diff --git a/configure.ac b/configure.ac index c780ad028..0a9ea7446 100644 --- a/configure.ac +++ b/configure.ac @@ -917,6 +917,50 @@ then ENABLED_SP_MATH_ALL="no" fi +# wolfCrypt Only Build +AC_ARG_ENABLE([cryptonly], + [AS_HELP_STRING([--enable-cryptonly],[Enable wolfCrypt Only build (default: disabled)])], + [ENABLED_CRYPTONLY=$enableval], + [ENABLED_CRYPTONLY=no]) + +AS_IF([test "x$FIPS_VERSION" = "xrand"],[ENABLED_CRYPTONLY="yes"]) + +# TLS +AC_ARG_ENABLE([tls], + [AS_HELP_STRING([--enable-tls],[Enable TLS support (default: enabled)])], + [ ENABLED_TLS=$enableval ], + [ ENABLED_TLS=yes ] + ) + +if test "$ENABLED_CRYPTONLY" = "yes" +then + ENABLED_TLS=no +fi +if test "$ENABLED_TLS" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_TLS" + test "$enable_tls13" = "" && enable_tls13=no + test "$enable_tlsv12" = "" && enable_tlsv12=no + test "$enable_tlsv10" = "" && enable_tlsv10=no + test "$enable_dtls" = "" && enable_dtls=no + test "$enable_dtls13" = "" && enable_dtls13=no + test "$enable_mcast" = "" && enable_mcast=no + test "$enable_srtp" = "" && enable_srtp=no + test "$enable_ocsp" = "" && enable_ocsp=no + test "$enable_tlsx" = "" && enable_tlsx=no + test "$enable_sni" = "" && enable_sni=no + test "$enable_sni" = "" && enable_sni=no + test "$enable_crl_monitor" = "" && enable_crl_monitor=no + test "$enable_alpn" = "" && enable_alpn=no + test "$enable_pkcallbacks" = "" && enable_pkcallbacks=no + test "$enable_quic" = "" && enable_quic=no + test "$enable_ech" = "" && enable_ech=no + test "$enable_ocspstapling" = "" && enable_ocspstapling=no + + # Disable all open source compatibility enables that might get set with all + test "$enable_all_osp" = "" && enable_all_osp=no +fi + # All features, except conflicting or experimental: AC_ARG_ENABLE([all], @@ -1751,14 +1795,6 @@ then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_USE_RWLOCK" fi -# wolfCrypt Only Build -AC_ARG_ENABLE([cryptonly], - [AS_HELP_STRING([--enable-cryptonly],[Enable wolfCrypt Only build (default: disabled)])], - [ENABLED_CRYPTONLY=$enableval], - [ENABLED_CRYPTONLY=no]) - -AS_IF([test "x$FIPS_VERSION" = "xrand"],[ENABLED_CRYPTONLY="yes"]) - # ECH AC_ARG_ENABLE([ech], [AS_HELP_STRING([--enable-ech],[Enable ECH (default: disabled)])], diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index e969e155a..5f2241179 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -72,7 +72,8 @@ Or #endif /* PTHREAD requires server and client enabled */ -#if defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER)) #if !defined(SINGLE_THREADED) #ifdef __GNUC__ /* GCC compiler */ #pragma message "PTHREAD requires server and client enabled." @@ -140,7 +141,7 @@ platform supports it" #define SHOW_VERBOSE 0 /* Default output is tab delimited format */ #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ - !defined(WOLFCRYPT_ONLY) && defined(USE_WOLFSSL_IO) + !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && defined(USE_WOLFSSL_IO) /* shutdown message - nice signal to server, we are done */ static const char* kShutdown = "shutdown"; @@ -2337,7 +2338,7 @@ int main(int argc, char** argv) args.return_code = 0; #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ - !defined(WOLFCRYPT_ONLY) && defined(USE_WOLFSSL_IO) + !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && defined(USE_WOLFSSL_IO) bench_tls(&args); #endif diff --git a/examples/client/client.c b/examples/client/client.c index be226c7ea..3b64a32b9 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -56,7 +56,8 @@ static const char *wolfsentry_config_path = NULL; #include #include -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) + #ifdef NO_FILESYSTEM #ifdef NO_RSA @@ -4810,7 +4811,7 @@ exit: WOLFSSL_RETURN_FROM_THREAD(0); } -#endif /* !NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ /* so overall tests can pull in test function */ @@ -4836,7 +4837,7 @@ exit: wolfSSL_Init(); ChangeToWolfRoot(); -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, client_test); #else diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index 7173963cf..d677b10c8 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -57,7 +57,7 @@ #include -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) #ifdef NO_FILESYSTEM @@ -381,7 +381,7 @@ void echoclient_test(void* args) ((func_args*)args)->return_code = 0; } -#endif /* !NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ /* so overall tests can pull in test function */ #ifndef NO_MAIN_DRIVER @@ -408,7 +408,7 @@ void echoclient_test(void* args) #ifndef WOLFSSL_TIRTOS ChangeToWolfRoot(); #endif -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) echoclient_test(&args); #endif diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index bf649ab52..1ff80c071 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -56,7 +56,7 @@ #include "examples/echoserver/echoserver.h" -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #ifdef NO_FILESYSTEM #ifdef NO_RSA @@ -536,7 +536,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args) WOLFSSL_RETURN_FROM_THREAD(0); } -#endif /* !NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ /* so overall tests can pull in test function */ @@ -562,7 +562,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args) wolfSSL_Debugging_ON(); #endif ChangeToWolfRoot(); -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) echoserver_test(&args); #endif wolfSSL_Cleanup(); diff --git a/examples/server/server.c b/examples/server/server.c index f3e9d3e1b..ec6edbe0e 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -75,7 +75,7 @@ static const char *wolfsentry_config_path = NULL; #include "examples/server/server.h" -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #if defined(WOLFSSL_TLS13) && ( \ defined(HAVE_ECC) \ @@ -3986,7 +3986,7 @@ exit: WOLFSSL_RETURN_FROM_THREAD(0); } -#endif /* !NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ /* so overall tests can pull in test function */ @@ -4017,7 +4017,7 @@ exit: #endif ChangeToWolfRoot(); -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, server_test); #else diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index fc193d369..17c26d15a 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -217,8 +217,14 @@ else exit_hash_dir_code=0 fi -# run the test -run_test +# Check that server is enabled +./examples/server/server -? 2>&1 | grep -- 'Create Ready file' +if [ $? -eq 0 ]; then + # run the test + run_test +else + exit_code=0 +fi # If we get to this exit, exit_code will be a 1 signaling failure echo "exiting with $exit_code certificate was not revoked" diff --git a/src/bio.c b/src/bio.c index 16e2c2a41..b265456a1 100644 --- a/src/bio.c +++ b/src/bio.c @@ -200,6 +200,7 @@ int wolfSSL_BIO_method_type(const WOLFSSL_BIO *b) } #ifndef WOLFCRYPT_ONLY +#ifndef NO_TLS /* Helper function to read from WOLFSSL_BIO_SSL type * * returns the number of bytes read on success @@ -231,6 +232,7 @@ static int wolfSSL_BIO_SSL_read(WOLFSSL_BIO* bio, void* buf, return ret; } +#endif /* !NO_TLS */ static int wolfSSL_BIO_MD_read(WOLFSSL_BIO* bio, void* buf, int sz) { @@ -249,7 +251,7 @@ static int wolfSSL_BIO_MD_read(WOLFSSL_BIO* bio, void* buf, int sz) } return sz; } -#endif /* WOLFCRYPT_ONLY */ +#endif /* !WOLFCRYPT_ONLY */ /* Used to read data from a WOLFSSL_BIO structure @@ -331,7 +333,7 @@ int wolfSSL_BIO_read(WOLFSSL_BIO* bio, void* buf, int len) #endif /* !NO_FILESYSTEM */ break; case WOLFSSL_BIO_SSL: - #ifndef WOLFCRYPT_ONLY + #if !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) ret = wolfSSL_BIO_SSL_read(bio, buf, len, front); #else WOLFSSL_MSG("WOLFSSL_BIO_SSL used with WOLFCRYPT_ONLY"); @@ -500,7 +502,7 @@ static int wolfSSL_BIO_BASE64_write(WOLFSSL_BIO* bio, const void* data, } #endif /* WOLFSSL_BASE64_ENCODE */ -#ifndef WOLFCRYPT_ONLY +#if !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) /* Helper function for writing to a WOLFSSL_BIO_SSL type * * returns the amount written in bytes on success @@ -531,7 +533,7 @@ static int wolfSSL_BIO_SSL_write(WOLFSSL_BIO* bio, const void* data, } return ret; } -#endif /* WOLFCRYPT_ONLY */ +#endif /* !WOLFCRYPT_ONLY && !NO_TLS */ /* Writes to a WOLFSSL_BIO_BIO type. * @@ -746,7 +748,7 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len) #endif /* !NO_FILESYSTEM */ break; case WOLFSSL_BIO_SSL: - #ifndef WOLFCRYPT_ONLY + #if !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) /* already got eof, again is error */ if (front->eof) { ret = WOLFSSL_FATAL_ERROR; @@ -823,7 +825,7 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len) bio = bio->next; } -#ifndef WOLFCRYPT_ONLY +#if !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) exit_chain: #endif @@ -2560,6 +2562,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) return ret; } +#ifndef NO_TLS long wolfSSL_BIO_do_handshake(WOLFSSL_BIO *b) { WOLFSSL_ENTER("wolfSSL_BIO_do_handshake"); @@ -2605,6 +2608,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio) WOLFSSL_MSG("BIO has no SSL pointer set."); } } +#endif long wolfSSL_BIO_set_ssl(WOLFSSL_BIO* b, WOLFSSL* ssl, int closeF) { diff --git a/src/internal.c b/src/internal.c index 046a88678..5b69bae1d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -191,7 +191,7 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #else #define SSL_TICKET_CTX(ssl) ssl->ctx->ticketEncCtx #endif - #if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) + #if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_TLS) static int TicketEncCbCtx_Init(WOLFSSL_CTX* ctx, TicketEncCbCtx* keyCtx); static void TicketEncCbCtx_Free(TicketEncCbCtx* keyCtx); @@ -2493,7 +2493,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) #endif /* HAVE_EXTENDED_MASTER && !NO_WOLFSSL_CLIENT */ #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) -#ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_TLS) ret = TicketEncCbCtx_Init(ctx, &ctx->ticketKeyCtx); if (ret != 0) return ret; ctx->ticketEncCb = DefTicketEncCb; @@ -2614,7 +2614,9 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx) wolfEventQueue_Free(&ctx->event_queue); #endif /* HAVE_WOLF_EVENT */ +#ifndef NO_TLS /* its a static global see ssl.c "gNoTlsMethod" */ XFREE(ctx->method, heapAtCTXInit, DYNAMIC_TYPE_METHOD); +#endif ctx->method = NULL; XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES); @@ -2796,7 +2798,7 @@ void FreeSSL_Ctx(WOLFSSL_CTX* ctx) SSL_CtxResourceFree(ctx); #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ - !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) + !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_TLS) TicketEncCbCtx_Free(&ctx->ticketKeyCtx); #endif wolfSSL_RefFree(&ctx->ref); @@ -8217,10 +8219,12 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl) XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA); Renesas_cmn_Cleanup(ssl); #endif +#ifndef NO_TLS if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, FORCED_FREE); if (ssl->buffers.outputBuffer.dynamicFlag) ShrinkOutputBuffer(ssl); +#endif #ifdef WOLFSSL_THREADED_CRYPT { int i; @@ -8540,9 +8544,11 @@ void FreeHandshakeResources(WOLFSSL* ssl) } #endif +#ifndef NO_TLS /* input buffer */ if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, NO_FORCED_FREE); +#endif #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) if (!ssl->options.tls1_3) @@ -9993,6 +9999,8 @@ ProtocolVersion MakeDTLSv1_3(void) */ #endif /* !NO_ASN_TIME */ + +#ifndef NO_TLS #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \ @@ -11896,14 +11904,9 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) if (ssl == NULL) return BAD_FUNC_ARG; -#ifndef NO_TLS if (ssl->options.tls) { ret = BuildTlsFinished(ssl, hashes, sender); } -#else - (void)hashes; - (void)sender; -#endif #ifndef NO_OLD_TLS if (!ssl->options.tls) { ret = BuildMD5(ssl, hashes, sender); @@ -11927,6 +11930,8 @@ int CipherRequires(byte first, byte second, int requirement) { (void)requirement; + (void)first; + (void)second; #ifndef WOLFSSL_NO_TLS12 @@ -12568,7 +12573,7 @@ int CipherRequires(byte first, byte second, int requirement) } #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ - +#endif /* !NO_TLS */ #ifndef NO_CERTS @@ -13497,8 +13502,8 @@ int CopyDecodedAcertToX509(WOLFSSL_X509_ACERT* x509, DecodedAcert* dAcert) #endif /* WOLFSSL_ACERT */ -#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ - (defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && !defined(WOLFSSL_NO_TLS12)) +#if (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \ + defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)) && !defined(WOLFSSL_NO_TLS12) static int ProcessCSR_ex(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 status_length, int idx) { @@ -13694,7 +13699,6 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx) #endif /* HAVE_PK_CALLBACKS */ - #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) void DoCertFatalAlert(WOLFSSL* ssl, int ret) { @@ -13737,12 +13741,15 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret) } } +#ifndef NO_TLS /* send fatal alert and mark connection closed */ SendAlert(ssl, alert_fatal, alertWhy); /* try to send */ +#else + (void)alertWhy; +#endif ssl->options.isClosed = 1; } - int SetupStoreCtxCallback(WOLFSSL_X509_STORE_CTX** store_pt, WOLFSSL* ssl, WOLFSSL_CERT_MANAGER* cm, ProcPeerCertArgs* args, int cert_err, void* heap, int* x509Free) @@ -18626,6 +18633,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, } #endif /* WOLFSSL_DTLS13 */ +#ifndef NO_TLS #ifndef WOLFSSL_NO_TLS12 #ifdef HAVE_AEAD @@ -22911,11 +22919,12 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, (void)epochOrder; -#ifndef NO_TLS #if defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_TLS13) + /* TLS v1.3 only */ return BuildTls13Message(ssl, output, outSz, input, inSz, type, hashOutput, sizeOnly, asyncOkay); #else + /* TLS v1.2 or v1.3 */ #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) { return BuildTls13Message(ssl, output, outSz, input, inSz, type, @@ -22923,6 +22932,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, } #endif +#ifndef WOLFSSL_NO_TLS12 #ifdef WOLFSSL_ASYNC_CRYPT ret = WC_NO_PENDING_E; if (asyncOkay) { @@ -23435,9 +23445,7 @@ exit_buildmsg: /* Final cleanup */ FreeBuildMsgArgs(ssl, args); - return ret; -#endif /* !WOLFSSL_NO_TLS12 */ #else (void)outSz; (void)inSz; @@ -23445,8 +23453,8 @@ exit_buildmsg: (void)hashOutput; (void)asyncOkay; return NOT_COMPILED_IN; -#endif /* NO_TLS */ - +#endif /* !WOLFSSL_NO_TLS12 */ +#endif } #ifndef WOLFSSL_NO_TLS12 @@ -23612,6 +23620,7 @@ int SendFinished(WOLFSSL* ssl) return ret; } #endif /* WOLFSSL_NO_TLS12 */ +#endif /* !NO_TLS */ #ifndef NO_WOLFSSL_SERVER #if (!defined(WOLFSSL_NO_TLS12) && \ @@ -24802,6 +24811,8 @@ int SendAsyncData(WOLFSSL* ssl) } #endif +#ifndef NO_TLS + /** * ssl_in_handshake(): * Invoked in wolfSSL_read/wolfSSL_write to check if wolfSSL_negotiate() is @@ -25592,8 +25603,11 @@ static int SendAlert_ex(WOLFSSL* ssl, int severity, int type) return ret; } +#endif /* !NO_TLS */ + int RetrySendAlert(WOLFSSL* ssl) { + int ret = 0; int type; int severity; WOLFSSL_ENTER("RetrySendAlert"); @@ -25611,12 +25625,18 @@ int RetrySendAlert(WOLFSSL* ssl) ssl->pendingAlert.code = 0; ssl->pendingAlert.level = alert_none; - return SendAlert_ex(ssl, severity, type); +#ifndef NO_TLS + ret = SendAlert_ex(ssl, severity, type); +#else + (void)type; +#endif + return ret; } /* send alert message */ int SendAlert(WOLFSSL* ssl, int severity, int type) { + int ret = 0; WOLFSSL_ENTER("SendAlert"); if (ssl == NULL) { @@ -25624,7 +25644,7 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) } if (ssl->pendingAlert.level != alert_none) { - int ret = RetrySendAlert(ssl); + ret = RetrySendAlert(ssl); if (ret != 0) { if (ssl->pendingAlert.level == alert_none || (ssl->pendingAlert.level != alert_fatal && @@ -25637,10 +25657,13 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) return ret; } } - - return SendAlert_ex(ssl, severity, type); +#ifndef NO_TLS + ret = SendAlert_ex(ssl, severity, type); +#endif /* !NO_TLS */ + return ret; } + #ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H #include #endif @@ -29879,7 +29902,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, #endif /* !WOLFSSL_NO_TLS12 */ /* client only parts */ -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) int HaveUniqueSessionObj(WOLFSSL* ssl) { @@ -34378,7 +34401,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* HAVE_SESSION_TICKET */ -#endif /* NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ +/* end client only parts */ + #ifndef NO_CERTS @@ -34557,7 +34582,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return MATCH_SUITE_ERROR; } -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #ifndef WOLFSSL_NO_TLS12 @@ -39267,7 +39292,7 @@ cleanup: return ret; } -#ifndef WOLFSSL_NO_DEF_TICKET_ENC_CB +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_TLS) /* Initialize the context for session ticket encryption. * @@ -41380,7 +41405,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], } #endif /* HAVE_SNI */ -#endif /* NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ #ifdef WOLFSSL_ASYNC_CRYPT diff --git a/src/keys.c b/src/keys.c index 693e6b133..4ff687ed9 100644 --- a/src/keys.c +++ b/src/keys.c @@ -28,7 +28,7 @@ #include -#ifndef WOLFCRYPT_ONLY +#if !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) #include #include @@ -4109,4 +4109,4 @@ int MakeMasterSecret(WOLFSSL* ssl) #endif } -#endif /* WOLFCRYPT_ONLY */ +#endif /* !WOLFCRYPT_ONLY && !NO_TLS */ diff --git a/src/ssl.c b/src/ssl.c index 567b25ddb..a848b8b5c 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1040,6 +1040,10 @@ static WC_THREADSHARED wolfSSL_Mutex inits_count_mutex static WC_THREADSHARED volatile int inits_count_mutex_valid = 0; #endif +#ifdef NO_TLS +static const WOLFSSL_METHOD gNoTlsMethod; +#endif + /* Create a new WOLFSSL_CTX struct and return the pointer to created struct. WOLFSSL_METHOD pointer passed in is given to ctx to manage. This function frees the passed in WOLFSSL_METHOD struct on failure and on @@ -1062,8 +1066,13 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap) } } +#ifndef NO_TLS if (method == NULL) return ctx; +#else + /* a blank TLS method */ + method = (WOLFSSL_METHOD*)&gNoTlsMethod; +#endif ctx = (WOLFSSL_CTX*)XMALLOC(sizeof(WOLFSSL_CTX), heap, DYNAMIC_TYPE_CTX); if (ctx) { @@ -2432,7 +2441,7 @@ int wolfSSL_mcast_set_highwater_ctx(WOLFSSL* ssl, void* ctx) #endif /* WOLFSSL_LEANPSK */ - +#ifndef NO_TLS /* return underlying connect or accept, WOLFSSL_SUCCESS on ok */ int wolfSSL_negotiate(WOLFSSL* ssl) { @@ -2471,7 +2480,7 @@ int wolfSSL_negotiate(WOLFSSL* ssl) return err; } - +#endif /* !NO_TLS */ WOLFSSL_ABI WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl) @@ -2652,7 +2661,7 @@ int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, WOLFSSL_MEM_STATS* mem_stats) #endif /* WOLFSSL_STATIC_MEMORY */ - +#ifndef NO_TLS /* return max record layer size plaintext input size */ int wolfSSL_GetMaxOutputSize(WOLFSSL* ssl) { @@ -3012,7 +3021,7 @@ int wolfSSL_mcast_read(WOLFSSL* ssl, word16* id, void* data, int sz) } #endif /* WOLFSSL_MULTICAST */ - +#endif /* !NO_TLS */ /* helpers to set the device id, WOLFSSL_SUCCESS on ok */ WOLFSSL_ABI @@ -3059,6 +3068,7 @@ void* wolfSSL_CTX_GetHeap(WOLFSSL_CTX* ctx, WOLFSSL* ssl) } +#ifndef NO_TLS #ifdef HAVE_SNI WOLFSSL_ABI @@ -3124,7 +3134,7 @@ int wolfSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, return BAD_FUNC_ARG; } -#endif /* NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER */ #endif /* HAVE_SNI */ @@ -4126,7 +4136,7 @@ int wolfSSL_shutdown(WOLFSSL* ssl) return ret; } - +#endif /* !NO_TLS */ /* get current error state value */ int wolfSSL_state(WOLFSSL* ssl) @@ -4203,7 +4213,6 @@ int wolfSSL_want_read(WOLFSSL* ssl) return 0; } - /* return TRUE if current error is want write */ int wolfSSL_want_write(WOLFSSL* ssl) { @@ -4214,7 +4223,6 @@ int wolfSSL_want_write(WOLFSSL* ssl) return 0; } - char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data) { WOLFSSL_ENTER("wolfSSL_ERR_error_string"); @@ -4749,7 +4757,7 @@ int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX* ctx) #endif -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) /* connect enough to get peer cert chain */ int wolfSSL_connect_cert(WOLFSSL* ssl) { @@ -4783,9 +4791,7 @@ int wolfSSL_set_group_messages(WOLFSSL* ssl) /* make minVersion the internal equivalent SSL version */ static int SetMinVersionHelper(byte* minVersion, int version) { -#ifdef NO_TLS (void)minVersion; -#endif switch (version) { #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) @@ -9298,7 +9304,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, /* EITHER SIDE METHODS */ -#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE) +#if !defined(NO_TLS) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) WOLFSSL_METHOD* wolfSSLv23_method(void) { return wolfSSLv23_method_ex(NULL); @@ -9344,10 +9350,10 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } #endif #endif -#endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ +#endif /* !NO_TLS && (OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE) */ /* client only parts */ -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) #if defined(OPENSSL_EXTRA) && !defined(NO_OLD_TLS) WOLFSSL_METHOD* wolfSSLv2_client_method(void) @@ -9847,11 +9853,11 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS || !WOLFSSL_TLS13 */ } -#endif /* NO_WOLFSSL_CLIENT */ - +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ +/* end client only parts */ /* server only parts */ -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #if defined(OPENSSL_EXTRA) && !defined(NO_OLD_TLS) WOLFSSL_METHOD* wolfSSLv2_server_method(void) @@ -10388,7 +10394,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif /* !WOLFSSL_NO_TLS12 */ } -#endif /* NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ +/* end server only parts */ + #if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER) int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx) @@ -10632,7 +10640,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #ifndef USE_WINDOWS_API - #ifndef NO_WRITEV + #if !defined(NO_WRITEV) && !defined(NO_TLS) /* simulate writev semantics, doesn't actually do block at a time though because of SSL_write behavior and because front adds may be small */ @@ -11398,6 +11406,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) } return WOLFSSL_FAILURE; } + +#ifndef NO_TLS WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first, byte second) { @@ -11413,6 +11423,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) info.psk = (byte)CipherRequires(first, second, REQUIRES_PSK); return info; } +#endif /** * @param first First byte of the hash and signature algorithm @@ -15842,6 +15853,7 @@ int wolfSSL_ERR_GET_REASON(unsigned long err) return ret; } +#ifndef NO_TLS /* returns a string that describes the alert * * alertID the alert value to look up @@ -15853,13 +15865,13 @@ const char* wolfSSL_alert_type_string_long(int alertID) return AlertTypeToString(alertID); } - const char* wolfSSL_alert_desc_string_long(int alertID) { WOLFSSL_ENTER("wolfSSL_alert_desc_string_long"); return AlertTypeToString(alertID); } +#endif /* !NO_TLS */ #define STATE_STRINGS_PROTO(s) \ { \ @@ -16652,7 +16664,7 @@ long wolfSSL_set_tlsext_status_ocsp_resp(WOLFSSL *s, unsigned char *resp, #endif /* HAVE_OCSP */ #ifdef HAVE_MAX_FRAGMENT -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) /** * Set max fragment tls extension * @param c a pointer to WOLFSSL_CTX object @@ -16680,7 +16692,7 @@ int wolfSSL_set_tlsext_max_fragment_length(WOLFSSL *s, unsigned char mode) return wolfSSL_UseMaxFragment(s, mode); } -#endif /* NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ #endif /* HAVE_MAX_FRAGMENT */ #endif /* OPENSSL_EXTRA */ @@ -21306,6 +21318,7 @@ WOLFSSL_BIO *wolfSSL_SSL_get_wbio(const WOLFSSL *s) } #endif /* !NO_BIO */ +#ifndef NO_TLS int wolfSSL_SSL_do_handshake_internal(WOLFSSL *s) { WOLFSSL_ENTER("wolfSSL_SSL_do_handshake_internal"); @@ -21339,6 +21352,7 @@ int wolfSSL_SSL_do_handshake(WOLFSSL *s) #endif return wolfSSL_SSL_do_handshake_internal(s); } +#endif /* !NO_TLS */ #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L int wolfSSL_SSL_in_init(const WOLFSSL *ssl) @@ -22194,7 +22208,7 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names, else { disabled &= ~(1U << curve); } - #ifdef HAVE_SUPPORTED_CURVES + #if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_TLS) #if !defined(WOLFSSL_OLD_SET_CURVES_LIST) /* using the wolfSSL API to set the groups, this will populate * (ssl|ctx)->groups and reset any TLSX_SUPPORTED_GROUPS. @@ -22217,7 +22231,7 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names, goto leave; } #endif - #endif /* HAVE_SUPPORTED_CURVES */ + #endif /* HAVE_SUPPORTED_CURVES && !NO_TLS */ } if (ssl != NULL) @@ -22256,6 +22270,7 @@ int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names) #endif /* (HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448) */ #endif /* OPENSSL_EXTRA || HAVE_CURL */ + #ifdef OPENSSL_EXTRA /* Sets a callback for when sending and receiving protocol messages. * This callback is copied to all WOLFSSL objects created from the ctx. diff --git a/src/ssl_certman.c b/src/ssl_certman.c index 55f3c7be4..77a341132 100644 --- a/src/ssl_certman.c +++ b/src/ssl_certman.c @@ -75,6 +75,7 @@ static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void* heap) #else return NULL; #endif + (void)heap; } /* Create a new certificate manager with a heap hint. diff --git a/src/ssl_sess.c b/src/ssl_sess.c index 35a307abd..1471b9d61 100644 --- a/src/ssl_sess.c +++ b/src/ssl_sess.c @@ -871,7 +871,7 @@ int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to) return WOLFSSL_SUCCESS; } - +#ifndef NO_TLS /** * Sets ctx session timeout in seconds. * The timeout value set here should be reflected in the @@ -932,7 +932,7 @@ int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to) return ret; #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ } - +#endif /* !NO_TLS */ #ifndef NO_CLIENT_CACHE diff --git a/src/tls.c b/src/tls.c index 7618c696b..2bc19532b 100644 --- a/src/tls.c +++ b/src/tls.c @@ -13607,7 +13607,8 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) return ret; #endif /* HAVE_RPK */ -#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) +#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) && \ + !defined(WOLFSSL_NO_TLS12) if (!ssl->options.disallowEncThenMac) { ret = TLSX_EncryptThenMac_Use(ssl); if (ret != 0) @@ -15681,7 +15682,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, #elif defined(WOLFSSL_ALLOW_TLSV10) InitSSL_Method(method, MakeTLSv1()); #else - #error No TLS version enabled! + #error No TLS version enabled! Consider using NO_TLS or WOLFCRYPT_ONLY. #endif method->downgrade = 1; @@ -16056,7 +16057,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, #elif defined(WOLFSSL_ALLOW_TLSV10) InitSSL_Method(method, MakeTLSv1()); #else - #error No TLS version enabled! + #error No TLS version enabled! Consider using NO_TLS or WOLFCRYPT_ONLY. #endif method->downgrade = 1; diff --git a/tests/api.c b/tests/api.c index dfbf95339..ef5d8ad3b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -288,21 +288,22 @@ -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_RSA) && !defined(SINGLE_THREADED) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) #define HAVE_IO_TESTS_DEPENDENCIES #endif -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ !defined(WOLFSSL_TIRTOS) #define HAVE_SSL_MEMIO_TESTS_DEPENDENCIES #endif #if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ - !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ - !defined(WOLFSSL_NO_CLIENT_AUTH)) + !defined(NO_CERTS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) #define HAVE_CERT_CHAIN_VALIDATION #endif @@ -562,7 +563,7 @@ int tmpDirNameSet = 0; #define TEST_RSA_BYTES (TEST_RSA_BITS/8) #endif /* !NO_RSA */ -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ (!defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)) static const char* bogusFile = #ifdef _WIN32 @@ -586,7 +587,8 @@ static int testDevId = INVALID_DEVID; #endif #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) + !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)) /* This set of memio functions allows for more fine tuned control of the TLS * connection operations. For new tests, try to use ssl_memio first. */ @@ -1128,6 +1130,7 @@ static int test_wolfSSL_Method_Allocators(void) #define TEST_INVALID_METHOD_ALLOCATOR(a) \ TEST_METHOD_ALLOCATOR(a, ExpectNull) +#ifndef NO_TLS #ifndef NO_OLD_TLS #ifdef WOLFSSL_ALLOW_SSLV3 #ifndef NO_WOLFSSL_SERVER @@ -1235,7 +1238,7 @@ static int test_wolfSSL_Method_Allocators(void) #endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS */ #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ - +#endif /* !NO_TLS */ return EXPECT_RESULT(); } @@ -1608,7 +1611,7 @@ static int test_dual_alg_support(void) /*----------------------------------------------------------------------------* | Context *----------------------------------------------------------------------------*/ -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) static int test_wolfSSL_CTX_new(void) { EXPECT_DECLS; @@ -1627,6 +1630,7 @@ static int test_wolfSSL_CTX_new(void) #endif #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ + !defined(NO_TLS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) static int test_for_double_Free(void) { @@ -1788,7 +1792,8 @@ static int test_wolfSSL_CTX_set_cipher_list_bytes(void) EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ - (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) + (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) && \ + !defined(NO_TLS) const char* testCertFile; const char* testKeyFile; WOLFSSL_CTX* ctx = NULL; @@ -1988,7 +1993,8 @@ static int test_wolfSSL_CTX_use_certificate(void) defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \ defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \ defined(WOLFSSL_HAPROXY) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; X509* x509 = NULL; @@ -2009,7 +2015,7 @@ static int test_wolfSSL_CTX_use_certificate(void) wolfSSL_X509_free(x509); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ +#endif /* !NO_TLS && (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) */ #endif return EXPECT_RESULT(); } @@ -2017,7 +2023,8 @@ static int test_wolfSSL_CTX_use_certificate(void) static int test_wolfSSL_CTX_use_certificate_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2051,7 +2058,8 @@ static int test_wolfSSL_CTX_use_certificate_file(void) static int test_wolfSSL_CTX_use_certificate_ASN1(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN) +#if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN) && \ + !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2083,8 +2091,8 @@ static int test_wolfSSL_CTX_use_certificate_ASN1(void) static int test_wolfSSL_CTX_use_certificate_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \ - !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \ + defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) WOLFSSL_CTX* ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2112,8 +2120,8 @@ static int test_wolfSSL_CTX_use_certificate_buffer(void) static int test_wolfSSL_use_certificate_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \ - !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) && \ + defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -2143,7 +2151,8 @@ static int test_wolfSSL_use_certificate_buffer(void) static int test_wolfSSL_CTX_use_PrivateKey_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2176,7 +2185,7 @@ static int test_wolfSSL_CTX_use_PrivateKey_file(void) static int test_wolfSSL_CTX_use_RSAPrivateKey_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_WOLFSSL_SERVER) && defined(OPENSSL_EXTRA) WOLFSSL_CTX *ctx = NULL; @@ -2211,7 +2220,7 @@ static int test_wolfSSL_CTX_use_RSAPrivateKey_file(void) static int test_wolfSSL_use_RSAPrivateKey_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_WOLFSSL_CLIENT) && defined(OPENSSL_EXTRA) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -2249,7 +2258,7 @@ static int test_wolfSSL_use_RSAPrivateKey_file(void) static int test_wolfSSL_CTX_use_PrivateKey(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_WOLFSSL_SERVER) && defined(OPENSSL_EXTRA) WOLFSSL_CTX *ctx = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; @@ -2332,7 +2341,7 @@ static int test_wolfSSL_CTX_trust_peer_cert(void) { EXPECT_DECLS; #if !defined(NO_CERTS) && defined(WOLFSSL_TRUST_PEER_CERT) && \ - !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) + !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) WOLFSSL_CTX *ctx = NULL; WOLFSSL* ssl = NULL; @@ -2405,7 +2414,8 @@ static int test_wolfSSL_CTX_trust_peer_cert(void) static int test_wolfSSL_CTX_load_verify_locations(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = NULL; #ifndef NO_RSA WOLFSSL_CERT_MANAGER* cm = NULL; @@ -2632,7 +2642,7 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void) { int res = TEST_SKIPPED; #if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) && \ - (!defined(NO_RSA) || defined(HAVE_ECC)) + !defined(NO_TLS) && (!defined(NO_RSA) || defined(HAVE_ECC)) WOLFSSL_CTX* ctx; byte dirValid = 0; int ret = 0; @@ -2695,7 +2705,7 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void) return res; } -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz, int file_type) { @@ -3011,7 +3021,7 @@ static int test_wolfSSL_CertManagerAPI(void) static int test_wolfSSL_CertManagerLoadCABuffer(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; int ret; @@ -3043,7 +3053,7 @@ static int test_wolfSSL_CertManagerLoadCABuffer(void) static int test_wolfSSL_CertManagerLoadCABuffer_ex(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; int ret; @@ -3150,7 +3160,7 @@ static int test_wolfSSL_CertManagerGetCerts(void) static int test_wolfSSL_CertManagerSetVerify(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) WOLFSSL_CERT_MANAGER* cm = NULL; @@ -4866,8 +4876,8 @@ static int test_wolfSSL_CertRsaPss(void) static int test_wolfSSL_CTX_load_verify_locations_ex(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) WOLFSSL_CTX* ctx = NULL; const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; @@ -4899,8 +4909,9 @@ static int test_wolfSSL_CTX_load_verify_locations_ex(void) static int test_wolfSSL_CTX_load_verify_buffer_ex(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx; const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der"; byte ca_expired_cert[TWOK_BUF]; @@ -4958,7 +4969,6 @@ static int test_wolfSSL_CTX_load_verify_buffer_ex(void) WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WC_NO_ERR_TRACE(ASN_PARSE_E)); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); @@ -4969,6 +4979,7 @@ static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void) EXPECT_DECLS; #if !defined(NO_CERTS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) && \ defined(USE_CERT_BUFFERS_2048) && (WOLFSSL_MIN_RSA_BITS <= 1024) && \ + !defined(NO_TLS) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; @@ -4993,7 +5004,8 @@ static int test_wolfSSL_CTX_add1_chain_cert(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(OPENSSL_EXTRA) && \ - defined(KEEP_OUR_CERT) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) + defined(KEEP_OUR_CERT) && !defined(NO_RSA) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx; WOLFSSL* ssl = NULL; const char *certChain[] = { @@ -5071,33 +5083,34 @@ static int test_wolfSSL_CTX_add1_chain_cert(void) static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) && defined(USE_CERT_BUFFERS_2048) +#if !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) && \ + (!defined(NO_FILESYSTEM) || defined(USE_CERT_BUFFERS_2048)) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; +#ifndef NO_FILESYSTEM const char* cert = "./certs/server-cert.pem"; unsigned char* buf = NULL; size_t len = 0; ExpectIntEQ(load_file(cert, &buf, &len), 0); +#endif ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* Invalid parameters. */ +#ifndef NO_FILESYSTEM ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL, NULL, 0, WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, NULL, 0, WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(ASN_PARSE_E)); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL, - server_cert_der_2048, sizeof_server_cert_der_2048, - WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, NULL, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, NULL, 0), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf, (sword32)len), - WC_NO_ERR_TRACE(BAD_FUNC_ARG)); + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf, + (sword32)len), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, NULL, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, NULL, 0), @@ -5105,28 +5118,38 @@ static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void) ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, buf, (sword32)len), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, - server_cert_der_2048, sizeof_server_cert_der_2048, - WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buf, (sword32)len, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, buf, (sword32)len), WOLFSSL_SUCCESS); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, - server_cert_der_2048, sizeof_server_cert_der_2048), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, buf, (sword32)len), WOLFSSL_SUCCESS); +#endif /* !NO_FILESYSTEM */ + + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); + + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); + + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, + server_cert_der_2048, sizeof_server_cert_der_2048), + WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); + ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, server_cert_der_2048, sizeof_server_cert_der_2048), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); +#ifndef NO_FILESYSTEM if (buf != NULL) { free(buf); } +#endif #endif return EXPECT_RESULT(); } @@ -5134,7 +5157,8 @@ static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void) static int test_wolfSSL_CTX_use_certificate_chain_file_format(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) const char* server_chain_der = "./certs/server-cert-chain.der"; const char* client_single_pem = "./certs/client-cert.pem"; @@ -5163,8 +5187,8 @@ static int test_wolfSSL_CTX_use_certificate_chain_file_format(void) static int test_wolfSSL_use_certificate_chain_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) const char* server_chain_der = "./certs/server-cert-chain.der"; const char* client_single_pem = "./certs/client-cert.pem"; WOLFSSL_CTX* ctx = NULL; @@ -5207,7 +5231,8 @@ static int test_wolfSSL_use_certificate_chain_file(void) static int test_wolfSSL_CTX_SetTmpDH_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; #if defined(WOLFSSL_WPAS) && !defined(NO_DSA) @@ -5249,7 +5274,7 @@ static int test_wolfSSL_CTX_SetTmpDH_file(void) static int test_wolfSSL_CTX_SetTmpDH_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && \ +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; @@ -5291,7 +5316,7 @@ static int test_wolfSSL_CTX_SetTmpDH_buffer(void) static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && \ +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx; @@ -5336,6 +5361,7 @@ static int test_wolfSSL_CTX_der_load_verify_locations(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_DER_LOAD) && \ + !defined(NO_TLS) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; const char* derCert = "./certs/server-cert.der"; @@ -5380,7 +5406,7 @@ static int test_wolfSSL_CTX_der_load_verify_locations(void) static int test_wolfSSL_CTX_enable_disable(void) { EXPECT_DECLS; -#ifndef NO_CERTS +#if !defined(NO_CERTS) && !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; #ifdef HAVE_CRL @@ -5442,7 +5468,7 @@ static int test_wolfSSL_CTX_enable_disable(void) #endif wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ -#endif /* NO_CERTS */ +#endif /* !NO_CERTS && !NO_CERTS */ return EXPECT_RESULT(); } @@ -5450,7 +5476,8 @@ static int test_wolfSSL_CTX_enable_disable(void) static int test_wolfSSL_CTX_ticket_API(void) { EXPECT_DECLS; -#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; void *userCtx = (void*)"this is my ctx"; @@ -5463,14 +5490,14 @@ static int test_wolfSSL_CTX_ticket_API(void) ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(NULL, userCtx)); ExpectNull(wolfSSL_CTX_get_TicketEncCtx(NULL)); -#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */ +#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER && !NO_TLS */ return EXPECT_RESULT(); } static int test_wolfSSL_set_minmax_proto_version(void) { EXPECT_DECLS; -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) && !defined(NO_TLS) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; @@ -5565,8 +5592,9 @@ static int test_wolfSSL_CTX_set_max_proto_version(void) static int test_server_wolfSSL_new(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) && !defined(NO_RSA) + WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx_nocert = NULL; WOLFSSL *ssl = NULL; @@ -5601,8 +5629,9 @@ static int test_server_wolfSSL_new(void) static int test_client_wolfSSL_new(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) + WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx_nocert = NULL; WOLFSSL *ssl = NULL; @@ -5634,8 +5663,9 @@ static int test_client_wolfSSL_new(void) static int test_wolfSSL_SetTmpDH_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \ - !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) && !defined(NO_DH) + WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; const char* dhX942ParamFile = "./certs/x942dh2048.pem"; @@ -5697,7 +5727,8 @@ static int test_wolfSSL_SetTmpDH_file(void) static int test_wolfSSL_SetTmpDH_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_DH) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; @@ -5734,7 +5765,8 @@ static int test_wolfSSL_SetTmpDH_buffer(void) static int test_wolfSSL_SetMinMaxDhKey_Sz(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_DH) WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx2 = NULL; WOLFSSL *ssl = NULL; @@ -5793,7 +5825,7 @@ static int test_wolfSSL_SetMinMaxDhKey_Sz(void) static int test_wolfSSL_SetMinVersion(void) { int res = TEST_SKIPPED; -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) int failFlag = WOLFSSL_SUCCESS; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -11910,7 +11942,8 @@ static int test_wolfSSL_UseTrustedCA(void) EXPECT_DECLS; #if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \ && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; byte id[20]; @@ -11952,7 +11985,7 @@ static int test_wolfSSL_UseTrustedCA(void) wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ +#endif /* !NO_TLS && (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) */ #endif /* HAVE_TRUSTED_CA */ return EXPECT_RESULT(); } @@ -11963,7 +11996,8 @@ static int test_wolfSSL_UseMaxFragment(void) #if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) #ifndef NO_WOLFSSL_SERVER WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); #else @@ -12063,7 +12097,7 @@ static int test_wolfSSL_UseMaxFragment(void) wolfSSL_CTX_free(ctx_s); } #endif -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ +#endif /* !NO_TLS && (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) */ #endif return EXPECT_RESULT(); } @@ -12071,7 +12105,7 @@ static int test_wolfSSL_UseMaxFragment(void) static int test_wolfSSL_UseTruncatedHMAC(void) { EXPECT_DECLS; -#if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && \ +#if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) #ifndef NO_WOLFSSL_SERVER @@ -12592,7 +12626,8 @@ static int test_wolfSSL_set_alpn_protos(void) static int test_wolfSSL_DisableExtendedMasterSecret(void) { EXPECT_DECLS; -#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) +#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); @@ -12616,7 +12651,8 @@ static int test_wolfSSL_DisableExtendedMasterSecret(void) static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void) { EXPECT_DECLS; -#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT) +#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); @@ -12687,8 +12723,8 @@ static int test_wolfSSL_SCR_Reconnect(void) return EXPECT_RESULT(); } -#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \ - (!defined(NO_RSA) || defined(HAVE_ECC)) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \ + !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC)) /* Called when writing. */ static int DummySend(WOLFSSL* ssl, char* buf, int sz, void* ctx) { @@ -12728,8 +12764,8 @@ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx) static int test_tls_ext_duplicate(void) { EXPECT_DECLS; -#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \ - !defined(NO_FILESYSTEM) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \ + !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC)) const unsigned char clientHelloDupTlsExt[] = { 0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00, 0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe, @@ -12874,7 +12910,7 @@ static int test_wolfSSL_PKCS12(void) * Password Key */ #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \ - !defined(NO_STDIO_FILESYSTEM) && \ + !defined(NO_STDIO_FILESYSTEM) && !defined(NO_TLS) && \ !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \ !defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO) byte buf[6000]; @@ -13273,8 +13309,8 @@ static int test_wolfSSL_PKCS12(void) #define TEST_PKCS8_ENC #endif -#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \ - && defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) +#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \ + defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_TLS) /* used to keep track if FailTestCallback was called */ static int failTestCallbackCalled = 0; @@ -13296,8 +13332,8 @@ static WC_INLINE int FailTestCallBack(char* passwd, int sz, int rw, void* userda static int test_wolfSSL_no_password_cb(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \ - && defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) +#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \ + defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; byte buff[FOURK_BUF]; const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der"; @@ -13338,7 +13374,7 @@ static int test_wolfSSL_no_password_cb(void) return EXPECT_RESULT(); } -#ifdef TEST_PKCS8_ENC +#if defined(TEST_PKCS8_ENC) && !defined(NO_TLS) /* for PKCS8 test case */ static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata) { @@ -13360,14 +13396,15 @@ static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata) return BAD_FUNC_ARG; } } -#endif /* TEST_PKCS8_ENC */ +#endif /* TEST_PKCS8_ENC && !NO_TLS */ /* Testing functions dealing with PKCS8 */ static int test_wolfSSL_PKCS8(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \ - !defined(WOLFCRYPT_ONLY) + !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && \ + (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) byte buff[FOURK_BUF]; byte der[FOURK_BUF]; @@ -13590,13 +13627,17 @@ static int test_wolfSSL_PKCS8_ED25519(void) "-----END ENCRYPTED PRIVATE KEY-----\n"; const char password[] = "abcdefghijklmnopqrstuvwxyz"; byte der[FOURK_BUF]; +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; +#endif int bytes; XMEMSET(der, 0, sizeof(der)); ExpectIntGT((bytes = wc_KeyPemToDer(encPrivKey, sizeof(encPrivKey), der, (word32)sizeof(der), password)), 0); -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else @@ -13606,7 +13647,7 @@ static int test_wolfSSL_PKCS8_ED25519(void) WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ +#endif /* !NO_TLS && (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) */ #endif return EXPECT_RESULT(); } @@ -13626,13 +13667,17 @@ static int test_wolfSSL_PKCS8_ED448(void) "-----END ENCRYPTED PRIVATE KEY-----\n"; const char password[] = "abcdefghijklmnopqrstuvwxyz"; byte der[FOURK_BUF]; +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; +#endif int bytes; XMEMSET(der, 0, sizeof(der)); ExpectIntGT((bytes = wc_KeyPemToDer(encPrivKey, sizeof(encPrivKey), der, (word32)sizeof(der), password)), 0); -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) #ifndef NO_WOLFSSL_SERVER ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); #else @@ -13642,7 +13687,7 @@ static int test_wolfSSL_PKCS8_ED448(void) WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ +#endif /* !NO_TLS && (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) */ #endif return EXPECT_RESULT(); } @@ -14483,7 +14528,7 @@ static int test_wolfSSL_X509_TLS_version_test_2(void) static int test_wolfSSL_CTX_SetMinVersion(void) { int res = TEST_SKIPPED; -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) int failFlag = WOLFSSL_SUCCESS; WOLFSSL_CTX* ctx; int itr; @@ -14535,7 +14580,7 @@ static int test_wolfSSL_UseOCSPStapling(void) { EXPECT_DECLS; #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP) && \ - !defined(NO_WOLFSSL_CLIENT) + !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -14580,7 +14625,7 @@ static int test_wolfSSL_UseOCSPStaplingV2(void) { EXPECT_DECLS; #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP) && \ - !defined(NO_WOLFSSL_CLIENT) + !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -56713,7 +56758,7 @@ static int test_wolfSSL_certs(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ - !defined(NO_RSA) + !defined(NO_TLS) && !defined(NO_RSA) X509* x509ext = NULL; X509* x509 = NULL; #ifdef OPENSSL_ALL @@ -57148,7 +57193,7 @@ static int test_wolfSSL_X509_check_private_key(void) static int test_wolfSSL_private_keys(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_FILESYSTEM) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) WOLFSSL* ssl = NULL; @@ -57967,7 +58012,7 @@ static int test_wolfSSL_PEM_PrivateKey_dh(void) static int test_wolfSSL_PEM_PrivateKey(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_TLS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048) #ifndef NO_BIO BIO* bio = NULL; @@ -58021,9 +58066,9 @@ static int test_wolfSSL_PEM_PrivateKey(void) #endif #else #ifndef NO_WOLFSSL_SERVER - ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_server_method())); + ExpectNotNull(ctx = SSL_CTX_new(TLSv1_3_server_method())); #else - ExpectNotNull(ctx = SSL_CTX_new(wolfTLSv1_3_client_method())); + ExpectNotNull(ctx = SSL_CTX_new(TLSv1_3_client_method())); #endif #endif @@ -58635,8 +58680,9 @@ static int test_wolfSSL_tmp_dh(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ - !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) + !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO) && \ + !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) byte buff[6000]; static const unsigned char p[] = { 0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba, @@ -58869,7 +58915,6 @@ static int test_wolfSSL_tmp_dh(void) } #endif SSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } @@ -59633,7 +59678,7 @@ static int test_wolfSSL_EVP_MD_ecc_signing(void) static int test_wolfSSL_CTX_add_extra_chain_cert(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) char caFile[] = "./certs/client-ca.pem"; @@ -61074,7 +61119,8 @@ static int test_wolfSSL_CTX_get0_set1_param(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) SSL_CTX* ctx = NULL; WOLFSSL_X509_VERIFY_PARAM* pParam = NULL; WOLFSSL_X509_VERIFY_PARAM* pvpm = NULL; @@ -61122,8 +61168,8 @@ static int test_wolfSSL_CTX_get0_set1_param(void) static int test_wolfSSL_get0_param(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) SSL_CTX* ctx = NULL; SSL* ssl = NULL; @@ -61141,8 +61187,7 @@ static int test_wolfSSL_get0_param(void) SSL_free(ssl); SSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ -#endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/ +#endif return EXPECT_RESULT(); } @@ -61178,8 +61223,8 @@ static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void) static int test_wolfSSL_set1_host(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) const char host[] = "www.test_wolfSSL_set1_host.com"; const char emptyStr[] = ""; SSL_CTX* ctx = NULL; @@ -61216,8 +61261,7 @@ static int test_wolfSSL_set1_host(void) SSL_free(ssl); SSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ -#endif /* OPENSSL_EXTRA */ +#endif return EXPECT_RESULT(); } @@ -61329,7 +61373,7 @@ static int test_wolfSSL_CTX_set_client_CA_list(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \ - !defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO) + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO) && !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; X509_NAME* name = NULL; @@ -61460,7 +61504,7 @@ static int test_wolfSSL_CTX_add_client_CA(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \ - !defined(NO_WOLFSSL_CLIENT) + !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL_X509* x509 = NULL; WOLFSSL_X509* x509_a = NULL; @@ -62089,8 +62133,9 @@ static int test_wolfSSL_X509_NID(void) static int test_wolfSSL_CTX_set_srp_username(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \ - && !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT) +#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \ + !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char *username = "TESTUSER"; @@ -62123,7 +62168,8 @@ static int test_wolfSSL_CTX_set_srp_password(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \ - !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT) + !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX* ctx = NULL; const char *username = "TESTUSER"; const char *password = "TESTPASSWORD"; @@ -62148,7 +62194,7 @@ static int test_wolfSSL_CTX_set_srp_password(void) static int test_wolfSSL_X509_STORE(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_TLS) X509_STORE *store = NULL; #ifdef HAVE_CRL @@ -62268,7 +62314,8 @@ static int test_wolfSSL_X509_STORE_load_locations(void) { EXPECT_DECLS; #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \ - !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA) + !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA) && \ + !defined(NO_TLS) SSL_CTX *ctx = NULL; X509_STORE *store = NULL; @@ -62334,7 +62381,7 @@ static int test_wolfSSL_X509_STORE_load_locations(void) static int test_X509_STORE_get0_objects(void) { EXPECT_DECLS; -#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \ +#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_TLS) && \ !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA) X509_STORE *store = NULL; X509_STORE *store_cpy = NULL; @@ -63461,7 +63508,7 @@ static int test_wolfSSL_BN_prime(void) return EXPECT_RESULT(); } -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #define TEST_ARG 0x1234 static void msg_cb(int write_p, int version, int content_type, @@ -63637,8 +63684,9 @@ static int test_generate_cookie(void) static int test_wolfSSL_set_options(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_FILESYSTEM) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ + !defined(NO_RSA) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -63758,15 +63806,14 @@ static int test_wolfSSL_set_options(void) wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ -#endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ +#endif return EXPECT_RESULT(); } static int test_wolfSSL_sk_SSL_CIPHER(void) { EXPECT_DECLS; -#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) SSL* ssl = NULL; @@ -63803,8 +63850,8 @@ static int test_wolfSSL_sk_SSL_CIPHER(void) static int test_wolfSSL_set1_curves_list(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) SSL* ssl = NULL; SSL_CTX* ctx = NULL; @@ -63853,7 +63900,6 @@ static int test_wolfSSL_set1_curves_list(void) SSL_free(ssl); SSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } @@ -63956,8 +64002,9 @@ static int test_wolfSSL_curves_mismatch(void) static int test_wolfSSL_set1_sigalgs_list(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) && \ + !defined(NO_TLS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) SSL* ssl = NULL; SSL_CTX* ctx = NULL; @@ -64073,7 +64120,6 @@ static int test_wolfSSL_set1_sigalgs_list(void) SSL_free(ssl); SSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); } @@ -65032,7 +65078,8 @@ static int test_wolfSSL_X509_name_match3(void) static int test_wolfSSL_X509_max_altnames(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) /* Only test if max alt names has not been modified */ #if WOLFSSL_MAX_ALT_NAMES <= 1024 @@ -65060,8 +65107,8 @@ static int test_wolfSSL_X509_max_altnames(void) static int test_wolfSSL_X509_max_name_constraints(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(IGNORE_NAME_CONSTRAINTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && !defined(IGNORE_NAME_CONSTRAINTS) /* Only test if max name constraints has not been modified */ #if WOLFSSL_MAX_NAME_CONSTRAINTS == 128 @@ -70752,7 +70799,8 @@ static int test_wolfSSL_BIO_connect(void) static int test_wolfSSL_BIO_tls(void) { EXPECT_DECLS; -#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) SSL_CTX* ctx = NULL; SSL *ssl = NULL; BIO *readBio = NULL; @@ -72212,7 +72260,7 @@ static int test_wolfSSL_ticket_keys(void) { EXPECT_DECLS; #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ - !defined(NO_WOLFSSL_SERVER) + !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; byte keys[WOLFSSL_TICKET_KEYS_SZ]; @@ -72318,7 +72366,8 @@ defined(OPENSSL_EXTRA) && defined(WOLFSSL_DH_EXTRA) return EXPECT_RESULT(); } -#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) +#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) && \ + !defined(NO_TLS) static int test_wolfSSL_d2i_PrivateKeys_bio(void) { EXPECT_DECLS; @@ -72928,7 +72977,7 @@ static int test_wolfSSL_sk_DIST_POINT(void) static int test_wolfSSL_verify_mode(void) { EXPECT_DECLS; -#if !defined(NO_RSA) && (defined(OPENSSL_ALL) || \ +#if !defined(NO_RSA) && !defined(NO_TLS) && (defined(OPENSSL_ALL) || \ defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \ defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)) WOLFSSL* ssl = NULL; @@ -72992,7 +73041,8 @@ static int test_wolfSSL_verify_mode(void) static int test_wolfSSL_verify_depth(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; long depth = 0; @@ -73023,7 +73073,7 @@ static int test_wolfSSL_verify_result(void) { EXPECT_DECLS; #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ - defined(OPENSSL_ALL)) && !defined(NO_WOLFSSL_CLIENT) + defined(OPENSSL_ALL)) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; long result = 0xDEADBEEF; @@ -73042,7 +73092,8 @@ static int test_wolfSSL_verify_result(void) return EXPECT_RESULT(); } -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) static void sslMsgCb(int w, int version, int type, const void* buf, size_t sz, SSL* ssl, void* arg) { @@ -73061,7 +73112,8 @@ static void sslMsgCb(int w, int version, int type, const void* buf, static int test_wolfSSL_msg_callback(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) +#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; @@ -73988,7 +74040,7 @@ static int test_wolfSSL_X509_get_version(void) static int test_wolfSSL_sk_CIPHER_description(void) { EXPECT_DECLS; -#if !defined(NO_RSA) +#if !defined(NO_RSA) && !defined(NO_TLS) const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION; int i; int numCiphers = 0; @@ -74050,7 +74102,7 @@ static int test_wolfSSL_sk_CIPHER_description(void) static int test_wolfSSL_get_ciphers_compat(void) { EXPECT_DECLS; -#if !defined(NO_RSA) +#if !defined(NO_RSA) && !defined(NO_TLS) const SSL_METHOD *method = NULL; const char certPath[] = "./certs/client-cert.pem"; STACK_OF(SSL_CIPHER) *supportedCiphers = NULL; @@ -74443,7 +74495,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void) static int test_wolfSSL_CTX_ctrl(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) char caFile[] = "./certs/client-ca.pem"; char clientFile[] = "./certs/client-cert.pem"; @@ -81597,8 +81649,13 @@ static int test_tls13_apis(void) WOLFSSL_CTX* serverCtx = NULL; WOLFSSL* serverSsl = NULL; #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#ifndef NO_RSA const char* ourCert = svrCertFile; const char* ourKey = svrKeyFile; +#elif defined(HAVE_ECC) + const char* ourCert = eccCertFile; + const char* ourKey = eccKeyFile; +#endif #endif #endif int required; @@ -81706,10 +81763,23 @@ static int test_tls13_apis(void) #endif #ifndef NO_WOLFSSL_SERVER serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()); -#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#if !defined(NO_CERTS) + #if !defined(NO_FILESYSTEM) wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert); wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM); + #elif defined(USE_CERT_BUFFERS_2048) + wolfSSL_CTX_use_certificate_chain_buffer_format(serverTls12Ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1); + wolfSSL_CTX_use_PrivateKey_buffer(serverTls12Ctx, server_key_der_2048, + sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1); + #elif defined(USE_CERT_BUFFERS_256) + wolfSSL_CTX_use_certificate_chain_buffer_format(serverTls12Ctx, + serv_ecc_der_256, sizeof_serv_ecc_der_256, WOLFSSL_FILETYPE_ASN1); + wolfSSL_CTX_use_PrivateKey_buffer(serverTls12Ctx, ecc_key_der_256, + sizeof_ecc_key_der_256, WOLFSSL_FILETYPE_ASN1); + #endif #endif serverTls12Ssl = wolfSSL_new(serverTls12Ctx); #endif @@ -81721,9 +81791,23 @@ static int test_tls13_apis(void) #endif #ifndef NO_WOLFSSL_SERVER serverCtx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()); -#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) +#if !defined(NO_CERTS) + /* ignore load failures, since we just need the server to have a cert set */ + #if !defined(NO_FILESYSTEM) wolfSSL_CTX_use_certificate_chain_file(serverCtx, ourCert); wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM); + #elif defined(USE_CERT_BUFFERS_2048) + wolfSSL_CTX_use_certificate_chain_buffer_format(serverCtx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1); + wolfSSL_CTX_use_PrivateKey_buffer(serverCtx, server_key_der_2048, + sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1); + #elif defined(USE_CERT_BUFFERS_256) + wolfSSL_CTX_use_certificate_chain_buffer_format(serverCtx, serv_ecc_der_256, + sizeof_serv_ecc_der_256, WOLFSSL_FILETYPE_ASN1); + wolfSSL_CTX_use_PrivateKey_buffer(serverCtx, ecc_key_der_256, + sizeof_ecc_key_der_256, WOLFSSL_FILETYPE_ASN1); + #endif #endif serverSsl = wolfSSL_new(serverCtx); ExpectNotNull(serverSsl); @@ -89756,6 +89840,7 @@ static int test_stubs_are_stubs(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB) && \ + !defined(NO_TLS) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx = NULL; WOLFSSL_CTX* ctxN = NULL; @@ -89865,20 +89950,21 @@ static int test_wolfSSL_CTX_LoadCRL(void) EXPECT_DECLS; #if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) + WOLFSSL_CERT_MANAGER* cm = NULL; + const char* issuerCert = "./certs/client-cert.pem"; + const char* validFilePath = "./certs/crl/cliCrl.pem"; + int pemType = WOLFSSL_FILETYPE_PEM; +#ifndef NO_TLS WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char* badPath = "dummypath"; const char* validPath = "./certs/crl"; - const char* validFilePath = "./certs/crl/cliCrl.pem"; - const char* issuerCert = "./certs/client-cert.pem"; int derType = WOLFSSL_FILETYPE_ASN1; - int pemType = WOLFSSL_FILETYPE_PEM; #ifdef HAVE_CRL_MONITOR int monitor = WOLFSSL_CRL_MONITOR; #else int monitor = 0; #endif - WOLFSSL_CERT_MANAGER* cm = NULL; #define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \ WC_NO_ERR_TRACE(BAD_FUNC_ARG)) @@ -89929,6 +90015,7 @@ static int test_wolfSSL_CTX_LoadCRL(void) ssl = NULL; wolfSSL_CTX_free(ctx); ctx = NULL; +#endif /* !NO_TLS */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL), @@ -90071,7 +90158,7 @@ static int test_wolfSSL_crl_update_cb(void) static int test_SetTmpEC_DHE_Sz(void) { EXPECT_DECLS; -#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT) +#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; @@ -90090,7 +90177,7 @@ static int test_SetTmpEC_DHE_Sz(void) static int test_wolfSSL_CTX_get0_privatekey(void) { EXPECT_DECLS; -#ifdef OPENSSL_ALL +#if defined(OPENSSL_ALL) && !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; (void)ctx; @@ -91732,7 +91819,7 @@ static int test_wolfSSL_read_detect_TCP_disconnect(void) static int test_wolfSSL_CTX_get_min_proto_version(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) +#if defined(OPENSSL_EXTRA) && !defined(NO_TLS) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method())); @@ -91791,7 +91878,7 @@ static int test_wolfSSL_CTX_get_min_proto_version(void) wolfSSL_CTX_free(ctx); ctx = NULL; #endif -#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */ +#endif return EXPECT_RESULT(); } @@ -91933,7 +92020,7 @@ static int test_wolfSSL_security_level(void) static int test_wolfSSL_SSL_in_init(void) { EXPECT_DECLS; -#if defined(OPENSSL_ALL) && !defined(NO_BIO) +#if defined(OPENSSL_ALL) && !defined(NO_BIO) && !defined(NO_TLS) SSL_CTX* ctx = NULL; SSL* ssl = NULL; const char* testCertFile; @@ -91981,7 +92068,8 @@ static int test_wolfSSL_SSL_in_init(void) static int test_wolfSSL_CTX_set_timeout(void) { EXPECT_DECLS; -#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \ + !defined(NO_SESSION_CACHE) int timeout; WOLFSSL_CTX* ctx = NULL; @@ -92006,7 +92094,7 @@ static int test_wolfSSL_CTX_set_timeout(void) #endif wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/ +#endif return EXPECT_RESULT(); } @@ -92030,7 +92118,7 @@ static int test_wolfSSL_OpenSSL_version(void) static int test_CONF_CTX_CMDLINE(void) { EXPECT_DECLS; -#if defined(OPENSSL_ALL) +#if defined(OPENSSL_ALL) && !defined(NO_TLS) SSL_CTX* ctx = NULL; SSL_CONF_CTX* cctx = NULL; @@ -92106,7 +92194,7 @@ static int test_CONF_CTX_CMDLINE(void) static int test_CONF_CTX_FILE(void) { EXPECT_DECLS; -#if defined(OPENSSL_ALL) +#if defined(OPENSSL_ALL) && !defined(NO_TLS) SSL_CTX* ctx = NULL; SSL_CONF_CTX* cctx = NULL; @@ -92343,7 +92431,7 @@ static int test_wolfSSL_SESSION_get_ex_new_index(void) static int test_wolfSSL_set_psk_use_session_callback(void) { EXPECT_DECLS; -#if defined(OPENSSL_EXTRA) && !defined(NO_PSK) +#if defined(OPENSSL_EXTRA) && !defined(NO_PSK) && !defined(NO_TLS) SSL_CTX* ctx = NULL; SSL* ssl = NULL; const char* testCertFile; @@ -92758,7 +92846,7 @@ static int test_SSL_CIPHER_get_xxx(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \ - !defined(NO_FILESYSTEM) + !defined(NO_FILESYSTEM) && !defined(NO_TLS) const SSL_CIPHER* cipher = NULL; STACK_OF(SSL_CIPHER) *supportedCiphers = NULL; int i, numCiphers = 0; @@ -95448,7 +95536,7 @@ static int test_override_alt_cert_chain(void) } #endif -#if defined(HAVE_RPK) +#if defined(HAVE_RPK) && !defined(NO_TLS) #define svrRpkCertFile "./certs/rpk/server-cert-rpk.der" #define clntRpkCertFile "./certs/rpk/client-cert-rpk.der" @@ -95555,12 +95643,12 @@ static WC_INLINE int test_rpk_memio_setup( return 0; } -#endif /* HAVE_RPK */ +#endif /* HAVE_RPK && !NO_TLS */ static int test_rpk_set_xxx_cert_type(void) { EXPECT_DECLS; -#if defined(HAVE_RPK) +#if defined(HAVE_RPK) && !defined(NO_TLS) char ctype[MAX_CLIENT_CERT_TYPE_CNT + 1]; /* prepare bigger buffer */ WOLFSSL_CTX* ctx = NULL; @@ -100729,7 +100817,8 @@ TEST_CASE testCases[] = { #endif TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams), TEST_DECL(test_wolfSSL_i2d_PrivateKey), -#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) +#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA) && \ + !defined(NO_TLS) #ifndef NO_BIO TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio), #endif /* !NO_BIO */ @@ -101199,12 +101288,13 @@ TEST_CASE testCases[] = { *********************************/ TEST_DECL(test_wolfSSL_Method_Allocators), -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) TEST_DECL(test_wolfSSL_CTX_new), #endif TEST_DECL(test_server_wolfSSL_new), TEST_DECL(test_client_wolfSSL_new), #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ + !defined(NO_TLS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) TEST_DECL(test_for_double_Free), #endif diff --git a/tests/suites.c b/tests/suites.c index 9155cc555..657e80e55 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -58,7 +58,7 @@ #include "examples/server/server.h" #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ - !defined(SINGLE_THREADED) + !defined(NO_TLS) && !defined(SINGLE_THREADED) static WOLFSSL_CTX* cipherSuiteCtx = NULL; static char nonblockFlag[] = "-N"; static char noVerifyFlag[] = "-d"; @@ -858,8 +858,8 @@ static void test_harness(void* vargs) int SuiteTest(int argc, char** argv) { #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ - !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \ - !defined(SINGLE_THREADED) + !defined(NO_TLS) && !defined(SINGLE_THREADED) && \ + !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) func_args args; char argv0[3][80]; char* myArgv[3]; @@ -1522,5 +1522,5 @@ exit: (void)argc; (void)argv; return NOT_COMPILED_IN; -#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT && !NO_TLS */ } diff --git a/tests/unit.c b/tests/unit.c index 2028768d5..40566e80f 100644 --- a/tests/unit.c +++ b/tests/unit.c @@ -249,6 +249,7 @@ int unit_test(int argc, char** argv) #if !defined(NO_WOLFSSL_CIPHER_SUITE_TEST) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_TLS) && \ !defined(SINGLE_THREADED) if ((ret = SuiteTest(argc, argv)) != 0) { fprintf(stderr, "suite test failed with %d\n", ret); diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index b85ddf66d..fea9327d9 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -58,7 +58,8 @@ void file_test(const char* file, byte* check); #endif -#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) #ifdef HAVE_STACK_SIZE static THREAD_RETURN simple_test(func_args *args); @@ -111,6 +112,7 @@ static void *echoclient_test_wrapper(void* args) { int testsuite_test(int argc, char** argv) { #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) && \ (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)) func_args server_args; @@ -413,6 +415,7 @@ cleanup: #endif #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) && \ (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)) /* Perform a basic TLS handshake. *