wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4874 from dgarske/ocsp_ipv6

Browse Source
This commit is contained in:
Hayden Roche
2022-02-23 13:37:16 -08:00
committed by GitHub
parent 0824a64c92 fbc7d5a6b2
commit 666cf508a2
4 changed files with 35 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/ocsp.c
View File

@ -279,9 +279,9 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
* entry The OCSP entry for this certificate. * entry The OCSP entry for this certificate.
* returns OCSP_LOOKUP_FAIL when the response is bad and 0 otherwise. * returns OCSP_LOOKUP_FAIL when the response is bad and 0 otherwise.
*/ */
WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz, int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status, WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
OcspEntry *entry, OcspRequest *ocspRequest) OcspEntry *entry, OcspRequest *ocspRequest)
{ {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
CertStatus* newStatus; CertStatus* newStatus;
@ -406,13 +406,17 @@ end:
} }
/* 0 on success */ /* 0 on success */
/* allow user to override the maximum request size at build-time */
#ifndef OCSP_MAX_REQUEST_SZ
#define OCSP_MAX_REQUEST_SZ 2048
#endif
int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest, int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
buffer* responseBuffer) buffer* responseBuffer)
{ {
OcspEntry* entry = NULL; OcspEntry* entry = NULL;
CertStatus* status = NULL; CertStatus* status = NULL;
byte* request = NULL; byte* request = NULL;
int requestSz = 2048; int requestSz = OCSP_MAX_REQUEST_SZ;
int responseSz = 0; int responseSz = 0;
byte* response = NULL; byte* response = NULL;
const char* url = NULL; const char* url = NULL;
@ -1113,7 +1117,7 @@ WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int
return single; return single;
} }
#endif /* OPENSSL_ALL || APACHE_HTTPD */ #endif /* OPENSSL_ALL || APACHE_HTTPD || WOLFSSL_HAPROXY */
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
#ifndef NO_WOLFSSL_STUB #ifndef NO_WOLFSSL_STUB

32
src/wolfio.c
View File

@ -805,13 +805,14 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
#ifdef HAVE_SOCKADDR #ifdef HAVE_SOCKADDR
int ret = 0; int ret = 0;
SOCKADDR_S addr; SOCKADDR_S addr;
int sockaddr_len = sizeof(SOCKADDR_IN); int sockaddr_len;
/* use gethostbyname for c99 */ #if defined(HAVE_GETADDRINFO)
#if defined(HAVE_GETADDRINFO) && !defined(WOLF_C99) /* use getaddrinfo */
ADDRINFO hints; ADDRINFO hints;
ADDRINFO* answer = NULL; ADDRINFO* answer = NULL;
char strPort[6]; char strPort[6];
#else #else
/* use gethostbyname */
#if !defined(WOLFSSL_USE_POPEN_HOST) #if !defined(WOLFSSL_USE_POPEN_HOST)
#if defined(__GLIBC__) && (__GLIBC__ >= 2) && defined(__USE_MISC) && \ #if defined(__GLIBC__) && (__GLIBC__ >= 2) && defined(__USE_MISC) && \
!defined(SINGLE_THREADED) !defined(SINGLE_THREADED)
@ -822,13 +823,22 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
HOSTENT *entry; HOSTENT *entry;
#endif #endif
#endif #endif
#ifdef WOLFSSL_IPV6
SOCKADDR_IN6 *sin;
#else
SOCKADDR_IN *sin; SOCKADDR_IN *sin;
#endif #endif
#endif /* HAVE_SOCKADDR */
if (sockfd == NULL || ip == NULL) { if (sockfd == NULL || ip == NULL) {
return -1; return -1;
} }
#ifdef WOLFSSL_IPV6
sockaddr_len = sizeof(SOCKADDR_IN6);
#else
sockaddr_len = sizeof(SOCKADDR_IN);
#endif
XMEMSET(&addr, 0, sizeof(addr)); XMEMSET(&addr, 0, sizeof(addr));
#ifdef WOLFIO_DEBUG #ifdef WOLFIO_DEBUG
@ -836,9 +846,9 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
#endif #endif
/* use gethostbyname for c99 */ /* use gethostbyname for c99 */
#if defined(HAVE_GETADDRINFO) && !defined(WOLF_C99) #if defined(HAVE_GETADDRINFO)
XMEMSET(&hints, 0, sizeof(hints)); XMEMSET(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC; hints.ai_family = AF_UNSPEC; /* detect IPv4 or IPv6 */
hints.ai_socktype = SOCK_STREAM; hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP; hints.ai_protocol = IPPROTO_TCP;
@ -855,7 +865,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
sockaddr_len = answer->ai_addrlen; sockaddr_len = answer->ai_addrlen;
XMEMCPY(&addr, answer->ai_addr, sockaddr_len); XMEMCPY(&addr, answer->ai_addr, sockaddr_len);
freeaddrinfo(answer); freeaddrinfo(answer);
#elif defined(WOLFSSL_USE_POPEN_HOST) #elif defined(WOLFSSL_USE_POPEN_HOST) && !defined(WOLFSSL_IPV6)
{ {
char host_ipaddr[4] = { 127, 0, 0, 1 }; char host_ipaddr[4] = { 127, 0, 0, 1 };
int found = 1; int found = 1;
@ -907,7 +917,6 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
} }
if (found) { if (found) {
sin = (SOCKADDR_IN *)&addr; sin = (SOCKADDR_IN *)&addr;
sin->sin_family = AF_INET; sin->sin_family = AF_INET;
sin->sin_port = XHTONS(port); sin->sin_port = XHTONS(port);
XMEMCPY(&sin->sin_addr.s_addr, host_ipaddr, sizeof(host_ipaddr)); XMEMCPY(&sin->sin_addr.s_addr, host_ipaddr, sizeof(host_ipaddr));
@ -932,12 +941,19 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
#else #else
entry = gethostbyname(ip); entry = gethostbyname(ip);
#endif #endif
sin = (SOCKADDR_IN *)&addr;
if (entry) { if (entry) {
#ifdef WOLFSSL_IPV6
sin = (SOCKADDR_IN6 *)&addr;
sin->sin6_family = AF_INET6;
sin->sin6_port = XHTONS(port);
XMEMCPY(&sin->sin6_addr, entry->h_addr_list[0], entry->h_length);
#else
sin = (SOCKADDR_IN *)&addr;
sin->sin_family = AF_INET; sin->sin_family = AF_INET;
sin->sin_port = XHTONS(port); sin->sin_port = XHTONS(port);
XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0], entry->h_length); XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0], entry->h_length);
#endif
} }
#if defined(__GLIBC__) && (__GLIBC__ >= 2) && defined(__USE_MISC) && \ #if defined(__GLIBC__) && (__GLIBC__ >= 2) && defined(__USE_MISC) && \

2
wolfssl/test.h
View File

@ -1312,7 +1312,7 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
addr->sin6_addr = in6addr_any; addr->sin6_addr = in6addr_any;
} }
else { else {
#if defined(HAVE_GETADDRINFO) || defined(WOLF_C99) #if defined(HAVE_GETADDRINFO)
struct addrinfo hints; struct addrinfo hints;
struct addrinfo* answer = NULL; struct addrinfo* answer = NULL;
int ret; int ret;

3
wolfssl/wolfio.h
View File

@ -373,8 +373,7 @@
typedef struct hostent HOSTENT; typedef struct hostent HOSTENT;
#endif /* HAVE_SOCKADDR */ #endif /* HAVE_SOCKADDR */
/* use gethostbyname for c99 */ #if defined(HAVE_GETADDRINFO)
#if defined(HAVE_GETADDRINFO) && !defined(WOLF_C99)
typedef struct addrinfo ADDRINFO; typedef struct addrinfo ADDRINFO;
#endif #endif
#endif /* WOLFSSL_NO_SOCK */ #endif /* WOLFSSL_NO_SOCK */