From 255465a757ac0668382667b3aaac56d823ff1314 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 29 Aug 2024 20:02:42 -0500 Subject: [PATCH] src/internal.c: in wolfSSL_ERR_reason_error_string(), remove handling for -WOLFSSL_X509_V_ERR_*, and make corresponding changes in wolfssl/error-ssl.h and tests/api.c. --- src/internal.c | 48 --------------------------------------------- tests/api.c | 10 ---------- wolfssl/error-ssl.h | 22 --------------------- 3 files changed, 80 deletions(-) diff --git a/src/internal.c b/src/internal.c index 0c1312f6d..d8cb3f2ff 100644 --- a/src/internal.c +++ b/src/internal.c @@ -25680,54 +25680,6 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e) case WOLFSSL_FATAL_ERROR: return "fatal error"; -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ - defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED) - - /* TODO: -WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE. Conflicts with - * -WOLFSSL_ERROR_WANT_CONNECT. - */ - - case -WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID: - return "certificate not yet valid"; - - case -WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED: - return "certificate has expired"; - - case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - return "certificate signature failure"; - - case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - return "format error in certificate's notAfter field"; - - case -WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - return "self-signed certificate in certificate chain"; - - case -WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: - return "unable to get local issuer certificate"; - - case -WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: - return "unable to verify the first certificate"; - - case -WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG: - return "certificate chain too long"; - - case -WOLFSSL_X509_V_ERR_CERT_REVOKED: - return "certificate revoked"; - - case -WOLFSSL_X509_V_ERR_INVALID_CA: - return "invalid CA certificate"; - - case -WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED: - return "path length constraint exceeded"; - - case -WOLFSSL_X509_V_ERR_CERT_REJECTED: - return "certificate rejected"; - - case -WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH: - return "subject issuer mismatch"; - -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER || HAVE_MEMCACHED */ - default : return "unknown error number"; } diff --git a/tests/api.c b/tests/api.c index 5b4be95e7..c50ec3258 100644 --- a/tests/api.c +++ b/tests/api.c @@ -83187,17 +83187,7 @@ static int error_test(void) #ifndef OPENSSL_EXTRA { 0, 0 }, #endif - -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ - defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED) - { -11, -12 }, - { -15, -17 }, - { -19, -19 }, - { -26, -27 }, - { -30, WC_FIRST_E+1 }, -#else { -9, WC_FIRST_E+1 }, -#endif { -124, -124 }, { -166, -169 }, { -300, -300 }, diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h index c578c61a4..f61c78650 100644 --- a/wolfssl/error-ssl.h +++ b/wolfssl/error-ssl.h @@ -46,28 +46,6 @@ enum wolfSSL_ErrorCodes { WOLFSSL_ERROR_WANT_CONNECT_E = -7, WOLFSSL_ERROR_WANT_ACCEPT_E = -8, -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ - defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED) - - WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE_E = -7, /* note conflict with - * WOLFSSL_ERROR_WANT_CONNECT_E - */ - WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID_E = -9, - WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED_E = -10, - WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD_E = -13, - WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD_E = -14, - WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT_E = -18, - WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY_E = -20, - WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE_E = -21, - WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG_E = -22, - WOLFSSL_X509_V_ERR_CERT_REVOKED_E = -23, - WOLFSSL_X509_V_ERR_INVALID_CA_E = -24, - WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED_E = -25, - WOLFSSL_X509_V_ERR_CERT_REJECTED_E = -28, - WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH_E = -29, - -#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER || HAVE_MEMCACHED */ - WOLFSSL_FIRST_E = -301, /* start of native TLS codes */ INPUT_CASE_ERROR = -301, /* process input state error */