diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c index 2fd81fe2a..608a32457 100644 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c +++ b/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c @@ -469,7 +469,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) - if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) err_sys("UseSNI failed"); #endif diff --git a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c index 88a6064b4..aeecd62fb 100644 --- a/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c +++ b/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c @@ -419,7 +419,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_SNI if (sniHostName) { if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, - XSTRLEN(sniHostName))) + XSTRLEN(sniHostName)) != SSL_SUCCESS) err_sys("UseSNI failed"); else CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME, diff --git a/IDE/MDK5-ARM/Projects/SimpleClient/client.c b/IDE/MDK5-ARM/Projects/SimpleClient/client.c index 07cf20bea..e6f6a56e3 100644 --- a/IDE/MDK5-ARM/Projects/SimpleClient/client.c +++ b/IDE/MDK5-ARM/Projects/SimpleClient/client.c @@ -471,7 +471,8 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) - if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) err_sys("UseSNI failed"); #endif diff --git a/IDE/MDK5-ARM/Projects/SimpleServer/server.c b/IDE/MDK5-ARM/Projects/SimpleServer/server.c index de53738e8..ecc9b510b 100644 --- a/IDE/MDK5-ARM/Projects/SimpleServer/server.c +++ b/IDE/MDK5-ARM/Projects/SimpleServer/server.c @@ -418,7 +418,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_SNI if (sniHostName) { if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, - XSTRLEN(sniHostName))) + XSTRLEN(sniHostName)) != SSL_SUCCESS) err_sys("UseSNI failed"); else CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME, diff --git a/examples/client/client.c b/examples/client/client.c index ff0e9848f..ac6f935a8 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -550,17 +550,18 @@ THREAD_RETURN CYASSL_THREAD client_test(void* args) #ifdef HAVE_SNI if (sniHostName) - if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName))) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) err_sys("UseSNI failed"); #endif #ifdef HAVE_MAX_FRAGMENT if (maxFragment) - if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment)) + if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) err_sys("UseMaxFragment failed"); #endif #ifdef HAVE_TRUNCATED_HMAC if (truncatedHMAC) - if (CyaSSL_CTX_UseTruncatedHMAC(ctx)) + if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) err_sys("UseTruncatedHMAC failed"); #endif diff --git a/examples/server/server.c b/examples/server/server.c index 365418d5d..f99be0aa2 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -443,7 +443,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_SNI if (sniHostName) if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, - XSTRLEN(sniHostName))) + XSTRLEN(sniHostName)) != SSL_SUCCESS) err_sys("UseSNI failed"); #endif diff --git a/src/tls.c b/src/tls.c index 00c229473..872016460 100644 --- a/src/tls.c +++ b/src/tls.c @@ -776,7 +776,7 @@ static int TLSX_SNI_Parse(CYASSL* ssl, byte* input, word16 length, int r = TLSX_UseSNI(&ssl->extensions, type, input + offset, size); - if (r) return r; /* throw error */ + if (r != SSL_SUCCESS) return r; /* throw error */ TLSX_SNI_SetStatus(ssl->extensions, type, matched ? CYASSL_SNI_REAL_MATCH : CYASSL_SNI_FAKE_MATCH); @@ -842,7 +842,7 @@ int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, word16 size) } } while ((sni = sni->next)); - return 0; + return SSL_SUCCESS; } #ifndef NO_CYASSL_SERVER @@ -1047,7 +1047,7 @@ static int TLSX_MFL_Parse(CYASSL* ssl, byte* input, word16 length, if (isRequest) { int r = TLSX_UseMaxFragment(&ssl->extensions, *input); - if (r) return r; /* throw error */ + if (r != SSL_SUCCESS) return r; /* throw error */ TLSX_SetResponse(ssl, MAX_FRAGMENT_LENGTH); } @@ -1097,7 +1097,7 @@ int TLSX_UseMaxFragment(TLSX** extensions, byte mfl) } } while ((extension = extension->next)); - return 0; + return SSL_SUCCESS; } @@ -1128,7 +1128,7 @@ int TLSX_UseTruncatedHMAC(TLSX** extensions) if ((ret = TLSX_Append(extensions, TRUNCATED_HMAC)) != 0) return ret; - return 0; + return SSL_SUCCESS; } static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, @@ -1141,7 +1141,7 @@ static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, if (isRequest) { int r = TLSX_UseTruncatedHMAC(&ssl->extensions); - if (r) return r; /* throw error */ + if (r != SSL_SUCCESS) return r; /* throw error */ TLSX_SetResponse(ssl, TRUNCATED_HMAC); } @@ -1428,7 +1428,7 @@ int TLSX_UseEllipticCurve(TLSX** extensions, word16 name) } } while ((curve = curve->next)); - return 0; + return SSL_SUCCESS; } #define EC_FREE_ALL TLSX_EllipticCurve_FreeAll @@ -1785,6 +1785,13 @@ int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest, #undef IS_OFF #undef TURN_ON +#elif defined(HAVE_SNI) \ + || defined(HAVE_MAX_FRAGMENT) \ + || defined(HAVE_TRUNCATED_HMAC) \ + || defined(HAVE_ELLIPTIC_CURVES) + +#error "Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined." + #endif /* HAVE_TLS_EXTENSIONS */ diff --git a/tests/api.c b/tests/api.c index 176b08abf..9de246eb0 100644 --- a/tests/api.c +++ b/tests/api.c @@ -248,7 +248,7 @@ static void use_SNI_at_ctx(CYASSL_CTX* ctx) byte type = CYASSL_SNI_HOST_NAME; char name[] = "www.yassl.com"; - AssertIntEQ(0, CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name))); + AssertIntEQ(1, CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name))); } static void use_SNI_at_ssl(CYASSL* ssl) @@ -256,7 +256,7 @@ static void use_SNI_at_ssl(CYASSL* ssl) byte type = CYASSL_SNI_HOST_NAME; char name[] = "www.yassl.com"; - AssertIntEQ(0, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); + AssertIntEQ(1, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); } static void different_SNI_at_ssl(CYASSL* ssl) @@ -264,7 +264,7 @@ static void different_SNI_at_ssl(CYASSL* ssl) byte type = CYASSL_SNI_HOST_NAME; char name[] = "ww2.yassl.com"; - AssertIntEQ(0, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); + AssertIntEQ(1, CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); } static void use_SNI_WITH_CONTINUE_at_ssl(CYASSL* ssl) @@ -431,16 +431,16 @@ void test_CyaSSL_UseSNI(void) AssertNotNull(ssl); /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx"))); - AssertIntNE(0, CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl"))); - AssertIntNE(0, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx"))); - AssertIntNE(0, CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl"))); - AssertIntNE(0, CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx"))); - AssertIntNE(0, CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl"))); + AssertIntNE(1, CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntNE(1, CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntNE(1, CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntNE(1, CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntNE(1, CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx"))); + AssertIntNE(1, CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl"))); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx"))); - AssertIntEQ(0, CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntEQ(1, CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntEQ(1, CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl"))); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -496,24 +496,24 @@ static void test_CyaSSL_UseMaxFragment(void) AssertNotNull(ssl); /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9)); - AssertIntNE(0, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9)); - AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(ctx, 0)); - AssertIntNE(0, CyaSSL_CTX_UseMaxFragment(ctx, 6)); - AssertIntNE(0, CyaSSL_UseMaxFragment(ssl, 0)); - AssertIntNE(0, CyaSSL_UseMaxFragment(ssl, 6)); + AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9)); + AssertIntNE(1, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9)); + AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(ctx, 0)); + AssertIntNE(1, CyaSSL_CTX_UseMaxFragment(ctx, 6)); + AssertIntNE(1, CyaSSL_UseMaxFragment(ssl, 0)); + AssertIntNE(1, CyaSSL_UseMaxFragment(ssl, 6)); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12)); - AssertIntEQ(0, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12)); - AssertIntEQ(0, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12)); + AssertIntEQ(1, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12)); + AssertIntEQ(1, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -530,12 +530,12 @@ static void test_CyaSSL_UseTruncatedHMAC(void) AssertNotNull(ssl); /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseTruncatedHMAC(NULL)); - AssertIntNE(0, CyaSSL_UseTruncatedHMAC(NULL)); + AssertIntNE(1, CyaSSL_CTX_UseTruncatedHMAC(NULL)); + AssertIntNE(1, CyaSSL_UseTruncatedHMAC(NULL)); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseTruncatedHMAC(ctx)); - AssertIntEQ(0, CyaSSL_UseTruncatedHMAC(ssl)); + AssertIntEQ(1, CyaSSL_CTX_UseTruncatedHMAC(ctx)); + AssertIntEQ(1, CyaSSL_UseTruncatedHMAC(ssl)); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -553,15 +553,15 @@ static void test_CyaSSL_UseEllipticCurve(void) #ifndef NO_CYASSL_CLIENT /* error cases */ - AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); - AssertIntNE(0, CyaSSL_CTX_UseEllipticCurve(ctx, 0)); + AssertIntNE(1, CyaSSL_CTX_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(1, CyaSSL_CTX_UseEllipticCurve(ctx, 0)); - AssertIntNE(0, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); - AssertIntNE(0, CyaSSL_UseEllipticCurve(ssl, 0)); + AssertIntNE(1, CyaSSL_UseEllipticCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(1, CyaSSL_UseEllipticCurve(ssl, 0)); /* success case */ - AssertIntEQ(0, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1)); - AssertIntEQ(0, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1)); + AssertIntEQ(1, CyaSSL_CTX_UseEllipticCurve(ctx, CYASSL_ECC_SECP160R1)); + AssertIntEQ(1, CyaSSL_UseEllipticCurve(ssl, CYASSL_ECC_SECP160R1)); #endif CyaSSL_free(ssl);