OpenResty 1.13.6.2 and 1.19.3.1 support

# New or Updated APIs - wolfSSL_get_tlsext_status_type - wolfSSL_X509_chain_up_ref - wolfSSL_get0_verified_chain - SSL_CTX_set_cert_cb - SSL_certs_clear - SSL_add0_chain_cert ssl_cert_add0_chain_cert - SSL_add1_chain_cert ssl_cert_add1_chain_cert - sk_X509_NAME_new_null - SSL_CTX_set_cert_cb - SSL_set0_verify_cert_store - SSL_set_client_CA_list # Other Changes - Ignore gdbinit - Add api.c tests for new API - Add `WOLFSSL_X509_STORE* x509_store_pt` to `WOLFSSL` - Add macro to select the `WOLFSSL` specific store when available and the associated `WOLFSSL_CTX` store otherwise. Calls to `ssl->ctx->cm` and `ssl->ctx->x509_store*` were replaced by macros. - NO-OP when setting existing store - Add reference counter to `WOLFSSL_X509_STORE` - Cleanup MD5 redundant declarations - WOLFSSL_ERROR may map to nothing so make assignment outside of it - refMutex fields are excluded with SINGLE_THREADED macro - Chain cert refactor - Make `wolfSSL_add0_chain_cert` and `wolfSSL_add1_chain_cert` not affect the context associated with the SSL object - `wolfSSL_CTX_add1_chain_cert` now updates the `ctx->certChain` on success and stores the cert in `ctx->x509Chain` for later free'ing
2026-05-04 04:00:50 +02:00 · 2021-08-12 14:25:19 +02:00
parent 8601c14f1c
commit 7dea1dcd39
16 changed files with 1085 additions and 282 deletions
@@ -7354,11 +7354,15 @@ int wolfSSL_EVP_PKEY_get_default_digest_nid(WOLFSSL_EVP_PKEY *pkey, int *pnid)
 int wolfSSL_EVP_PKEY_up_ref(WOLFSSL_EVP_PKEY* pkey)
 {
    if (pkey) {
+#ifndef SINGLE_THREADED
        if (wc_LockMutex(&pkey->refMutex) != 0) {
            WOLFSSL_MSG("Failed to lock pkey mutex");
        }
+#endif
        pkey->references++;
+#ifndef SINGLE_THREADED
        wc_UnLockMutex(&pkey->refMutex);
+#endif

        return WOLFSSL_SUCCESS;
    }
@@ -7453,6 +7457,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap)
        pkey->heap = heap;
        pkey->type = WOLFSSL_EVP_PKEY_DEFAULT;

+#ifndef SINGLE_THREADED
        /* init of mutex needs to come before wolfSSL_EVP_PKEY_free */
        ret = wc_InitMutex(&pkey->refMutex);
        if (ret != 0){
@@ -7460,6 +7465,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_ex(void* heap)
            WOLFSSL_MSG("Issue initializing mutex");
            return NULL;
        }
+#endif

 #ifndef HAVE_FIPS
        ret = wc_InitRng_ex(&pkey->rng, heap, INVALID_DEVID);
@@ -7485,16 +7491,20 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
    int doFree = 0;
    WOLFSSL_ENTER("wolfSSL_EVP_PKEY_free");
    if (key != NULL) {
+        #ifndef SINGLE_THREADED
        if (wc_LockMutex(&key->refMutex) != 0) {
            WOLFSSL_MSG("Couldn't lock pkey mutex");
        }
+        #endif

        /* only free if all references to it are done */
        key->references--;
        if (key->references == 0) {
            doFree = 1;
        }
+        #ifndef SINGLE_THREADED
        wc_UnLockMutex(&key->refMutex);
+        #endif

        if (doFree) {
            wc_FreeRng(&key->rng);
@@ -7545,9 +7555,11 @@ void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY* key)
                break;
            }

+            #ifndef SINGLE_THREADED
            if (wc_FreeMutex(&key->refMutex) != 0) {
                WOLFSSL_MSG("Couldn't free pkey mutex");
            }
+            #endif
            XFREE(key, key->heap, DYNAMIC_TYPE_PUBLIC_KEY);
        }
    }