wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/NickolasLapp/wolfssl into dyntickets

Browse Source
This commit is contained in:
toddouska
2016-05-13 09:07:55 -07:00
parent 67ab30088b ecba5161ac
commit 1ea01a7ad8
11 changed files with 347 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/include.am
View File

@@ -53,7 +53,7 @@ if BUILD_EXAMPLE_CLIENTS
if !BUILD_IPV6
dist_noinst_SCRIPTS+= scripts/external.test
dist_noinst_SCRIPTS+= scripts/google.test
#dist_noinst_SCRIPTS+= scripts/openssl.test
dist_noinst_SCRIPTS+= scripts/openssl.test
endif
endif

41
scripts/openssl.test
View File

@@ -3,7 +3,15 @@
#openssl.test
# need a unique port since may run the same time as testsuite
openssl_port=11114
generate_port() {
openssl_port=`LC_CTYPE=C tr -cd 0-9 </dev/urandom | head -c 7`
openssl_port=$((`LC_CTYPE=C tr -cd 1-9 </dev/urandom | head -c 1`$openssl_port))
openssl_port=$(($openssl_port % (65535-49512)))
openssl_port=$(($openssl_port + 49512))
}
generate_port
no_pid=-1
server_pid=$no_pid
wolf_suites_tested=0
@@ -44,7 +52,7 @@ do_cleanup() {
do_trap() {
echo "got trap"
do_cleanup
exit -1
exit 1
}
trap do_trap INT TERM
@@ -68,12 +76,35 @@ then
cd ..
fi
echo -e "\nStarting openssl server...\n"
openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-cert.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -Verify 10 -verify_return_error &
found_free_port=0
while [ "$counter" -lt 20 ]; do
echo -e "\nTrying to start openssl server on port $openssl_port...\n"
openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-cert.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -Verify 10 -verify_return_error -cipher "ALL:eNULL" &
server_pid=$!
# wait to see if s_server successfully starts before continuing
sleep 0.1
if ps -p $server_pid > /dev/null
then
echo "s_server started successfully on port $openssl_port"
found_free_port=1
break
else
#port already started, try a different port
counter=$((counter+ 1))
generate_port
fi
done
if [ $found_free_port = 0 ]
then
echo -e "Couldn't find free port for server"
do_cleanup
exit 1
fi
# get wolfssl ciphers
wolf_ciphers=`./examples/client/client -e`
@@ -99,7 +130,7 @@ if [ $server_ready = 0 ]
then
echo -e "Couldn't verify openssl server is running, timeout error"
do_cleanup
exit -1
exit 1
fi
OIFS=$IFS # store old seperator to reset

56
src/internal.c
View File

@@ -2498,6 +2498,10 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
ssl->sessionSecretCb = NULL;
ssl->sessionSecretCtx = NULL;
#endif
#ifdef HAVE_SESSION_TICKET
ssl->session.ticket = ssl->session.staticTicket;
#endif
return 0;
}
@@ -2668,6 +2672,15 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
FreeX509(&ssl->peerCert);
#endif
#ifdef HAVE_SESSION_TICKET
if (ssl->session.isDynamic) {
XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
ssl->session.ticket = ssl->session.staticTicket;
ssl->session.isDynamic = 0;
ssl->session.ticketLen = 0;
}
#endif
}
#ifdef WOLFSSL_TI_HASH
@@ -2805,6 +2818,16 @@ void FreeHandshakeResources(WOLFSSL* ssl)
#ifdef HAVE_QSH
QSH_FreeAll(ssl);
#endif
#ifdef HAVE_SESSION_TICKET
if (ssl->session.isDynamic) {
XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
ssl->session.ticket = ssl->session.staticTicket;
ssl->session.isDynamic = 0;
ssl->session.ticketLen = 0;
}
#endif
}
@@ -14422,12 +14445,29 @@ int DoSessionTicket(WOLFSSL* ssl,
ato16(input + *inOutIdx, &length);
*inOutIdx += OPAQUE16_LEN;
if (length > sizeof(ssl->session.ticket))
return SESSION_TICKET_LEN_E;
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
if (length > sizeof(ssl->session.staticTicket)) {
/* Free old dynamic ticket if we already had one */
if (ssl->session.isDynamic)
XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
ssl->session.ticket =
(byte*)XMALLOC(length, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
if (ssl->session.ticket == NULL) {
/* Set to static ticket to avoid null pointer error */
ssl->session.ticket = ssl->session.staticTicket;
return MEMORY_E;
}
ssl->session.isDynamic = 1;
} else {
if(ssl->session.isDynamic) {
XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
}
ssl->session.isDynamic = 0;
ssl->session.ticket = ssl->session.staticTicket;
}
/* If the received ticket including its length is greater than
* a length value, the save it. Otherwise, don't save it. */
if (length > 0) {
@@ -16085,7 +16125,7 @@ int DoSessionTicket(WOLFSSL* ssl,
if (ssl->options.resuming) { /* let's try */
int ret = -1;
WOLFSSL_SESSION* session = GetSession(ssl,
ssl->arrays->masterSecret);
ssl->arrays->masterSecret, 1);
#ifdef HAVE_SESSION_TICKET
if (ssl->options.useTicket == 1) {
session = &ssl->session;
@@ -16100,9 +16140,6 @@ int DoSessionTicket(WOLFSSL* ssl,
WOLFSSL_MSG("Unsupported cipher suite, OldClientHello");
return UNSUPPORTED_SUITE;
}
#ifdef SESSION_CERTS
ssl->session = *session; /* restore session certs. */
#endif
ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
RAN_LEN);
@@ -16480,7 +16517,7 @@ int DoSessionTicket(WOLFSSL* ssl,
if (ssl->options.resuming) {
int ret = -1;
WOLFSSL_SESSION* session = GetSession(ssl,
ssl->arrays->masterSecret);
ssl->arrays->masterSecret, 1);
#ifdef HAVE_SESSION_TICKET
if (ssl->options.useTicket == 1) {
session = &ssl->session;
@@ -16496,9 +16533,6 @@ int DoSessionTicket(WOLFSSL* ssl,
WOLFSSL_MSG("Unsupported cipher suite, ClientHello");
return UNSUPPORTED_SUITE;
}
#ifdef SESSION_CERTS
ssl->session = *session; /* restore session certs. */
#endif
ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom,
RAN_LEN);

4
src/sniffer.c
View File

@@ -1560,7 +1560,7 @@ static int ProcessServerHello(const byte* input, int* sslBytes,
if (doResume ) {
int ret = 0;
SSL_SESSION* resume = GetSession(session->sslServer,
session->sslServer->arrays->masterSecret);
session->sslServer->arrays->masterSecret, 0);
if (resume == NULL) {
SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE);
return -1;
@@ -1825,7 +1825,7 @@ static int ProcessFinished(const byte* input, int size, int* sslBytes,
if (ret == 0 && session->flags.cached == 0) {
if (session->sslServer->options.haveSessionId) {
WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL);
WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL, 0);
if (sess == NULL)
AddSession(session->sslServer); /* don't re add */
session->flags.cached = 1;

217
src/ssl.c
View File

@@ -1290,8 +1290,32 @@ WOLFSSL_API int wolfSSL_set_SessionTicket(WOLFSSL* ssl, byte* buf, word32 bufSz)
if (ssl == NULL || (buf == NULL && bufSz > 0))
return BAD_FUNC_ARG;
if (bufSz > 0)
if (bufSz > 0) {
/* Ticket will fit into static ticket */
if(bufSz <= SESSION_TICKET_LEN) {
if (ssl->session.isDynamic) {
XFREE(ssl->session.ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
ssl->session.isDynamic = 0;
ssl->session.ticket = ssl->session.staticTicket;
}
XMEMCPY(ssl->session.ticket, buf, bufSz);
} else { /* Ticket requires dynamic ticket storage */
if (ssl->session.ticketLen < bufSz) {
if(ssl->session.isDynamic)
XFREE(ssl->session.ticket, ssl->heap,
DYNAMIC_TYPE_SESSION_TICK);
ssl->session.ticket = XMALLOC(bufSz, ssl->heap,
DYNAMIC_TYPE_SESSION_TICK);
if(!ssl->session.ticket) {
ssl->session.ticket = ssl->session.staticTicket;
return MEMORY_ERROR;
}
ssl->session.isDynamic = 1;
}
XMEMCPY(ssl->session.ticket, buf, bufSz);
}
}
ssl->session.ticketLen = (word16)bufSz;
return SSL_SUCCESS;
@@ -5278,7 +5302,7 @@ WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl)
{
WOLFSSL_ENTER("SSL_get_session");
if (ssl)
return GetSession(ssl, 0);
return GetSession(ssl, 0, 0);
return NULL;
}
@@ -7024,7 +7048,8 @@ WOLFSSL_SESSION* GetSessionClient(WOLFSSL* ssl, const byte* id, int len)
#endif /* NO_CLIENT_CACHE */
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
byte restoreSessionCerts)
{
WOLFSSL_SESSION* ret = 0;
const byte* id = NULL;
@@ -7033,6 +7058,8 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
int count;
int error = 0;
(void) restoreSessionCerts;
if (ssl->options.sessionCacheOff)
return NULL;
@@ -7080,6 +7107,17 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
ret = current;
if (masterSecret)
XMEMCPY(masterSecret, current->masterSecret, SECRET_LEN);
#ifdef SESSION_CERTS
/* If set, we should copy the session certs into the ssl object
* from the session we are returning so we can resume */
if (restoreSessionCerts) {
ssl->session.chain = ret->chain;
ssl->session.version = ret->version;
ssl->session.cipherSuite0 = ret->cipherSuite0;
ssl->session.cipherSuite = ret->cipherSuite;
}
#endif /* SESSION_CERTS */
} else {
WOLFSSL_MSG("Session timed out");
}
@@ -7095,13 +7133,102 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
}
int GetDeepCopySession(WOLFSSL* ssl, WOLFSSL_SESSION* copyFrom)
{
WOLFSSL_SESSION* copyInto = &ssl->session;
void* tmpBuff = NULL;
int ticketLen;
int doDynamicCopy = 0;
int ret = SSL_SUCCESS;
(void)ticketLen;
(void)doDynamicCopy;
(void)tmpBuff;
if (!ssl || !copyFrom)
return BAD_FUNC_ARG;
if (LockMutex(&session_mutex) != 0)
return BAD_MUTEX_E;
#ifdef HAVE_SESSION_TICKET
/* Free old dynamic ticket if we had one to avoid leak */
if (copyInto->isDynamic) {
XFREE(copyInto->ticket, ssl->heap, DYNAMIC_TYPE_SESS_TICK);
copyInto->ticket = copyInto->staticTicket;
copyInto->isDynamic = 0;
}
/* Size of ticket to alloc if needed; Use later for alloc outside lock */
doDynamicCopy = copyFrom->isDynamic;
ticketLen = copyFrom->ticketLen;
#endif
*copyInto = *copyFrom;
/* Default ticket to non dynamic. This will avoid crash if we fail below */
#ifdef HAVE_SESSION_TICKET
copyInto->ticket = copyInto->staticTicket;
copyInto->isDynamic = 0;
#endif
if (UnLockMutex(&session_mutex) != 0) {
return BAD_MUTEX_E;
}
#ifdef HAVE_SESSION_TICKET
/* If doing dynamic copy, need to alloc outside lock, then inside a lock
* confirm the size still matches and memcpy */
if (doDynamicCopy) {
tmpBuff = XMALLOC(ticketLen, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
if (!tmpBuff)
return MEMORY_ERROR;
if (LockMutex(&session_mutex) != 0) {
XFREE(tmpBuff, ssl->heap, DYNAMIC_TYPE_SESS_TICK);
return BAD_MUTEX_E;
}
if (ticketLen != copyFrom->ticketLen) {
/* Another thread modified the ssl-> session ticket during alloc.
* Treat as error, since ticket different than when copy requested */
ret = VAR_STATE_CHANGE_E;
}
if (ret == SSL_SUCCESS) {
copyInto->ticket = tmpBuff;
copyInto->isDynamic = 1;
XMEMCPY(copyInto->ticket, copyFrom->ticket, ticketLen);
}
} else {
/* Need to ensure ticket pointer gets updated to own buffer
* and is not pointing to buff of session copied from */
copyInto->ticket = copyInto->staticTicket;
}
if (UnLockMutex(&session_mutex) != 0) {
if (ret == SSL_SUCCESS)
ret = BAD_MUTEX_E;
}
if (ret != SSL_SUCCESS) {
/* cleanup */
if (tmpBuff)
XFREE(tmpBuff, ssl->heap, DYNAMIC_TYPE_SESS_TICK);
copyInto->ticket = copyInto->staticTicket;
copyInto->isDynamic = 0;
}
#endif /* HAVE_SESSION_TICKET */
return ret;
}
int SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
{
if (ssl->options.sessionCacheOff)
return SSL_FAILURE;
if (LowResTimer() < (session->bornOn + session->timeout)) {
ssl->session = *session;
GetDeepCopySession(ssl, session);
ssl->options.resuming = 1;
#ifdef SESSION_CERTS
@@ -7125,6 +7252,10 @@ int AddSession(WOLFSSL* ssl)
{
word32 row, idx;
int error = 0;
#ifdef HAVE_SESSION_TICKET
byte* tmpBuff = NULL;
int ticLen = 0;
#endif
if (ssl->options.sessionCacheOff)
return 0;
@@ -7143,8 +7274,23 @@ int AddSession(WOLFSSL* ssl)
return error;
}
if (LockMutex(&session_mutex) != 0)
#ifdef HAVE_SESSION_TICKET
ticLen = ssl->session.ticketLen;
/* Alloc Memory here so if Malloc fails can exit outside of lock */
if(ticLen > SESSION_TICKET_LEN) {
tmpBuff = XMALLOC(ticLen, ssl->heap,
DYNAMIC_TYPE_SESSION_TICK);
if(!tmpBuff)
return MEMORY_E;
}
#endif
if (LockMutex(&session_mutex) != 0) {
#ifdef HAVE_SESSION_TICKET
XFREE(tmpBuff, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
return BAD_MUTEX_E;
}
idx = SessionCache[row].nextIdx++;
#ifdef SESSION_INDEX
@@ -7161,12 +7307,48 @@ int AddSession(WOLFSSL* ssl)
SessionCache[row].Sessions[idx].bornOn = LowResTimer();
#ifdef HAVE_SESSION_TICKET
SessionCache[row].Sessions[idx].ticketLen = ssl->session.ticketLen;
/* Check if another thread modified ticket since alloc */
if (ticLen != ssl->session.ticketLen) {
error = VAR_STATE_CHANGE_E;
}
if (error == 0) {
/* Cleanup cache row's old Dynamic buff if exists */
if(SessionCache[row].Sessions[idx].isDynamic) {
XFREE(SessionCache[row].Sessions[idx].ticket,
ssl->heap, DYNAMIC_TYPE_SESS_TICK);
SessionCache[row].Sessions[idx].ticket = NULL;
}
/* If too large to store in static buffer, use dyn buffer */
if (ticLen > SESSION_TICKET_LEN) {
SessionCache[row].Sessions[idx].ticket = tmpBuff;
SessionCache[row].Sessions[idx].isDynamic = 1;
} else {
SessionCache[row].Sessions[idx].ticket =
SessionCache[row].Sessions[idx].staticTicket;
SessionCache[row].Sessions[idx].isDynamic = 0;
}
}
if (error == 0) {
SessionCache[row].Sessions[idx].ticketLen = ticLen;
XMEMCPY(SessionCache[row].Sessions[idx].ticket,
ssl->session.ticket, ssl->session.ticketLen);
ssl->session.ticket, ticLen);
} else { /* cleanup, reset state */
SessionCache[row].Sessions[idx].ticket =
SessionCache[row].Sessions[idx].staticTicket;
SessionCache[row].Sessions[idx].isDynamic = 0;
SessionCache[row].Sessions[idx].ticketLen = 0;
if (tmpBuff) {
XFREE(tmpBuff, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
tmpBuff = NULL;
}
}
#endif
#ifdef SESSION_CERTS
if (error == 0) {
SessionCache[row].Sessions[idx].chain.count = ssl->session.chain.count;
XMEMCPY(SessionCache[row].Sessions[idx].chain.certs,
ssl->session.chain.certs, sizeof(x509_buffer) * MAX_CHAIN_DEPTH);
@@ -7174,21 +7356,23 @@ int AddSession(WOLFSSL* ssl)
SessionCache[row].Sessions[idx].version = ssl->version;
SessionCache[row].Sessions[idx].cipherSuite0 = ssl->options.cipherSuite0;
SessionCache[row].Sessions[idx].cipherSuite = ssl->options.cipherSuite;
}
#endif /* SESSION_CERTS */
if (error == 0) {
SessionCache[row].totalCount++;
if (SessionCache[row].nextIdx == SESSIONS_PER_ROW)
SessionCache[row].nextIdx = 0;
}
#ifndef NO_CLIENT_CACHE
if (error == 0) {
if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->session.idLen) {
word32 clientRow, clientIdx;
WOLFSSL_MSG("Adding client cache entry");
SessionCache[row].Sessions[idx].idLen = ssl->session.idLen;
XMEMCPY(SessionCache[row].Sessions[idx].serverID, ssl->session.serverID,
ssl->session.idLen);
XMEMCPY(SessionCache[row].Sessions[idx].serverID,
ssl->session.serverID, ssl->session.idLen);
clientRow = HashSession(ssl->session.serverID, ssl->session.idLen,
&error) % SESSION_ROWS;
@@ -7197,8 +7381,10 @@ int AddSession(WOLFSSL* ssl)
} else {
clientIdx = ClientCache[clientRow].nextIdx++;
ClientCache[clientRow].Clients[clientIdx].serverRow = (word16)row;
ClientCache[clientRow].Clients[clientIdx].serverIdx = (word16)idx;
ClientCache[clientRow].Clients[clientIdx].serverRow =
(word16)row;
ClientCache[clientRow].Clients[clientIdx].serverIdx =
(word16)idx;
ClientCache[clientRow].totalCount++;
if (ClientCache[clientRow].nextIdx == SESSIONS_PER_ROW)
@@ -7207,6 +7393,7 @@ int AddSession(WOLFSSL* ssl)
}
else
SessionCache[row].Sessions[idx].idLen = 0;
}
#endif /* NO_CLIENT_CACHE */
#if defined(WOLFSSL_SESSION_STATS) && defined(WOLFSSL_PEAK_SESSIONS)
@@ -7438,10 +7625,12 @@ int wolfSSL_get_session_stats(word32* active, word32* total, word32* peak,
#else /* NO_SESSION_CACHE */
/* No session cache version */
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret)
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
byte restoreSessionCerts)
{
(void)ssl;
(void)masterSecret;
(void)restoreSessionCerts;
return NULL;
}

4
src/tls.c
View File

@@ -3212,9 +3212,11 @@ int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket)
#define STK_GET_SIZE TLSX_SessionTicket_GetSize
#define STK_WRITE TLSX_SessionTicket_Write
#define STK_PARSE TLSX_SessionTicket_Parse
#define STK_FREE(stk) TLSX_SessionTicket_Free((SessionTicket*)stk)
#else
#define STK_FREE(a)
#define STK_VALIDATE_REQUEST(a)
#define STK_GET_SIZE(a, b) 0
#define STK_WRITE(a, b, c) 0
@@ -3864,7 +3866,7 @@ void TLSX_FreeAll(TLSX* list)
break;
case TLSX_SESSION_TICKET:
/* Nothing to do. */
STK_FREE(extension->data);
break;
case TLSX_QUANTUM_SAFE_HYBRID:

3
wolfcrypt/src/error.c
View File

@@ -101,6 +101,9 @@ const char* wc_GetErrorString(int error)
case MEMORY_E :
return "out of memory error";
case VAR_STATE_CHANGE_E :
return "Variable state modified by different thread";
case RSA_WRONG_TYPE_E :
return "RSA wrong block type for RSA function";

6
wolfssl/internal.h
View File

@@ -2215,8 +2215,10 @@ struct WOLFSSL_SESSION {
byte serverID[SERVER_ID_LEN]; /* for easier client lookup */
#endif
#ifdef HAVE_SESSION_TICKET
byte* ticket;
word16 ticketLen;
byte ticket[SESSION_TICKET_LEN];
byte staticTicket[SESSION_TICKET_LEN];
byte isDynamic;
#endif
#ifdef HAVE_STUNNEL
void* ex_data[MAX_EX_DATA];
@@ -2225,7 +2227,7 @@ struct WOLFSSL_SESSION {
WOLFSSL_LOCAL
WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*);
WOLFSSL_SESSION* GetSession(WOLFSSL*, byte*, byte);
WOLFSSL_LOCAL
int SetSession(WOLFSSL*, WOLFSSL_SESSION*);

1
wolfssl/ssl.h
View File

@@ -287,6 +287,7 @@ WOLFSSL_API void wolfSSL_set_quiet_shutdown(WOLFSSL*, int);
WOLFSSL_API int wolfSSL_get_error(WOLFSSL*, int);
WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL*, WOLFSSL_ALERT_HISTORY *);
WOLFSSL_API int GetDeepCopySession(WOLFSSL*, WOLFSSL_SESSION*);
WOLFSSL_API int wolfSSL_set_session(WOLFSSL* ssl,WOLFSSL_SESSION* session);
WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* session, long t);
WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);

2
wolfssl/wolfcrypt/error-crypt.h
View File

@@ -59,6 +59,8 @@ enum {
MP_ZERO_E = -121, /* got a mp zero result, not expected */
MEMORY_E = -125, /* out of memory error */
VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */
RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */
RSA_BUFFER_E = -131, /* RSA buffer error, output too small or

3
wolfssl/wolfcrypt/types.h
View File

@@ -316,7 +316,8 @@
DYNAMIC_TYPE_X509_CTX = 53,
DYNAMIC_TYPE_URL = 54,
DYNAMIC_TYPE_DTLS_FRAG = 55,
DYNAMIC_TYPE_DTLS_BUFFER = 56
DYNAMIC_TYPE_DTLS_BUFFER = 56,
DYNAMIC_TYPE_SESSION_TICK = 57
};
/* max error buffer string size */