From 0455224439bb704f01a6017dd800751dceef4f52 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 30 Oct 2023 17:04:36 -0700 Subject: [PATCH 1/2] Fix build errors in API unit test without IO dependencies. --- tests/api.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/api.c b/tests/api.c index cac34e717..fca5c1d5d 100644 --- a/tests/api.c +++ b/tests/api.c @@ -36008,7 +36008,8 @@ static int test_wolfSSL_CTX_add_client_CA(void) #endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */ return EXPECT_RESULT(); } -#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) +#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \ + defined(HAVE_IO_TESTS_DEPENDENCIES) static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args) { callback_functions* callbacks = ((func_args*)args)->callbacks; @@ -68190,7 +68191,8 @@ TEST_CASE testCases[] = { TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation), TEST_DECL(test_wolfSSL_SCR_Reconnect), TEST_DECL(test_tls_ext_duplicate), -#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) +#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \ + defined(HAVE_IO_TESTS_DEPENDENCIES) TEST_DECL(test_wolfSSL_Tls13_ECH_params), /* Uses Assert in handshake callback. */ TEST_DECL(test_wolfSSL_Tls13_ECH), From 2ac0d47908906d25931559336bd971ab5fc12640 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 31 Oct 2023 12:43:12 -0700 Subject: [PATCH 2/2] Fix for async edge case with Intel QuickAssist/Cavium Nitrox that was broken in PR #6783. Was causing re-entry and multiple calls for some operations like DH KeyGen that don't advance state on completion. https://github.com/wolfSSL/wolfAsyncCrypt/pull/71 --- src/internal.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/internal.c b/src/internal.c index 39fc8fdf7..8bc7cdd1f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -7624,6 +7624,12 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) /* Sanity check key destination */ if (*pKey != NULL) { WOLFSSL_MSG("Key already present!"); + #ifdef WOLFSSL_ASYNC_CRYPT + /* allow calling this again for async reentry */ + if (ssl->error == WC_PENDING_E) { + return 0; + } + #endif return BAD_STATE_E; } @@ -38891,14 +38897,17 @@ int wolfSSL_AsyncPop(WOLFSSL* ssl, byte* state) XMEMSET(&asyncDev->event, 0, sizeof(WOLF_EVENT)); ssl->asyncDev = NULL; } - #if !defined(WOLFSSL_ASYNC_CRYPT_SW) && \ - (defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS)) + /* for crypto or PK callback, if pending remove from queue */ + #if (defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS)) && \ + !defined(WOLFSSL_ASYNC_CRYPT_SW) && !defined(HAVE_INTEL_QA) && \ + !defined(HAVE_CAVIUM) else if (ret == WC_PENDING_E) { /* Allow the underlying crypto API to be called again to trigger the * crypto or PK callback. The actual callback must be called, since * the completion is not detected in the poll like Intel QAT or * Nitrox */ ret = wolfEventQueue_Remove(&ssl->ctx->event_queue, event); + } #endif }