wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1983 from dgarske/x509small_verifycb

Browse Source 
Include current cert as X509 in verify callback for small build
This commit is contained in:
toddouska
2018-12-18 15:40:00 -08:00
committed by GitHub
parent 58a2f518e8 443dbf251b
commit 4068975190
2 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/internal.c
View File

@@ -8610,13 +8610,13 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
if (use_cb && ssl->verifyCallback) {
#ifdef WOLFSSL_SMALL_STACK
WOLFSSL_X509_STORE_CTX* store;
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_X509* x509;
#endif
char* domain = NULL;
#else
WOLFSSL_X509_STORE_CTX store[1];
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_X509 x509[1];
#endif
char domain[ASN_NAME_MAX];
@@ -8628,7 +8628,7 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
if (store == NULL) {
return MEMORY_E;
}
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), ssl->heap,
DYNAMIC_TYPE_X509);
if (x509 == NULL) {
@@ -8639,7 +8639,7 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
domain = (char*)XMALLOC(ASN_NAME_MAX, ssl->heap, DYNAMIC_TYPE_STRING);
if (domain == NULL) {
XFREE(store, ssl->heap, DYNAMIC_TYPE_X509);
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
XFREE(x509, ssl->heap, DYNAMIC_TYPE_X509);
#endif
return MEMORY_E;
@@ -8647,7 +8647,7 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
#endif /* WOLFSSL_SMALL_STACK */
XMEMSET(store, 0, sizeof(WOLFSSL_X509_STORE_CTX));
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
XMEMSET(x509, 0, sizeof(WOLFSSL_X509));
#endif
domain[0] = '\0';
@@ -8680,11 +8680,14 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
store->store = &ssl->ctx->x509_store;
}
#endif
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#ifdef KEEP_PEER_CERT
if (args->certIdx == 0) {
store->current_cert = &ssl->peerCert; /* use existing X509 */
}
else {
else
#endif
{
InitX509(x509, 0, ssl->heap);
if (CopyDecodedToX509(x509, args->dCert) == 0) {
store->current_cert = x509;
@@ -8710,7 +8713,7 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
/* mark as verify error */
args->verifyErr = 1;
}
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
if (args->certIdx > 0)
FreeX509(x509);
#endif
@@ -8729,7 +8732,7 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
#endif /* SESSION_CERTS */
#ifdef WOLFSSL_SMALL_STACK
XFREE(domain, ssl->heap, DYNAMIC_TYPE_STRING);
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
XFREE(x509, ssl->heap, DYNAMIC_TYPE_X509);
#endif
XFREE(store, ssl->heap, DYNAMIC_TYPE_X509_STORE);

4
wolfssl/test.h
View File

@@ -1559,7 +1559,7 @@ static int myVerifyFail = 0;
static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
{
char buffer[WOLFSSL_MAX_ERROR_SZ];
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_X509* peer;
#endif
(void)preverify;
@@ -1581,7 +1581,7 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
printf("In verification callback, error = %d, %s\n", store->error,
wolfSSL_ERR_error_string(store->error, buffer));
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
peer = store->current_cert;
if (peer) {
char* issuer = wolfSSL_X509_NAME_oneline(