wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 03:07:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

handle edge case with wolfSSL_write_ex and refactor wolfSSL_get_client_ciphers

Browse Source
This commit is contained in:
JacobBarthelmeh
2025-01-23 16:21:16 -07:00
parent 1e3d3ddec7
commit 41e00dc3c9
1 changed files with 51 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
src/ssl.c
View File

@ -3088,14 +3088,34 @@ int wolfSSL_write_ex(WOLFSSL* ssl, const void* data, int sz, size_t* wr)
{ {
int ret; int ret;
if (wr != NULL) {
*wr = 0;
}
ret = wolfSSL_write(ssl, data, sz); ret = wolfSSL_write(ssl, data, sz);
if (ret >= 0 && wr != NULL) { if (ret >= 0) {
if (wr != NULL) {
*wr = (size_t)ret; *wr = (size_t)ret;
}
/* handle partial write cases, if not set then a partial write is
* considered a failure case, or if set and ret is 0 then is a fail */
if (ret == 0 && ssl->options.partialWrite) {
ret = 0;
}
else if (ret < sz && !ssl->options.partialWrite) {
ret = 0;
}
else {
/* wrote out all application data, or wrote out 1 byte or more with
* partial write flag set */
ret = 1; ret = 1;
} }
}
else { else {
ret = 0; ret = 0;
} }
return ret; return ret;
} }
@ -14332,7 +14352,7 @@ static int PushCAx509Chain(WOLFSSL_CERT_MANAGER* cm,
or ssl->verifiedChain based off of the ssl session chain. Attempts to place or ssl->verifiedChain based off of the ssl session chain. Attempts to place
CA certificates at the bottom of the stack for a verified chain. Returns CA certificates at the bottom of the stack for a verified chain. Returns
stack of WOLFSSL_X509 certs or NULL on failure */ stack of WOLFSSL_X509 certs or NULL on failure */
static WOLF_STACK_OF(WOLFSSL_X509)* CreatePeerCertChain(WOLFSSL* ssl, static WOLF_STACK_OF(WOLFSSL_X509)* CreatePeerCertChain(const WOLFSSL* ssl,
int verifiedFlag) int verifiedFlag)
{ {
WOLFSSL_STACK* sk; WOLFSSL_STACK* sk;
@ -21962,9 +21982,13 @@ WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
int i; int i;
int j; int j;
ret = wolfSSL_sk_new_node(ssl->heap);
if (ret != NULL) {
ret->type = STACK_TYPE_CIPHER;
/* higher priority of cipher suite will be on top of stack */ /* higher priority of cipher suite will be on top of stack */
for (i = suites->suiteSz - 2; i >= 0; i -= 2) { for (i = suites->suiteSz - 2; i >= 0; i -= 2) {
WOLFSSL_STACK* add; WOLFSSL_CIPHER cipher;
/* A couple of suites are placeholders for special options, /* A couple of suites are placeholders for special options,
* skip those. */ * skip those. */
@ -21974,36 +21998,32 @@ WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
continue; continue;
} }
add = wolfSSL_sk_new_node(ssl->heap); cipher.cipherSuite0 = suites->suites[i];
if (add != NULL) { cipher.cipherSuite = suites->suites[i+1];
add->type = STACK_TYPE_CIPHER; cipher.ssl = ssl;
add->data.cipher.cipherSuite0 = suites->suites[i];
add->data.cipher.cipherSuite = suites->suites[i+1];
add->data.cipher.ssl = ssl;
for (j = 0; j < cipherSz; j++) { for (j = 0; j < cipherSz; j++) {
if (cipher_names[j].cipherSuite0 == if (cipher_names[j].cipherSuite0 ==
add->data.cipher.cipherSuite0 && cipher.cipherSuite0 &&
cipher_names[j].cipherSuite == cipher_names[j].cipherSuite ==
add->data.cipher.cipherSuite) { cipher.cipherSuite) {
add->data.cipher.offset = (unsigned long)j; cipher.offset = (unsigned long)j;
break; break;
} }
} }
/* in_stack is checked in wolfSSL_CIPHER_description */ /* in_stack is checked in wolfSSL_CIPHER_description */
add->data.cipher.in_stack = 1; cipher.in_stack = 1;
add->next = ret; if (wolfSSL_sk_CIPHER_push(ret, &cipher) != WOLFSSL_SUCCESS) {
if (ret != NULL) { WOLFSSL_MSG("Error pushing client cipher onto stack");
add->num = ret->num + 1; wolfSSL_sk_CIPHER_free(ret);
} ret = NULL;
else { break;
add->num = 1;
}
ssl->clSuitesStack = ret = add;
} }
} }
} }
ssl->clSuitesStack = ret;
}
return ret; return ret;
} }
#endif /* OPENSSL_ALL */ #endif /* OPENSSL_ALL */