src/keys.c and src/tls13.c: add WC_NO_ERR_TRACE() annotations for various initializations.

wolfssl/ssl.h, examples/client/client.c, examples/server/server.c, src/bio.c, tests/api.c: add error tracing for WOLFSSL_SHUTDOWN_NOT_DONE.

tests/api.c: in test_wolfSSL_read_write_ex(), use WOLFSSL_SUCCESS rather than 1 for expected-success wolfSSL_shutdown()s, and add note that the wrong value is being returned (the test currently always fails, which is masked by an always-success retval).
This commit is contained in:
Daniel Pouzzner
2026-03-22 13:17:47 -05:00
parent b7fd9cb002
commit 678660e26d
7 changed files with 29 additions and 19 deletions
+4 -4
View File
@@ -1044,7 +1044,7 @@ static int SMTP_Shutdown(WOLFSSL* ssl, int wc_shutdown)
printf("%s\n", tmpBuf);
ret = wolfSSL_shutdown(ssl);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
if (wc_shutdown && ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
if (tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC) ==
TEST_RECV_READY) {
ret = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
@@ -4687,7 +4687,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
ret = wolfSSL_shutdown(ssl);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
if (wc_shutdown && ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
while (tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC) ==
TEST_RECV_READY) {
ret = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
@@ -4695,7 +4695,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("Bidirectional shutdown complete\n");
break;
}
else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
else if (ret != WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
LOG_ERROR("Bidirectional shutdown failed\n");
break;
}
@@ -4932,7 +4932,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
sendGET, " resume", 0);
ret = wolfSSL_shutdown(sslResume);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE)
if (wc_shutdown && ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE))
wolfSSL_shutdown(sslResume); /* bidirectional shutdown */
/* display collected statistics */
+2 -2
View File
@@ -4044,7 +4044,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif /* WOLFSSL_DTLS13 */
ret = SSL_shutdown(ssl);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
if (wc_shutdown && ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
while (tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC) ==
TEST_RECV_READY) {
ret = wolfSSL_shutdown(ssl); /* bidirectional shutdown */
@@ -4052,7 +4052,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
printf("Bidirectional shutdown complete\n");
break;
}
else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
else if (ret != WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
LOG_ERROR("Bidirectional shutdown failed\n");
break;
}
+1 -1
View File
@@ -2646,7 +2646,7 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
if (b->ptr.ssl != NULL) {
int rc = wolfSSL_shutdown(b->ptr.ssl);
if (rc == WOLFSSL_SHUTDOWN_NOT_DONE) {
if (rc == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
/* In this case, call again to give us a chance to read the
* close notify alert from the other end. */
wolfSSL_shutdown(b->ptr.ssl);
+1 -1
View File
@@ -3571,7 +3571,7 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side)
#endif
#if !defined(NO_CERTS) && defined(HAVE_PK_CALLBACKS)
ret = PROTOCOLCB_UNAVAILABLE;
ret = WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE);
if (ssl->ctx->EncryptKeysCb) {
void* ctx = wolfSSL_GetEncryptKeysCtx(ssl);
#if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+6 -6
View File
@@ -234,7 +234,7 @@ static int Tls13HKDFExpandKeyLabel(WOLFSSL* ssl, byte* okm, word32 okmLen,
{
int ret;
#if defined(HAVE_PK_CALLBACKS)
ret = NOT_COMPILED_IN;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
if (ssl->ctx && ssl->ctx->HKDFExpandLabelCb) {
ret = ssl->ctx->HKDFExpandLabelCb(okm, okmLen, prk, prkLen,
protocol, protocolLen,
@@ -2662,7 +2662,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
nonceSz = AESGCM_NONCE_SZ;
#if defined(HAVE_PK_CALLBACKS)
ret = NOT_COMPILED_IN;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
if (ssl->ctx && ssl->ctx->PerformTlsRecordProcessingCb) {
ret = ssl->ctx->PerformTlsRecordProcessingCb(ssl, 1,
output, input, dataSz,
@@ -2704,7 +2704,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
nonceSz = AESCCM_NONCE_SZ;
#if defined(HAVE_PK_CALLBACKS)
ret = NOT_COMPILED_IN;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
if (ssl->ctx && ssl->ctx->PerformTlsRecordProcessingCb) {
ret = ssl->ctx->PerformTlsRecordProcessingCb(ssl, 1,
output, input, dataSz,
@@ -3063,7 +3063,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
nonceSz = AESGCM_NONCE_SZ;
#if defined(HAVE_PK_CALLBACKS)
ret = NOT_COMPILED_IN;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
if (ssl->ctx && ssl->ctx->PerformTlsRecordProcessingCb) {
ret = ssl->ctx->PerformTlsRecordProcessingCb(ssl, 0,
output, input, dataSz,
@@ -3102,7 +3102,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
nonceSz = AESCCM_NONCE_SZ;
#if defined(HAVE_PK_CALLBACKS)
ret = NOT_COMPILED_IN;
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
if (ssl->ctx && ssl->ctx->PerformTlsRecordProcessingCb) {
ret = ssl->ctx->PerformTlsRecordProcessingCb(ssl, 0,
output, input, dataSz,
@@ -6892,7 +6892,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
{
/* Reset state */
ret = VERSION_ERROR;
ret = WC_NO_ERR_TRACE(VERSION_ERROR);
ssl->options.asyncState = TLS_ASYNC_BEGIN;
XMEMSET(args, 0, sizeof(Dch13Args));
#ifdef WOLFSSL_ASYNC_CRYPT
+7 -5
View File
@@ -6713,13 +6713,15 @@ static int test_wolfSSL_read_write_ex(void)
ExpectIntEQ(wolfSSL_shutdown(ssl_c), WOLFSSL_SHUTDOWN_NOT_DONE);
ExpectIntEQ(wolfSSL_shutdown(ssl_s), WOLFSSL_SHUTDOWN_NOT_DONE);
ExpectIntEQ(wolfSSL_shutdown(ssl_c), 1);
ExpectIntEQ(wolfSSL_shutdown(ssl_s), 1);
ExpectIntEQ(wolfSSL_shutdown(ssl_c), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_shutdown(ssl_s), WOLFSSL_SUCCESS);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
/* XXX this should be return EXPECT_RESULT(); */
return TEST_SUCCESS;
}
@@ -25691,7 +25693,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
if (EXPECT_SUCCESS()) {
ret = wolfSSL_shutdown(ssl);
if (ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
if (ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)) {
ret = wolfSSL_shutdown(ssl);
}
}
@@ -29286,7 +29288,7 @@ static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl)
}
do {
ret = wolfSSL_shutdown(ssl);
} while (ret == WOLFSSL_SHUTDOWN_NOT_DONE);
} while (ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE));
AssertIntEQ(wolfSSL_clear(ssl), WOLFSSL_SUCCESS);
wolfSSL_set_psk_callback_ctx(ssl, (void*)"TLS13-AES256-GCM-SHA384");
#ifndef OPENSSL_COMPATIBLE_DEFAULTS
@@ -29377,7 +29379,7 @@ static void test_prioritize_psk_on_result(WOLFSSL* ssl)
}
do {
ret = wolfSSL_shutdown(ssl);
} while (ret == WOLFSSL_SHUTDOWN_NOT_DONE);
} while (ret == WC_NO_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE));
AssertIntEQ(wolfSSL_clear(ssl), WOLFSSL_SUCCESS);
wolfSSL_set_psk_callback_ctx(ssl, (void*)"TLS13-AES256-GCM-SHA384");
/* Previous connection was made with TLS13-AES128-GCM-SHA256. Order is
+8
View File
@@ -3075,6 +3075,14 @@ enum { /* ssl Constants */
WOLFSSL_SHUTDOWN_NOT_DONE = 2,
#endif
#if defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES) && \
(defined(BUILDING_WOLFSSL) || \
defined(WOLFSSL_DEBUG_TRACE_ERROR_CODES_ALWAYS))
#define WOLFSSL_SHUTDOWN_NOT_DONE \
WC_ERR_TRACE(WOLFSSL_SHUTDOWN_NOT_DONE)
#define CONST_NUM_ERR_WOLFSSL_SHUTDOWN_NOT_DONE 0
#endif
WOLFSSL_FILETYPE_ASN1 = CTC_FILETYPE_ASN1,
WOLFSSL_FILETYPE_PEM = CTC_FILETYPE_PEM,
WOLFSSL_FILETYPE_DEFAULT = CTC_FILETYPE_ASN1, /* ASN1 */