name(&cert->subject);
InitX509Name(&cert->subject, 0, cert->heap);
if (wolfSSL_X509_NAME_copy(name, &cert->subject, cert->heap) !=
WOLFSSL_SUCCESS) {
FreeX509Name(&cert->subject, cert->heap);
if (wolfSSL_X509_NAME_copy(name, &cert->subject) != WOLFSSL_SUCCESS) {
FreeX509Name(&cert->subject);
return WOLFSSL_FAILURE;
}
@@ -47460,12 +47470,11 @@ int wolfSSL_X509_set_issuer_name(WOLFSSL_X509 *cert, WOLFSSL_X509_NAME *name)
if (cert == NULL || name == NULL)
return WOLFSSL_FAILURE;
FreeX509Name(&cert->issuer, cert->heap);
InitX509Name(&cert->issuer, 0);
FreeX509Name(&cert->issuer);
InitX509Name(&cert->issuer, 0, cert->heap);
if (wolfSSL_X509_NAME_copy(name, &cert->issuer, cert->heap) !=
WOLFSSL_SUCCESS) {
FreeX509Name(&cert->subject, cert->heap);
if (wolfSSL_X509_NAME_copy(name, &cert->issuer) != WOLFSSL_SUCCESS) {
FreeX509Name(&cert->issuer);
return WOLFSSL_FAILURE;
}

3
wolfcrypt/src/asn.c
View File

@@ -8356,7 +8356,8 @@ static int DecodeNameConstraints(const byte* input, int sz, DecodedCert* cert)
}
#endif /* IGNORE_NAME_CONSTRAINTS */
#if (defined(WOLFSSL_CERT_EXT) && !defined(WOLFSSL_SEP)) || defined(OPENSSL_EXTRA)
#if (defined(WOLFSSL_CERT_EXT) && !defined(WOLFSSL_SEP)) || \
defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Decode ITU-T X.690 OID format to a string representation
* return string length */

5
wolfssl/internal.h
View File

@@ -3601,6 +3601,7 @@ struct WOLFSSL_X509_NAME {
byte raw[ASN_NAME_MAX];
int rawLen;
#endif
void* heap;
};
#ifndef EXTERNAL_SERIAL_SIZE
@@ -4532,8 +4533,8 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
WOLFSSL_LOCAL word32 LowResTimer(void);
#ifndef NO_CERTS
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap);
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int, void*);
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int, void* heap);
WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);

12
wolfssl/ssl.h
View File

@@ -3300,6 +3300,7 @@ WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509*);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME*);
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME*, WOLFSSL_X509_NAME*);
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
#endif /* !NO_CERTS */
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
@@ -3409,7 +3410,8 @@ WOLFSSL_API int wolfSSL_PEM_do_header(EncryptedInfo* cipher,
/*lighttp compatibility */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(OPENSSL_EXTRA_X509_SMALL)
struct WOLFSSL_ASN1_BIT_STRING {
int length;
int type;
@@ -3420,7 +3422,8 @@ struct WOLFSSL_ASN1_BIT_STRING {
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)|| \
defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(OPENSSL_EXTRA) \
|| defined(OPENSSL_ALL) \
@@ -3428,7 +3431,8 @@ WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NA
|| defined(WOLFSSL_MYSQL_COMPATIBLE) \
|| defined(HAVE_STUNNEL) \
|| defined(WOLFSSL_NGINX) \
|| defined(WOLFSSL_HAPROXY)
|| defined(WOLFSSL_HAPROXY) \
|| defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
@@ -3823,7 +3827,7 @@ WOLFSSL_API void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsi
unsigned *len);
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);

3
wolfssl/wolfcrypt/asn.h
View File

@@ -342,7 +342,8 @@ enum Misc_ASN {
#endif
/* Max total extensions, id + len + others */
#endif
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7)
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
defined(HAVE_PKCS7) || defined(OPENSSL_EXTRA_X509_SMALL)
MAX_OID_SZ = 32, /* Max DER length of OID*/
MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/
#endif

2
wolfssl/wolfcrypt/memory.h
View File

@@ -111,7 +111,7 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*,
/* extra storage in structs for multiple attributes and order */
#ifndef LARGEST_MEM_BUCKET
#ifdef WOLFSSL_TLS13
#define LARGEST_MEM_BUCKET 25792
#define LARGEST_MEM_BUCKET 30400
#else
#define LARGEST_MEM_BUCKET 25600
#endif