wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3474 from douzzer/lighttpd-update-1.4.56

Browse Source 
lighttpd support update for v1.4.56
This commit is contained in:
David Garske
2020-11-09 09:24:58 -08:00
committed by GitHub
parent 937a7ce8ce 0d2e28ce80
commit 7e3efa3792
12 changed files with 391 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
configure.ac
View File

@@ -719,6 +719,13 @@ AC_ARG_ENABLE([nginx],
[ ENABLED_NGINX=no ]
)
# lighty Support
AC_ARG_ENABLE([lighty],
[AS_HELP_STRING([--enable-lighty],[Enable lighttpd/lighty (default: disabled)])],
[ ENABLED_LIGHTY=$enableval ],
[ ENABLED_LIGHTY=no ]
)
# haproxy compatibility build
AC_ARG_ENABLE([haproxy],
[AS_HELP_STRING([--enable-haproxy],[Enable haproxy (default: disabled)])],
@@ -847,7 +854,7 @@ AC_ARG_ENABLE([opensslextra],
[ ENABLED_OPENSSLEXTRA=$enableval ],
[ ENABLED_OPENSSLEXTRA=no ]
)
if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes"
if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_SIGNAL" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_FORTRESS" = "yes" || test "$ENABLED_BUMP" = "yes" || test "$ENABLED_SNIFFER" = "yes" || test "$ENABLED_OPENSSLALL" = "yes" || test "$ENABLED_LIBWEBSOCKETS" = "yes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_OPENSSLEXTRA="yes"
fi
@@ -1656,7 +1663,7 @@ AC_ARG_ENABLE([sessioncerts],
[ ENABLED_SESSIONCERTS=no ]
)
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes"
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_SESSIONCERTS=yes
fi
@@ -3097,7 +3104,7 @@ AC_ARG_ENABLE([ocsp],
[ ENABLED_OCSP=no ],
)
if test "x$ENABLED_OPENSSLALL" = "xyes" || test "x$ENABLED_NGINX" = "xyes"
if test "x$ENABLED_OPENSSLALL" = "xyes" || test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_OCSP=yes
fi
@@ -3129,7 +3136,7 @@ AC_ARG_ENABLE([ocspstapling],
[ ENABLED_CERTIFICATE_STATUS_REQUEST=no ]
)
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes"
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_CERTIFICATE_STATUS_REQUEST="yes"
fi
@@ -3154,7 +3161,7 @@ AC_ARG_ENABLE([ocspstapling2],
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ]
)
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes"
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_WPAS" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_CERTIFICATE_STATUS_REQUEST_V2=yes
fi
@@ -3180,7 +3187,7 @@ AC_ARG_ENABLE([crl],
)
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno"
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || test "x$ENABLED_WPAS" != "xno" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_CRL=yes
fi
@@ -3202,7 +3209,13 @@ if test "$ENABLED_CRL_MONITOR" = "yes"
then
case $host_os in
*linux* | *darwin* | *freebsd*)
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;;
if test "x$ENABLED_SINGLETHREADED" = "xno"; then
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR"
else
ENABLED_CRL_MONITOR="no"
AC_MSG_ERROR([crl monitor requires threading / pthread])
fi
;;
*)
if test "x$ENABLED_DISTRO" = "xyes" ; then
ENABLED_CRL_MONITOR="no"
@@ -3533,7 +3546,7 @@ AC_ARG_ENABLE([session-ticket],
[ ENABLED_SESSION_TICKET=no ]
)
if test "x$ENABLED_NGINX" = "xyes" || test "$ENABLED_WPAS" = "yes" || test "x$ENABLED_HAPROXY" = "xyes"
if test "x$ENABLED_NGINX" = "xyes" || test "$ENABLED_WPAS" = "yes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_SESSION_TICKET=yes
fi
@@ -3562,7 +3575,7 @@ AC_ARG_ENABLE([tlsx],
[ ENABLED_TLSX=no ]
)
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_SIGNAL" = "xyes"
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_SIGNAL" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
ENABLED_TLSX=yes
fi
@@ -3891,12 +3904,6 @@ then
fi
fi
# lighty Support
AC_ARG_ENABLE([lighty],
[AS_HELP_STRING([--enable-lighty],[Enable lighttpd/lighty (default: disabled)])],
[ ENABLED_LIGHTY=$enableval ],
[ ENABLED_LIGHTY=no ]
)
if test "$ENABLED_LIGHTY" = "yes"
then
# Requires opensslextra make sure on
@@ -3906,6 +3913,28 @@ then
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1"
AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_ALL"
# recommended if building wolfSSL specifically for use by lighttpd
if test "x$ENABLED_ALL" = "xno"; then
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL2 -DOPENSSL_NO_COMP"
if test "x$ENABLED_SSLV3" = "xno"; then
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL3"
if test "x$ENABLED_TLSV10" = "xno"; then
AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
ENABLED_OLD_TLS=no
fi
fi
if test "x$ENABLED_CRL_MONITOR" = "xno"; then
AM_CFLAGS="$AM_CFLAGS -DSINGLE_THREADED"
ENABLED_SINGLETHREADED="yes"
fi
# w/ lighttpd 1.4.56 once wolfSSL updated to expose non-filesystem funcs
#AM_CFLAGS="$AM_CFLAGS -DNO_BIO"
#AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
#ENABLED_FILESYSTEM=no
fi
fi
if test "$ENABLED_NGINX" = "yes"

2
examples/client/client.c
View File

@@ -3176,6 +3176,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
#if defined(OPENSSL_ALL)
#ifndef NO_BIO
/* print out session to stdout */
{
WOLFSSL_BIO* bio = wolfSSL_BIO_new_fp(stdout, BIO_NOCLOSE);
@@ -3188,6 +3189,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_BIO_free(bio);
}
#endif
#endif
#endif
if (doSTARTTLS && starttlsProt != NULL) {

14
src/internal.c
View File

@@ -6287,12 +6287,14 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#endif
#endif /* WOLFSSL_DTLS */
#ifdef OPENSSL_EXTRA
#ifndef NO_BIO
if (ssl->biord != ssl->biowr) /* only free write if different */
wolfSSL_BIO_free(ssl->biowr);
wolfSSL_BIO_free(ssl->biord); /* always free read bio */
ssl->biowr = NULL;
ssl->biord = NULL;
#endif
#endif
#ifdef HAVE_LIBZ
FreeStreams(ssl);
#endif
@@ -7936,6 +7938,7 @@ retry:
switch (recvd) {
case WOLFSSL_CBIO_ERR_GENERAL: /* general/unknown error */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)
#ifndef NO_BIO
if (ssl->biord) {
/* If retry and read flags are set, return WANT_READ */
if ((ssl->biord->flags & WOLFSSL_BIO_FLAG_READ) &&
@@ -7944,6 +7947,7 @@ retry:
}
}
#endif
#endif
return -1;
case WOLFSSL_CBIO_ERR_WANT_READ: /* want read, would block */
@@ -17193,7 +17197,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
int sendSz;
word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
word32 dnLen = 0;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
#endif
@@ -17206,7 +17210,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
if (IsAtLeastTLSv1_2(ssl))
reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
/* Certificate Authorities */
names = ssl->ctx->ca_names;
while (names != NULL) {
@@ -17275,7 +17279,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
/* Certificate Authorities */
c16toa((word16)dnLen, &output[i]); /* auth's */
i += REQ_HEADER_SZ;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
names = ssl->ctx->ca_names;
while (names != NULL) {
byte seq[MAX_SEQ_SZ];
@@ -27699,7 +27703,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
goto out;
}
#endif
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
if((ret=SNI_Callback(ssl)))
goto out;
ssl->options.side = WOLFSSL_SERVER_END;
@@ -30158,7 +30162,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* !WOLFSSL_NO_TLS12 */
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY)
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
int SNI_Callback(WOLFSSL* ssl)
{
/* Stunnel supports a custom sni callback to switch an SSL's ctx

6
src/ocsp.c
View File

@@ -494,7 +494,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
}
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD)
defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
WOLFSSL_OCSP_CERTID* id, int* status, int* reason,
@@ -644,6 +644,7 @@ void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response)
XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
}
#ifndef NO_BIO
OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
OcspResponse** response)
{
@@ -708,6 +709,7 @@ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
return ret;
}
#endif /* !NO_BIO */
OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response,
const unsigned char** data, int len)
@@ -891,6 +893,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID* id)
#endif
#if defined(OPENSSL_ALL) || defined(APACHE_HTTPD)
#ifndef NO_BIO
int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
WOLFSSL_OCSP_REQUEST *req)
{
@@ -924,6 +927,7 @@ int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
#endif /* !NO_BIO */
#endif /* OPENSSL_ALL || APACHE_HTTPD */
#ifdef OPENSSL_EXTRA

203
src/ssl.c
View File

@@ -4041,7 +4041,7 @@ int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version)
/* Function to get version as WOLFSSL_ enum value for wolfSSL_SetVersion */
int wolfSSL_GetVersion(WOLFSSL* ssl)
int wolfSSL_GetVersion(const WOLFSSL* ssl)
{
if (ssl == NULL)
return BAD_FUNC_ARG;
@@ -6914,6 +6914,8 @@ int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
}
#endif /* NO_FILESYSTEM */
#ifdef HAVE_CRL
/* check CRL if enabled, WOLFSSL_SUCCESS */
@@ -6981,6 +6983,7 @@ int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb)
}
#endif
#ifndef NO_FILESYSTEM
int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
int type, int monitor)
{
@@ -6997,6 +7000,7 @@ int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
return LoadCRL(cm->crl, path, type, monitor);
}
#endif
int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)
{
@@ -7017,6 +7021,7 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl)
return BAD_FUNC_ARG;
}
#ifndef NO_FILESYSTEM
int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor)
{
WOLFSSL_ENTER("wolfSSL_LoadCRL");
@@ -7025,6 +7030,7 @@ int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor)
else
return BAD_FUNC_ARG;
}
#endif
int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
@@ -7067,6 +7073,7 @@ int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx)
}
#ifndef NO_FILESYSTEM
int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path,
int type, int monitor)
{
@@ -7076,6 +7083,7 @@ int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path,
else
return BAD_FUNC_ARG;
}
#endif
int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb)
@@ -7102,6 +7110,9 @@ int wolfSSL_CTX_SetCRL_IOCb(WOLFSSL_CTX* ctx, CbCrlIO cb)
#endif /* HAVE_CRL */
#ifndef NO_FILESYSTEM
#ifdef WOLFSSL_DER_LOAD
/* Add format parameter to allow DER load of CA files */
@@ -7154,6 +7165,9 @@ int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file,
}
#endif /* NO_FILESYSTEM */
/* Sets the max chain depth when verifying a certificate chain. Default depth
* is set to MAX_CHAIN_DEPTH.
*
@@ -7200,6 +7214,9 @@ long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx)
}
#ifndef NO_FILESYSTEM
WOLFSSL_ABI
int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX* ctx, const char* file)
{
@@ -7374,6 +7391,8 @@ int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx)
#endif /* !NO_CHECK_PRIVATE_KEY */
#ifdef OPENSSL_EXTRA
#ifndef NO_BIO
/* put SSL type in extra for now, not very common */
/* Converts a DER format key read from "bio" to a PKCS8 structure.
@@ -7481,6 +7500,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PUBKEY_bio(WOLFSSL_BIO* bio,
return pkey;
}
#endif /* !NO_BIO */
/* Converts a DER encoded public key to a WOLFSSL_EVP_PKEY structure.
@@ -8607,6 +8628,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
return ext;
}
#ifndef NO_BIO
/* Return 0 on success and 1 on failure. Copies ext data to bio, using indent
* to pad the output. flag is ignored. */
int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
@@ -8711,6 +8733,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
return rc;
}
#endif /* !NO_BIO */
/* Returns crit flag in X509_EXTENSION object */
int wolfSSL_X509_EXTENSION_get_critical(const WOLFSSL_X509_EXTENSION* ex)
@@ -14450,6 +14473,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#ifdef OPENSSL_EXTRA
#ifndef NO_BIO
void wolfSSL_set_bio(WOLFSSL* ssl, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr)
{
WOLFSSL_ENTER("wolfSSL_set_bio");
@@ -14503,7 +14527,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
BIO_set_retry_read(wr);
}
}
#endif
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_WEBSERVER)
void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx,
@@ -14600,6 +14625,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
#ifndef NO_BIO
#if !defined(NO_RSA) && !defined(NO_CERTS)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname)
{
@@ -14670,7 +14696,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#endif
}
#endif
#endif
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
#ifdef OPENSSL_EXTRA
#if !defined(NO_RSA) && !defined(NO_CERTS)
@@ -15128,6 +15155,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#endif /* WOLFSSL_QT || OPENSSL_ALL */
#endif /* !NO_CERTS */
#ifndef NO_BIO
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_md(void)
{
static WOLFSSL_BIO_METHOD meth;
@@ -15464,6 +15492,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return top;
}
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA */
#ifdef WOLFSSL_ENCRYPTED_KEYS
@@ -15574,6 +15603,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
}
#if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE))
#ifndef NO_BIO
/* print out and clear all errors */
void wolfSSL_ERR_print_errors(WOLFSSL_BIO* bio)
{
@@ -15601,6 +15631,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
}
} while (ret >= 0);
}
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */
@@ -20961,6 +20992,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
}
#endif
#ifndef NO_BIO
#ifdef XSNPRINTF /* a snprintf function needs to be available */
/* Writes the human readable form of x509 to bio.
*
@@ -21650,6 +21682,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
}
#endif /* XSNPRINTF */
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA */
#endif /* !NO_CERTS */
@@ -22094,6 +22127,8 @@ void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4)
#endif /* NO_MD4 */
#ifndef NO_BIO
/* Removes a WOLFSSL_BIO struct from the WOLFSSL_BIO linked list.
*
* bio is the WOLFSSL_BIO struct in the list and removed.
@@ -22209,6 +22244,8 @@ void *wolfSSL_BIO_get_ex_data(WOLFSSL_BIO *bio, int idx)
return NULL;
}
#endif /* !NO_BIO */
#ifndef NO_WOLFSSL_STUB
void wolfSSL_RAND_screen(void)
{
@@ -22439,6 +22476,7 @@ WOLFSSL_X509_LOOKUP* wolfSSL_X509_STORE_add_lookup(WOLFSSL_X509_STORE* store,
#ifndef NO_CERTS
#ifndef NO_BIO
/* Converts the X509 to DER format and outputs it into bio.
*
* bio is the structure to hold output DER
@@ -22465,6 +22503,7 @@ int wolfSSL_i2d_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509)
return WOLFSSL_FAILURE;
}
#endif /* !NO_BIO */
/* Converts an internal structure to a DER buffer
@@ -22509,6 +22548,7 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
}
#ifndef NO_BIO
/* Converts the DER from bio and creates a WOLFSSL_X509 structure from it.
*
* bio is the structure holding DER
@@ -22548,9 +22588,11 @@ WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509)
return localX509;
}
#endif /* !NO_BIO */
#if !defined(NO_ASN) && !defined(NO_PWDBASED)
#ifndef NO_BIO
WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, WC_PKCS12** pkcs12)
{
WC_PKCS12* localPkcs12 = NULL;
@@ -22630,6 +22672,7 @@ int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12)
return ret;
}
#endif /* !NO_BIO */
/* Copies unencrypted DER key buffer into "der". If "der" is null then the size
* of buffer needed is returned. If *der == NULL then it allocates a buffer.
@@ -24160,6 +24203,7 @@ WOLFSSL_ASN1_INTEGER* wolfSSL_X509_get_serialNumber(WOLFSSL_X509* x509)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#ifndef NO_ASN_TIME
#ifndef NO_BIO
int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
{
char buf[MAX_TIME_STRING_SZ];
@@ -24186,6 +24230,7 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
return ret;
}
#endif /* !NO_BIO */
char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
{
@@ -25790,6 +25835,7 @@ WOLFSSL_API int i2t_ASN1_OBJECT(char *buf, int buf_len, WOLFSSL_ASN1_OBJECT *a)
}
#endif
#ifndef NO_BIO
/* Return number of bytes written to BIO on success. 0 on failure. */
WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp,
WOLFSSL_ASN1_OBJECT *a)
@@ -25831,6 +25877,7 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_OBJECT(WOLFSSL_BIO *bp,
return WOLFSSL_FAILURE;
}
#endif /* !NO_BIO */
/* Returns object data for an ASN1_OBJECT */
/* If pp is NULL then only the size is returned */
@@ -26930,6 +26977,8 @@ void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
#endif
#endif
#ifndef NO_BIO
#if !defined(NO_FILESYSTEM) && defined (OPENSSL_EXTRA)
/* returns amount printed on success, negative in fail case */
int wolfSSL_BIO_vprintf(WOLFSSL_BIO* bio, const char* format, va_list args)
@@ -27065,6 +27114,8 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
return wolfSSL_ASN1_TIME_print(bio, a);
}
#endif /* !NO_BIO */
/* Checks the ASN1 syntax of "a"
* returns WOLFSSL_SUCCESS (1) if correct otherwise WOLFSSL_FAILURE (0) */
int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
@@ -27103,6 +27154,8 @@ WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_
}
#endif /* !NO_WOLFSSL_STUB */
#ifndef NO_BIO
/* Return the month as a string.
*
* n The number of the month as a two characters (1 based).
@@ -27149,6 +27202,7 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
return 0;
}
#endif /* !NO_BIO */
void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time)
{
@@ -31768,6 +31822,7 @@ static int wolfSSL_RSA_To_Der(WOLFSSL_RSA* rsa, byte** outBuf, int publicKey)
#endif
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
#ifndef NO_BIO
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && !defined(NO_RSA)
/* Takes a WOLFSSL_RSA key and writes it out to a WOLFSSL_BIO
@@ -32052,6 +32107,7 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
#endif /* defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) */
#if (defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)) && \
@@ -34599,6 +34655,8 @@ int wolfSSL_PEM_write_EC_PUBKEY(XFILE fp, WOLFSSL_EC_KEY *x)
}
#endif
#ifndef NO_BIO
/* Uses the same format of input as wolfSSL_PEM_read_bio_PrivateKey but expects
* the results to be an EC key.
*
@@ -34667,9 +34725,11 @@ WOLFSSL_EC_KEY* wolfSSL_PEM_read_bio_ECPrivateKey(WOLFSSL_BIO* bio,
wolfSSL_EVP_PKEY_free(pkey);
return local;
}
#endif /* !NO_BIO */
#endif /* NO_FILESYSTEM */
#if defined(WOLFSSL_KEY_GEN)
#ifndef NO_BIO
/* Takes a public WOLFSSL_EC_KEY and writes it out to WOLFSSL_BIO
* Returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE
*/
@@ -34808,6 +34868,8 @@ int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
return ret;
}
#endif /* !NO_BIO */
/* return code compliant with OpenSSL :
* 1 if success, 0 if error
*/
@@ -34978,6 +35040,7 @@ int wolfSSL_PEM_write_ECPrivateKey(XFILE fp, WOLFSSL_EC_KEY *ecc,
#ifndef NO_DSA
#if defined(WOLFSSL_KEY_GEN)
#ifndef NO_BIO
/* Takes a DSA Privatekey and writes it out to a WOLFSSL_BIO
* Returns WOLFSSL_SUCCESS or WOLFSSL_FAILURE
@@ -35117,6 +35180,7 @@ int wolfSSL_PEM_write_bio_DSA_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa)
return ret;
}
#endif /* HAVE_SELFTEST */
#endif /* !NO_BIO */
/* return code compliant with OpenSSL :
* 1 if success, 0 if error
@@ -35301,6 +35365,8 @@ int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x)
#endif /* #ifndef NO_DSA */
#ifndef NO_BIO
static int pem_read_bio_key(WOLFSSL_BIO* bio, pem_password_cb* cb, void* pass,
int keyType, int* eccFlag, DerBuffer** der)
{
@@ -35655,6 +35721,8 @@ WOLFSSL_EC_GROUP* wolfSSL_PEM_read_bio_ECPKParameters(WOLFSSL_BIO* bio,
}
#endif /* HAVE_ECC */
#endif /* !NO_BIO */
#if !defined(NO_FILESYSTEM)
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x,
pem_password_cb *cb, void *u)
@@ -35672,6 +35740,7 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, EVP_PKEY **x,
#ifndef NO_RSA
#ifndef NO_BIO
#if defined(XSNPRINTF) && !defined(HAVE_FAST_RSA)
/* snprintf() must be available */
@@ -35844,6 +35913,7 @@ int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset)
}
#endif /* XSNPRINTF */
#endif /* !NO_BIO */
#if !defined(NO_FILESYSTEM)
#ifndef NO_WOLFSSL_STUB
@@ -37970,6 +38040,8 @@ cleanup:
}
#ifndef NO_BIO
WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 **x,
pem_password_cb *cb, void *u)
{
@@ -38095,6 +38167,8 @@ err:
#endif
}
#endif /* !NO_BIO */
#if !defined(NO_FILESYSTEM)
static void* wolfSSL_PEM_read_X509_ex(XFILE fp, void **x,
pem_password_cb *cb, void *u, int type)
@@ -38198,6 +38272,7 @@ err:
}
#endif
#ifndef NO_BIO
int wolfSSL_PEM_write_X509(XFILE fp, WOLFSSL_X509* x)
{
int ret;
@@ -38222,6 +38297,7 @@ err:
return ret;
}
#endif /* !NO_BIO */
#endif /* !NO_FILESYSTEM */
#define PEM_BEGIN "-----BEGIN "
@@ -38234,6 +38310,8 @@ err:
#define PEM_HDR_FIN_EOL_NULL_TERM "-----\0"
#define PEM_HDR_FIN_EOL_SZ 6
#ifndef NO_BIO
int wolfSSL_PEM_read_bio(WOLFSSL_BIO* bio, char **name, char **header,
unsigned char **data, long *len)
{
@@ -38520,6 +38598,7 @@ err:
return ret;
}
#endif
#endif /* !NO_BIO */
int wolfSSL_PEM_get_EVP_CIPHER_INFO(char* header, EncryptedInfo* cipher)
{
@@ -38561,6 +38640,7 @@ err:
return ret;
}
#ifndef NO_BIO
/*
* bp : bio to read X509 from
* x : x509 to write to
@@ -38579,10 +38659,13 @@ err:
* root CA. */
return wolfSSL_PEM_read_bio_X509(bp, x, cb, u);
}
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
#ifdef OPENSSL_ALL
#ifndef NO_BIO
/* create and return a new WOLFSSL_X509_PKEY structure or NULL on failure */
static WOLFSSL_X509_PKEY* wolfSSL_X509_PKEY_new(void* heap)
{
@@ -38613,6 +38696,7 @@ err:
}
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
/* free up all memory used by "xPkey" passed in */
@@ -38625,6 +38709,8 @@ err:
}
#ifndef NO_BIO
/* Takes control of x509 on success
* helper function to break out code needed to set WOLFSSL_X509_INFO up
* free's "info" passed in if is not defaults
@@ -38717,6 +38803,7 @@ err:
WOLFSSL_LEAVE("wolfSSL_PEM_X509_INFO_read_bio", ret);
return localSk;
}
#endif /* !NO_BIO */
#endif /* OPENSSL_ALL */
void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne)
@@ -39535,6 +39622,7 @@ err:
return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
}
#ifndef NO_BIO
int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name) {
#ifndef NO_FILESYSTEM
XFILE fp;
@@ -39563,6 +39651,7 @@ err:
return WOLFSSL_NOT_IMPLEMENTED;
#endif
}
#endif
/* Return the corresponding short name for the nid <n>.
* or NULL if short name can't be found.
@@ -39897,16 +39986,6 @@ err:
return WOLFSSL_SUCCESS;
}
WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
WOLF_STACK_OF(WOLFSSL_X509_NAME) *sk)
{
(void) sk;
WOLFSSL_ENTER("wolfSSL_dup_CA_list");
WOLFSSL_STUB("SSL_dup_CA_list");
return NULL;
}
#endif
/* wolfSSL uses negative values for error states. This function returns an
@@ -39962,7 +40041,8 @@ int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey)
#endif /* OPENSSL_EXTRA */
#if (defined(OPENSSL_EXTRA) && defined(HAVE_EX_DATA)) || defined(FORTRESS) || \
#if ((defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && defined(HAVE_EX_DATA)) || \
defined(FORTRESS) || \
defined(WOLFSSL_WPAS_SMALL)
void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int idx)
{
@@ -40031,9 +40111,9 @@ int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX* ctx, int idx, void* data)
return WOLFSSL_FAILURE;
}
#endif /* (OPENSSL_EXTRA && HAVE_EX_DATA) || FORTRESS || WOLFSSL_WPAS_SMALL */
#endif /* ((OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL) && HAVE_EX_DATA) || FORTRESS || WOLFSSL_WPAS_SMALL */
#ifdef OPENSSL_EXTRA
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Returns char* to app data stored in ex[0].
*
@@ -40061,9 +40141,10 @@ int wolfSSL_set_app_data(WOLFSSL *ssl, void* arg) {
return wolfSSL_set_ex_data(ssl, 0, arg);
}
#endif /* OPENSSL_EXTRA */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(WOLFSSL_WPAS_SMALL)
int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data)
{
@@ -40097,11 +40178,12 @@ void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx)
return 0;
}
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */
#ifdef OPENSSL_EXTRA
#ifndef NO_DSA
#ifndef NO_BIO
WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x,
pem_password_cb *cb, void *u)
{
@@ -40196,6 +40278,7 @@ WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp, WOLFSSL_DSA **x,
FreeDer(&pDer);
return dsa;
}
#endif /* !NO_BIO */
#endif /* NO_DSA */
#endif /* OPENSSL_EXTRA */
#endif /* WOLFCRYPT_ONLY */
@@ -40277,6 +40360,7 @@ void wolfSSL_BUF_MEM_free(WOLFSSL_BUF_MEM* buf)
#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \
|| defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA)
#ifndef NO_BIO
WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode)
{
#ifndef NO_FILESYSTEM
@@ -40331,9 +40415,11 @@ WOLFSSL_BIO* wolfSSL_BIO_new_fp(XFILE fp, int close_flag)
return bio;
}
#endif
#endif /* !NO_BIO */
#ifndef NO_DH
#ifndef NO_BIO
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bio, WOLFSSL_DH **x,
pem_password_cb *cb, void *u)
@@ -40465,6 +40551,7 @@ end:
#endif
}
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_BIO */
#ifndef NO_FILESYSTEM
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)
@@ -40821,6 +40908,8 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh)
#endif /* !NO_FILESYSTEM */
#endif /* !NO_DH */
#ifndef NO_BIO
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
@@ -40966,6 +41055,8 @@ int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bio, WOLFSSL_X509 *cert)
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
/* Initialize ctx->dh with dh's params. Return WOLFSSL_SUCCESS on ok */
@@ -41222,6 +41313,8 @@ VerifyCallback wolfSSL_get_verify_callback(WOLFSSL* ssl)
return NULL;
}
#ifndef NO_BIO
/* Creates a new bio pair.
Returns WOLFSSL_SUCCESS if no error, WOLFSSL_FAILURE otherwise.*/
int wolfSSL_BIO_new_bio_pair(WOLFSSL_BIO **bio1_p, size_t writebuf1,
@@ -41372,6 +41465,8 @@ WOLFSSL_RSA* wolfSSL_d2i_RSAPrivateKey_bio(WOLFSSL_BIO *bio, WOLFSSL_RSA **out)
}
#endif
#endif /* !NO_BIO */
/* Adds the ASN1 certificate to the user ctx.
Returns WOLFSSL_SUCCESS if no error, returns WOLFSSL_FAILURE otherwise.*/
@@ -41432,6 +41527,7 @@ int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa)
#endif /* NO_RSA && !HAVE_FAST_RSA */
#ifndef NO_BIO
/* Converts EVP_PKEY data from a bio buffer to a WOLFSSL_EVP_PKEY structure.
Returns pointer to private EVP_PKEY struct upon success, NULL if there
is a failure.*/
@@ -41511,6 +41607,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_bio(WOLFSSL_BIO* bio,
XFREE(mem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return key;
}
#endif /* !NO_BIO */
/* Converts a DER encoded private key to a WOLFSSL_EVP_PKEY structure.
@@ -42038,6 +42135,38 @@ WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_sk_X509_NAME_new(wolf_sk_compare_cb cb
return sk;
}
/* Creates a duplicate of WOLF_STACK_OF(WOLFSSL_X509_NAME).
* Returns a new WOLF_STACK_OF(WOLFSSL_X509_NAME) or NULL on failure */
WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk)
{
int i;
const int num = wolfSSL_sk_X509_NAME_num(sk);
WOLF_STACK_OF(WOLFSSL_X509_NAME) *copy;
WOLFSSL_X509_NAME *name;
WOLFSSL_ENTER("wolfSSL_dup_CA_list");
copy = wolfSSL_sk_X509_NAME_new(NULL);
if (copy == NULL) {
WOLFSSL_MSG("Memory error");
return NULL;
}
for (i = 0; i < num; i++) {
name = wolfSSL_X509_NAME_dup(wolfSSL_sk_X509_NAME_value(sk, i));
if (name == NULL || 0 != wolfSSL_sk_X509_NAME_push(copy, name)) {
WOLFSSL_MSG("Memory error");
wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free);
return NULL;
}
}
return copy;
}
int wolfSSL_sk_X509_NAME_push(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk,
WOLFSSL_X509_NAME* name)
{
@@ -42234,6 +42363,8 @@ void wolfSSL_sk_X509_NAME_free(WOLF_STACK_OF(WOLFSSL_X509_NAME)* sk)
XFREE(sk, sk->heap, DYNAMIC_TYPE_OPENSSL);
}
#ifndef NO_BIO
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
/* Helper function for X509_NAME_print_ex. Sets *buf to string for domain
name attribute based on NID. Returns size of buf */
@@ -42358,6 +42489,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
#ifndef NO_WOLFSSL_STUB
WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(const WOLFSSL_X509* x)
@@ -42493,10 +42625,12 @@ int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg)
return WOLFSSL_FAILURE;
}
#ifndef NO_BIO
void wolfSSL_ERR_load_BIO_strings(void) {
WOLFSSL_ENTER("ERR_load_BIO_strings");
/* do nothing */
}
#endif
#ifndef NO_WOLFSSL_STUB
void wolfSSL_THREADID_set_callback(void(*threadid_func)(void*))
@@ -42628,6 +42762,8 @@ const byte* wolfSSL_SESSION_get_id(WOLFSSL_SESSION* sess, unsigned int* idLen)
#if (defined(HAVE_SESSION_TICKET) || defined(SESSION_CERTS)) && \
!defined(NO_FILESYSTEM)
#ifndef NO_BIO
#if defined(SESSION_CERTS) || \
(defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET))
/* returns a pointer to the protocol used by the session */
@@ -42805,6 +42941,8 @@ int wolfSSL_SESSION_print(WOLFSSL_BIO *bp, const WOLFSSL_SESSION *x)
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
#endif /* (HAVE_SESSION_TICKET || SESSION_CERTS) && !NO_FILESYSTEM */
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
@@ -43733,7 +43871,8 @@ int wolfSSL_X509_get_ex_new_index(int idx, void *arg, void *a, void *b, void *c)
}
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(WOLFSSL_WPAS_SMALL)
#if defined(HAVE_EX_DATA) || defined(FORTRESS)
void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx)
{
@@ -43795,7 +43934,7 @@ int wolfSSL_X509_set_ex_data(X509 *x509, int idx, void *data)
#endif
return WOLFSSL_FAILURE;
}
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */
#ifndef NO_ASN
@@ -44056,6 +44195,7 @@ WOLFSSL_SESSION *wolfSSL_SSL_get0_session(const WOLFSSL *ssl)
#endif /* NO_SESSION_CACHE */
#ifndef NO_BIO
int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
{
static char num[16] = { '0', '1', '2', '3', '4', '5', '6', '7',
@@ -44113,6 +44253,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
/* Two nibbles written for each byte. */
return len * 2;
}
#endif /* !NO_BIO */
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
@@ -44559,7 +44700,8 @@ WOLFSSL_X509* wolfSSL_X509_dup(WOLFSSL_X509 *x)
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
#ifdef HAVE_ALPN
void wolfSSL_get0_alpn_selected(const WOLFSSL *ssl, const unsigned char **data,
unsigned int *len)
@@ -44843,6 +44985,7 @@ int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p,
#ifdef HAVE_ALPN
#ifndef NO_BIO
/* Sets the ALPN extension protos
*
* example format is
@@ -44900,13 +45043,16 @@ int wolfSSL_set_alpn_protos(WOLFSSL* ssl,
wolfSSL_BIO_free(bio);
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
#endif /* HAVE_ALPN */
#endif
#if defined(OPENSSL_EXTRA)
#ifndef NO_BIO
#define WOLFSSL_BIO_INCLUDED
#include "src/bio.c"
#endif
int oid2nid(word32 oid, int grp)
{
@@ -46858,6 +47004,7 @@ WOLFSSL_BIGNUM *wolfSSL_BN_mod_inverse(WOLFSSL_BIGNUM *r,
}
#endif /* OPENSSL_EXTRA */
#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_ASN)
#ifndef NO_BIO
static int unprintable_char(char c)
{
const unsigned char last_unprintable = 31;
@@ -46890,6 +47037,7 @@ int wolfSSL_ASN1_STRING_print(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str)
return str->length;
}
#endif /* !NO_BIO */
#endif /* (WOLFSSL_QT || OPENSSL_ALL) && !NO_ASN */
#if defined(OPENSSL_EXTRA)
@@ -46927,6 +47075,7 @@ const char *wolfSSL_ASN1_tag2str(int tag)
return tag_label[tag];
}
#ifndef NO_BIO
static int check_esc_char(char c, char *esc)
{
char *ptr;
@@ -47057,6 +47206,7 @@ err_exit:
XFREE(typebuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
#endif /* !NO_BIO */
#if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
@@ -47831,6 +47981,8 @@ PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len)
return (PKCS7*)pkcs7;
}
#ifndef NO_BIO
PKCS7* wolfSSL_d2i_PKCS7_bio(WOLFSSL_BIO* bio, PKCS7** p7)
{
WOLFSSL_PKCS7* pkcs7;
@@ -47901,6 +48053,8 @@ int wolfSSL_PKCS7_verify(PKCS7* pkcs7, WOLFSSL_STACK* certs,
return WOLFSSL_SUCCESS;
}
#endif /* !NO_BIO */
WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* pkcs7, WOLFSSL_STACK* certs,
int flags)
{
@@ -47940,6 +48094,7 @@ WOLFSSL_STACK* wolfSSL_PKCS7_get0_signers(PKCS7* pkcs7, WOLFSSL_STACK* certs,
return signers;
}
#ifndef NO_BIO
/******************************************************************************
* wolfSSL_PEM_write_bio_PKCS7 - writes the PKCS7 data to BIO
*
@@ -48062,6 +48217,7 @@ error:
}
return WOLFSSL_FAILURE;
}
#endif /* !NO_BIO */
#endif /* OPENSSL_ALL && HAVE_PKCS7 */
#if defined(OPENSSL_EXTRA)
@@ -48079,6 +48235,7 @@ WOLFSSL_STACK* wolfSSL_sk_X509_new(void)
#endif
#ifdef OPENSSL_ALL
#ifndef NO_BIO
int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY* pkey,
const WOLFSSL_EVP_CIPHER* enc,
@@ -48333,6 +48490,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PKCS8PrivateKey_bio(WOLFSSL_BIO* bio,
return key;
}
#endif /* !NO_BIO */
/* Detect which type of key it is before decoding. */
WOLFSSL_EVP_PKEY* wolfSSL_d2i_AutoPrivateKey(WOLFSSL_EVP_PKEY** pkey,
const unsigned char** pp,

4
src/wolfio.c
View File

@@ -107,6 +107,7 @@ static WC_INLINE int wolfSSL_LastError(int err)
#ifdef OPENSSL_EXTRA
#ifndef NO_BIO
/* Use the WOLFSSL read BIO for receiving data. This is set by the function
* wolfSSL_set_bio and can also be set by wolfSSL_CTX_SetIORecv.
*
@@ -208,7 +209,8 @@ int BioSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
return sent;
}
#endif
#endif /* !NO_BIO */
#endif /* OPENSSL_EXTRA */
#ifdef USE_WOLFSSL_IO

139
tests/api.c
View File

@@ -2093,6 +2093,7 @@ static void test_wolfSSL_EC(void)
}
#endif /* OPENSSL_EXTRA && ( !HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
#ifndef NO_BIO
static void test_wolfSSL_PEM_read_bio_ECPKParameters(void)
{
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
@@ -2107,6 +2108,7 @@ static void test_wolfSSL_PEM_read_bio_ECPKParameters(void)
BIO_free(bio);
#endif /* HAVE_ECC */
}
#endif /* !NO_BIO */
# if defined(OPENSSL_EXTRA)
static void test_wolfSSL_ECDSA_SIG(void)
@@ -4767,7 +4769,9 @@ static void test_wolfSSL_X509_NAME_get_entry(void)
int idx;
ASN1_OBJECT *object = NULL;
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
#ifndef NO_BIO
BIO* bio;
#endif
#endif
#ifndef NO_FILESYSTEM
@@ -4792,10 +4796,12 @@ static void test_wolfSSL_X509_NAME_get_entry(void)
AssertIntGE(idx, 0);
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
#ifndef NO_BIO
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertIntEQ(X509_NAME_print_ex(bio, name, 4,
(XN_FLAG_RFC2253 & ~XN_FLAG_DN_REV)), WOLFSSL_SUCCESS);
BIO_free(bio);
#endif
#endif
ne = X509_NAME_get_entry(name, idx);
@@ -24806,6 +24812,7 @@ static void test_wolfSSL_X509_NAME(void)
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
}
#ifndef NO_BIO
static void test_wolfSSL_X509_INFO(void)
{
#if defined(OPENSSL_ALL)
@@ -24834,6 +24841,7 @@ static void test_wolfSSL_X509_INFO(void)
printf(resultFmt, passed);
#endif
}
#endif
static void test_wolfSSL_X509_subject_name_hash(void)
{
@@ -25388,7 +25396,7 @@ static void test_wolfSSL_ASN1_TIME_print(void)
static void test_wolfSSL_ASN1_UTCTIME_print(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
BIO* bio;
ASN1_UTCTIME* utc = NULL;
unsigned char buf[25];
@@ -25429,7 +25437,7 @@ static void test_wolfSSL_ASN1_UTCTIME_print(void)
BIO_free(bio);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME */
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */
}
@@ -25654,10 +25662,14 @@ static void test_wolfSSL_PEM_PrivateKey(void)
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048)
#ifndef NO_BIO
BIO* bio = NULL;
#endif
EVP_PKEY* pkey = NULL;
const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
#ifndef NO_BIO
/* test creating new EVP_PKEY with bad arg */
AssertNull((pkey = PEM_read_bio_PrivateKey(NULL, NULL, NULL, NULL)));
@@ -25830,6 +25842,8 @@ static void test_wolfSSL_PEM_PrivateKey(void)
}
#endif /* !defined(NO_DES3) */
#endif /* !NO_BIO */
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
{
unsigned char buf[2048];
@@ -25871,13 +25885,16 @@ static void test_wolfSSL_PEM_PrivateKey(void)
printf(resultFmt, passed);
#ifndef NO_BIO
(void)bio;
#endif
(void)pkey;
(void)server_key;
#endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 */
}
#ifndef NO_BIO
static void test_wolfSSL_PEM_bio_RSAKey(void)
{
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
@@ -26110,6 +26127,8 @@ static void test_wolfSSL_PEM_PUBKEY(void)
#endif
}
#endif /* !NO_BIO */
static void test_DSA_do_sign_verify(void)
{
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
@@ -26164,7 +26183,7 @@ static void test_DSA_do_sign_verify(void)
static void test_wolfSSL_tmp_dh(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH)
!defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO)
byte buffer[6000];
char file[] = "./certs/dsaparams.pem";
XFILE f;
@@ -26219,7 +26238,7 @@ static void test_wolfSSL_tmp_dh(void)
static void test_wolfSSL_ctrl(void)
{
#if defined (OPENSSL_EXTRA)
#if defined (OPENSSL_EXTRA) && !defined(NO_BIO)
byte buff[6000];
BIO* bio;
int bytes;
@@ -26241,7 +26260,7 @@ static void test_wolfSSL_ctrl(void)
BIO_free(bio);
printf(resultFmt, passed);
#endif /* defined(OPENSSL_EXTRA) */
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_BIO) */
}
@@ -27244,7 +27263,7 @@ static void test_wolfSSL_X509_STORE_CTX_get0_store(void)
static void test_wolfSSL_CTX_set_client_CA_list(void)
{
#if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CLIENT)
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO)
WOLFSSL_CTX* ctx;
X509_NAME* name = NULL;
STACK_OF(X509_NAME)* names = NULL;
@@ -27266,7 +27285,7 @@ static void test_wolfSSL_CTX_set_client_CA_list(void)
wolfSSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT && !NO_BIO */
}
static void test_wolfSSL_CTX_add_client_CA(void)
@@ -28173,6 +28192,8 @@ static void test_wolfSSL_set_tlsext_status_type(void){
#endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST && !NO_RSA */
}
#ifndef NO_BIO
static void test_wolfSSL_PEM_read_bio(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@@ -28447,6 +28468,8 @@ static void test_wolfSSL_BIO(void)
#endif
}
#endif /* !NO_BIO */
static void test_wolfSSL_ASN1_STRING(void)
{
@@ -28667,9 +28690,11 @@ static void test_wolfSSL_X509(void)
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM)\
&& !defined(NO_RSA)
X509* x509;
#ifndef NO_BIO
BIO* bio;
X509_STORE_CTX* ctx;
X509_STORE* store;
#endif
char der[] = "certs/ca-cert.der";
XFILE fp;
@@ -28679,6 +28704,7 @@ static void test_wolfSSL_X509(void)
AssertNotNull(x509 = X509_new());
X509_free(x509);
#ifndef NO_BIO
x509 = wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM);
AssertNotNull(bio = BIO_new(BIO_s_mem()));
@@ -28699,6 +28725,7 @@ static void test_wolfSSL_X509(void)
X509_STORE_free(store);
X509_free(x509);
BIO_free(bio);
#endif
/** d2i_X509_fp test **/
fp = XFOPEN(der, "rb");
@@ -29156,6 +29183,7 @@ static void test_wolfSSL_pseudo_rand(void)
static void test_wolfSSL_PKCS8_Compat(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
#ifndef NO_BIO
PKCS8_PRIV_KEY_INFO* pt;
BIO* bio;
XFILE f;
@@ -29176,6 +29204,7 @@ static void test_wolfSSL_PKCS8_Compat(void)
printf(resultFmt, passed);
#endif
#endif
}
static void test_wolfSSL_PKCS8_d2i(void)
@@ -29191,8 +29220,10 @@ static void test_wolfSSL_PKCS8_d2i(void)
const unsigned char* p;
int bytes;
XFILE file;
#ifndef NO_BIO
BIO* bio;
WOLFSSL_EVP_PKEY* evpPkey = NULL;
#endif
#endif
#ifndef NO_RSA
#ifndef NO_FILESYSTEM
@@ -29227,7 +29258,9 @@ static void test_wolfSSL_PKCS8_d2i(void)
(void)p;
(void)bytes;
(void)file;
#ifndef NO_BIO
(void)bio;
#endif
#endif
#ifndef NO_RSA
@@ -29257,6 +29290,7 @@ static void test_wolfSSL_PKCS8_d2i(void)
AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
XFCLOSE(file);
#ifndef NO_BIO
AssertNotNull(bio = BIO_new(BIO_s_mem()));
/* Write PKCS#8 PEM to BIO. */
AssertIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
@@ -29276,6 +29310,7 @@ static void test_wolfSSL_PKCS8_d2i(void)
wolfSSL_EVP_PKEY_free(evpPkey);
BIO_free(bio);
#endif
#endif /* !NO_BIO */
wolfSSL_EVP_PKEY_free(pkey);
/* PKCS#8 encrypted RSA key */
@@ -29285,11 +29320,13 @@ static void test_wolfSSL_PKCS8_d2i(void)
AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
XFCLOSE(file);
#ifndef NO_BIO
AssertNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes));
AssertNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack,
(void*)"yassl123"));
wolfSSL_EVP_PKEY_free(pkey);
BIO_free(bio);
#endif
#endif
#endif
#ifdef HAVE_ECC
@@ -29308,6 +29345,7 @@ static void test_wolfSSL_PKCS8_d2i(void)
AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
XFCLOSE(file);
#ifndef NO_BIO
AssertNotNull(bio = BIO_new(BIO_s_mem()));
/* Write PKCS#8 PEM to BIO. */
AssertIntEQ(PEM_write_bio_PKCS8PrivateKey(bio, pkey, NULL, NULL, 0, NULL,
@@ -29325,6 +29363,7 @@ static void test_wolfSSL_PKCS8_d2i(void)
(void*)"yassl123"));
wolfSSL_EVP_PKEY_free(evpPkey);
BIO_free(bio);
#endif
wolfSSL_EVP_PKEY_free(pkey);
/* PKCS#8 encrypted EC key */
@@ -29334,11 +29373,13 @@ static void test_wolfSSL_PKCS8_d2i(void)
AssertIntGT((bytes = (int)XFREAD(pkcs8_buffer, 1, sizeof(pkcs8_buffer),
file)), 0);
XFCLOSE(file);
#ifndef NO_BIO
AssertNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes));
AssertNotNull(pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, PasswordCallBack,
(void*)"yassl123"));
wolfSSL_EVP_PKEY_free(pkey);
BIO_free(bio);
#endif
#endif
#endif
#endif
@@ -29413,6 +29454,8 @@ static void test_wolfSSL_ERR_put_error(void)
}
#ifndef NO_BIO
static void test_wolfSSL_ERR_print_errors(void)
{
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
@@ -29597,6 +29640,8 @@ static int test_wolfSSL_GetLoggingCb (void)
return ret;
}/*End test_wolfSSL_GetLoggingCb*/
#endif /* !NO_BIO */
#if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
@@ -29797,7 +29842,7 @@ static void test_wolfSSL_OBJ(void)
static void test_wolfSSL_i2a_ASN1_OBJECT(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
ASN1_OBJECT *obj = NULL;
BIO *bio = NULL;
@@ -29937,7 +29982,9 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
X509* x509;
#ifndef NO_BIO
BIO* bio;
#endif
X509_NAME* nm;
X509_NAME_ENTRY* entry;
unsigned char cn[] = "another name to add";
@@ -29947,20 +29994,26 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
AssertNotNull(x509 =
wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
#ifndef NO_BIO
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertIntEQ(PEM_write_bio_X509_AUX(bio, x509), SSL_SUCCESS);
#endif
#ifdef WOLFSSL_CERT_REQ
{
X509_REQ* req;
#ifndef NO_BIO
BIO* bReq;
#endif
AssertNotNull(req =
wolfSSL_X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM));
#ifndef NO_BIO
AssertNotNull(bReq = BIO_new(BIO_s_mem()));
AssertIntEQ(PEM_write_bio_X509_REQ(bReq, req), SSL_SUCCESS);
BIO_free(bReq);
#endif
X509_free(req);
}
#endif
@@ -29994,7 +30047,9 @@ static void test_wolfSSL_X509_NAME_ENTRY(void)
AssertIntEQ(X509_NAME_add_entry_by_NID(nm, NID_commonName, MBSTRING_UTF8,
cn, -1, -1, 0), WOLFSSL_SUCCESS);
#ifndef NO_BIO
BIO_free(bio);
#endif
X509_free(x509); /* free's nm */
printf(resultFmt, passed);
@@ -30169,6 +30224,8 @@ static void test_wolfSSL_X509_set_version(void)
#endif
}
#ifndef NO_BIO
static void test_wolfSSL_BIO_gets(void)
{
#if defined(OPENSSL_EXTRA)
@@ -30620,6 +30677,8 @@ static void test_wolfSSL_BIO_f_md(void)
#endif
}
#endif /* !NO_BIO */
static void test_wolfSSL_SESSION(void)
{
@@ -30790,6 +30849,8 @@ static void test_wolfSSL_SESSION(void)
}
#ifndef NO_BIO
static void test_wolfSSL_d2i_PUBKEY(void)
{
#if defined(OPENSSL_EXTRA)
@@ -30946,6 +31007,8 @@ static void test_wolfSSL_d2i_PrivateKeys_bio(void)
}
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
#endif /* !NO_BIO */
static void test_wolfSSL_sk_GENERAL_NAME(void)
{
@@ -31630,6 +31693,7 @@ static void test_wolfSSL_PEM_write_DHparams(void)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if defined(OPENSSL_EXTRA) && !defined(NO_DH) && !defined(NO_FILESYSTEM)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifndef NO_BIO
DH* dh;
BIO* bio;
XFILE fp;
@@ -31669,6 +31733,7 @@ tgZl96bcAGdru8OpQYP7x/rI4h5+rwA/kwIBAg==\n\
XFCLOSE(fp);
printf(resultFmt, passed);
#endif /* !NO_BIO */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL || OPENSSL_QT */
#endif
@@ -31848,6 +31913,7 @@ static void test_wolfSSL_OpenSSL_add_all_algorithms(void){
static void test_wolfSSL_ASN1_STRING_print_ex(void){
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
#ifndef NO_BIO
ASN1_STRING* asn_str;
const char data[] = "Hello wolfSSL!";
ASN1_STRING* esc_str;
@@ -31922,6 +31988,7 @@ static void test_wolfSSL_ASN1_STRING_print_ex(void){
ASN1_STRING_free(esc_str);
printf(resultFmt, passed);
#endif /* !NO_BIO */
#endif
}
@@ -33013,7 +33080,7 @@ static void test_wolfSSL_CTX_ctrl(void)
char clientFile[] = "./certs/client-cert.pem";
SSL_CTX* ctx;
X509* x509 = NULL;
#if !defined(NO_DH) && !defined(NO_DSA)
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
byte buf[6000];
char file[] = "./certs/dsaparams.pem";
XFILE f;
@@ -33036,7 +33103,7 @@ static void test_wolfSSL_CTX_ctrl(void)
x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM);
AssertNotNull(x509);
#if !defined(NO_DH) && !defined(NO_DSA)
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
/* Initialize DH */
f = XFOPEN(file, "rb");
AssertTrue((f != XBADFILE));
@@ -33121,7 +33188,7 @@ static void test_wolfSSL_CTX_ctrl(void)
/* Test with SSL_CTRL_SET_TMP_DH
* wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_dh
*/
#if !defined(NO_DH) && !defined(NO_DSA)
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,dh),
SSL_SUCCESS);
#endif
@@ -33141,10 +33208,12 @@ static void test_wolfSSL_CTX_ctrl(void)
/* Cleanup and Pass */
#if !defined(NO_DH) && !defined(NO_DSA)
#ifndef NO_BIO
BIO_free(bio);
DSA_free(dsa);
DH_free(dh);
#endif
#endif
#ifdef HAVE_ECC
wolfSSL_EC_KEY_free(ecKey);
#endif
@@ -33157,6 +33226,7 @@ static void test_wolfSSL_CTX_ctrl(void)
static void test_wolfSSL_DH_check(void)
{
#if !defined(NO_DH) && !defined(NO_DSA)
#ifndef NO_BIO
byte buf[6000];
char file[] = "./certs/dsaparams.pem";
XFILE f;
@@ -33218,6 +33288,7 @@ static void test_wolfSSL_DH_check(void)
DSA_free(dsa);
DH_free(dh);
printf(resultFmt, passed);
#endif
#endif /* !NO_DH && !NO_DSA */
}
@@ -33673,7 +33744,7 @@ static void test_wolfSSL_X509_EXTENSION_get_critical(void)
static void test_wolfSSL_X509V3_EXT_print(void)
{
#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL)
#if !defined(NO_FILESYSTEM) && defined (OPENSSL_ALL) && !defined(NO_BIO)
printf(testingFmt, "wolfSSL_X509V3_EXT_print");
{
@@ -34956,6 +35027,7 @@ static void test_wolfSSL_PKCS7_SIGNED_new(void)
#endif
}
#ifndef NO_BIO
static void test_wolfSSL_PEM_write_bio_PKCS7(void)
{
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
@@ -35053,6 +35125,7 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void)
pkcs7->signedAttribs = NULL;
pkcs7->signedAttribsSz = 0;
#ifndef NO_BIO
AssertNotNull(bio = BIO_new(BIO_s_mem()));
/* Write PKCS#7 PEM to BIO, the function converts the DER to PEM cert*/
AssertIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS);
@@ -35062,6 +35135,7 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void)
AssertIntGE(ret, 0);
BIO_free(bio);
#endif
wc_PKCS7_Free(pkcs7);
wc_FreeRng(&rng);
@@ -35069,6 +35143,7 @@ static void test_wolfSSL_PEM_write_bio_PKCS7(void)
#endif
}
#endif /* !NO_BIO */
/*----------------------------------------------------------------------------*
| Certificate Failure Checks
@@ -36217,7 +36292,9 @@ static void test_wolfSSL_X509_CRL(void)
"./certs/crl/eccSrvCRL.pem",
""
};
#ifndef NO_BIO
BIO *bio;
#endif
#ifdef HAVE_TEST_d2i_X509_CRL_fp
char der[][100] = {
@@ -36247,6 +36324,7 @@ static void test_wolfSSL_X509_CRL(void)
XFCLOSE(fp);
}
#ifndef NO_BIO
for (i = 0; pem[i][0] != '\0'; i++)
{
AssertNotNull(bio = BIO_new_file(pem[i], "r"));
@@ -36254,6 +36332,7 @@ static void test_wolfSSL_X509_CRL(void)
X509_CRL_free(crl);
BIO_free(bio);
}
#endif
#ifdef HAVE_TEST_d2i_X509_CRL_fp
for(i = 0; der[i][0] != '\0'; i++){
@@ -36297,7 +36376,7 @@ static void test_wolfSSL_PEM_read_X509(void)
static void test_wolfSSL_PEM_read(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO)
const char* filename = "./certs/server-keyEnc.pem";
XFILE fp;
char* name = NULL;
@@ -36605,6 +36684,7 @@ static void test_wolfssl_EVP_aes_gcm(void)
#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */
}
#ifndef NO_BIO
static void test_wolfSSL_PEM_X509_INFO_read_bio(void)
{
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM)
@@ -36647,6 +36727,7 @@ static void test_wolfSSL_PEM_X509_INFO_read_bio(void)
printf(resultFmt, passed);
#endif
}
#endif /* !NO_BIO */
static void test_wolfSSL_X509_NAME_ENTRY_get_object()
{
@@ -36964,6 +37045,8 @@ static int test_ForceZero(void)
return 0;
}
#ifndef NO_BIO
static void test_wolfSSL_X509_print()
{
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
@@ -37001,7 +37084,7 @@ static void test_wolfSSL_RSA_print()
{
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA)
!defined(HAVE_FAST_RSA) && !defined(NO_BIO)
BIO *bio;
WOLFSSL_RSA* rsa = NULL;
printf(testingFmt, "wolfSSL_RSA_print");
@@ -37019,7 +37102,7 @@ static void test_wolfSSL_RSA_print()
static void test_wolfSSL_BIO_get_len()
{
#if defined(OPENSSL_EXTRA)
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
BIO *bio;
const char txt[] = "Some example text to push to the BIO.";
printf(testingFmt, "wolfSSL_BIO_get_len");
@@ -37090,10 +37173,13 @@ static void test_wolfSSL_ASN1_STRING_print(void){
#endif /* OPENSSL_EXTRA && !NO_ASN && !NO_CERTS */
}
#endif /* !NO_BIO */
static void test_wolfSSL_RSA_verify()
{
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && \
!defined(NO_FILESYSTEM) && defined(HAVE_CRL)
#ifndef NO_BIO
XFILE fp;
RSA *pKey, *pubKey;
X509 *cert;
@@ -37154,6 +37240,7 @@ static void test_wolfSSL_RSA_verify()
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
printf(resultFmt, passed);
#endif
#endif
}
@@ -37761,7 +37848,9 @@ void ApiTest(void)
/* compatibility tests */
test_wolfSSL_X509_NAME();
#ifndef NO_BIO
test_wolfSSL_X509_INFO();
#endif
test_wolfSSL_X509_subject_name_hash();
test_wolfSSL_X509_issuer_name_hash();
test_wolfSSL_X509_check_host();
@@ -37772,11 +37861,13 @@ void ApiTest(void)
test_wolfSSL_ASN1_GENERALIZEDTIME_free();
test_wolfSSL_private_keys();
test_wolfSSL_PEM_PrivateKey();
#ifndef NO_BIO
test_wolfSSL_PEM_bio_RSAKey();
test_wolfSSL_PEM_bio_DSAKey();
test_wolfSSL_PEM_bio_ECKey();
test_wolfSSL_PEM_RSAPrivateKey();
test_wolfSSL_PEM_PUBKEY();
#endif
test_DSA_do_sign_verify();
test_wolfSSL_tmp_dh();
test_wolfSSL_ctrl();
@@ -37790,11 +37881,13 @@ void ApiTest(void)
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
test_wolfSSL_ERR_peek_last_error_line();
#endif
#ifndef NO_BIO
test_wolfSSL_ERR_print_errors_cb();
AssertFalse(test_wolfSSL_GetLoggingCb());
AssertFalse(test_WOLFSSL_ERROR_MSG());
AssertFalse(test_wc_ERR_remove_state());
AssertFalse(test_wc_ERR_print_errors_fp());
#endif
test_wolfSSL_set_options();
test_wolfSSL_sk_SSL_CIPHER();
test_wolfSSL_X509_STORE_CTX();
@@ -37813,8 +37906,10 @@ void ApiTest(void)
test_wolfSSL_X509_STORE();
test_wolfSSL_X509_STORE_load_locations();
test_wolfSSL_BN();
#ifndef NO_BIO
test_wolfSSL_PEM_read_bio();
test_wolfSSL_BIO();
#endif
test_wolfSSL_ASN1_STRING();
test_wolfSSL_ASN1_BIT_STRING();
test_wolfSSL_X509();
@@ -37838,7 +37933,9 @@ void ApiTest(void)
test_wolfSSL_PKCS8_Compat();
test_wolfSSL_PKCS8_d2i();
test_wolfSSL_ERR_put_error();
#ifndef NO_BIO
test_wolfSSL_ERR_print_errors();
#endif
test_wolfSSL_HMAC();
test_wolfSSL_OBJ();
test_wolfSSL_i2a_ASN1_OBJECT();
@@ -37850,6 +37947,7 @@ void ApiTest(void)
test_wolfSSL_X509_set_notAfter();
test_wolfSSL_X509_set_notBefore();
test_wolfSSL_X509_set_version();
#ifndef NO_BIO
test_wolfSSL_BIO_gets();
test_wolfSSL_BIO_puts();
test_wolfSSL_BIO_should_retry();
@@ -37857,6 +37955,7 @@ void ApiTest(void)
test_wolfSSL_BIO_write();
test_wolfSSL_BIO_printf();
test_wolfSSL_BIO_f_md();
#endif
test_wolfSSL_SESSION();
test_wolfSSL_DES_ecb_encrypt();
test_wolfSSL_sk_GENERAL_NAME();
@@ -37877,8 +37976,10 @@ void ApiTest(void)
test_wolfSSL_X509_CRL();
test_wolfSSL_PEM_read_X509();
test_wolfSSL_PEM_read();
#ifndef NO_BIO
test_wolfSSL_PEM_X509_INFO_read_bio();
test_wolfSSL_PEM_read_bio_ECPKParameters();
#endif
test_wolfSSL_X509_NAME_ENTRY_get_object();
test_wolfSSL_OpenSSL_add_all_algorithms();
test_wolfSSL_ASN1_STRING_print_ex();
@@ -37920,13 +38021,17 @@ void ApiTest(void)
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
AssertIntEQ(test_wolfSSL_CTX_use_certificate_ASN1(), WOLFSSL_SUCCESS);
#ifndef NO_BIO
test_wolfSSL_d2i_PrivateKeys_bio();
#endif
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
test_wolfSSL_X509_CA_num();
test_wolfSSL_X509_get_version();
#ifndef NO_BIO
test_wolfSSL_X509_print();
test_wolfSSL_BIO_get_len();
#endif
test_wolfSSL_RSA_verify();
test_wolfSSL_X509V3_EXT_get();
test_wolfSSL_X509V3_EXT();
@@ -37939,8 +38044,10 @@ void ApiTest(void)
test_wolfSSL_X509_EXTENSION_get_critical();
test_wolfSSL_X509V3_EXT_print();
test_wolfSSL_X509_cmp();
#ifndef NO_BIO
test_wolfSSL_RSA_print();
test_wolfSSL_ASN1_STRING_print();
#endif
test_openssl_generate_key_and_cert();
test_wolfSSL_EC_get_builtin_curves();
@@ -37967,7 +38074,9 @@ void ApiTest(void)
/* OpenSSL PKCS7 API test */
test_wolfssl_PKCS7();
test_wolfSSL_PKCS7_SIGNED_new();
#ifndef NO_BIO
test_wolfSSL_PEM_write_bio_PKCS7();
#endif
/* wolfCrypt ASN tests */
test_wc_GetPkcs8TraditionalOffset();

8
wolfssl/internal.h
View File

@@ -1713,7 +1713,7 @@ WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz,
int ivSz);
WOLFSSL_LOCAL int HashInput(WOLFSSL* ssl, const byte* input, int sz);
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
WOLFSSL_LOCAL int SNI_Callback(WOLFSSL* ssl);
#endif
#ifdef WOLFSSL_TLS13
@@ -2648,7 +2648,7 @@ struct WOLFSSL_CTX {
DerBuffer* certificate;
DerBuffer* certChain;
/* chain after self, in DER, with leading size for each cert */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
#endif
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
@@ -2808,7 +2808,7 @@ struct WOLFSSL_CTX {
#ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data;
#endif
#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY))
#if defined(HAVE_ALPN) && (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY))
CallbackALPNSelect alpnSelect;
void* alpnSelectArg;
#endif
@@ -3633,7 +3633,7 @@ struct WOLFSSL_X509_NAME {
WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */
WOLFSSL_X509* x509; /* x509 that struct belongs to */
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
byte raw[ASN_NAME_MAX];
int rawLen;
#endif

8
wolfssl/ocsp.h
View File

@@ -38,7 +38,7 @@
typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\
defined(WOLFSSL_HAPROXY)
defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
typedef struct OcspResponse WOLFSSL_OCSP_BASICRESP;
typedef struct OcspRequest WOLFSSL_OCSP_CERTID;
@@ -62,7 +62,7 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp
OcspEntry *entry, OcspRequest *ocspRequest);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD)
defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
WOLFSSL_API int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
WOLFSSL_OCSP_CERTID *id, int *status, int *reason,
@@ -82,8 +82,10 @@ WOLFSSL_API int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags);
WOLFSSL_API void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response);
#ifndef NO_BIO
WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
OcspResponse** response);
#endif
WOLFSSL_API OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response,
const unsigned char** data, int len);
WOLFSSL_API int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response,
@@ -100,8 +102,10 @@ WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request,
WOLFSSL_API WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
WOLFSSL_OCSP_CERTID *cid);
WOLFSSL_API WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID*);
#ifndef NO_BIO
WOLFSSL_API int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
WOLFSSL_OCSP_REQUEST *req);
#endif
#endif
#ifdef OPENSSL_EXTRA

4
wolfssl/openssl/crypto.h
View File

@@ -76,7 +76,7 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SE
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_EX_DATA)
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
#define FIPS_mode wolfSSL_FIPS_mode
#define FIPS_mode_set wolfSSL_FIPS_mode_set
@@ -93,6 +93,6 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i
#define CRYPTO_THREAD_r_lock wc_LockMutex
#define CRYPTO_THREAD_unlock wc_UnLockMutex
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_EX_DATA */
#endif /* header */

18
wolfssl/ssl.h
View File

@@ -789,6 +789,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX*,
#ifndef WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS
#define WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS WOLFSSL_LOAD_FLAG_NONE
#endif
WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl);
WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);
#endif /* !NO_CERTS */
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
@@ -806,9 +810,6 @@ WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX *,
const char *file, int format);
WOLFSSL_API int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX*, const char*, int);
WOLFSSL_API long wolfSSL_get_verify_depth(WOLFSSL* ssl);
WOLFSSL_API long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
WOLFSSL_API void wolfSSL_CTX_set_verify_depth(WOLFSSL_CTX *ctx,int depth);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_certificate_file(WOLFSSL*, const char*,
int);
WOLFSSL_ABI WOLFSSL_API int wolfSSL_use_PrivateKey_file(WOLFSSL*, const char*,
@@ -2075,7 +2076,7 @@ WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk);
WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i);
#if (defined(HAVE_EX_DATA) || defined(FORTRESS)) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
(defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_WPAS_SMALL))
WOLFSSL_API void* wolfSSL_CRYPTO_get_ex_data(const WOLFSSL_CRYPTO_EX_DATA* ex_data,
int idx);
WOLFSSL_API int wolfSSL_CRYPTO_set_ex_data(WOLFSSL_CRYPTO_EX_DATA* ex_data, int idx,
@@ -2400,7 +2401,7 @@ WOLFSSL_API int wolfSSL_CTX_GetObjectSize(void);
WOLFSSL_API int wolfSSL_METHOD_GetObjectSize(void);
WOLFSSL_API int wolfSSL_GetOutputSize(WOLFSSL*, int);
WOLFSSL_API int wolfSSL_GetMaxOutputSize(WOLFSSL*);
WOLFSSL_API int wolfSSL_GetVersion(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_GetVersion(const WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
/* moved to asn.c, old names kept for backwards compatibility */
@@ -2937,7 +2938,7 @@ enum {
WOLFSSL_MAX_ALPN_NUMBER = 257
};
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
typedef int (*CallbackALPNSelect)(WOLFSSL* ssl, const unsigned char** out,
unsigned char* outLen, const unsigned char* in, unsigned int inLen,
void *arg);
@@ -3775,11 +3776,12 @@ WOLFSSL_LOCAL char* wolfSSL_get_ocsp_url(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_set_ocsp_url(WOLFSSL* ssl, char* url);
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) \
|| defined(WOLFSSL_WPAS_SMALL)
WOLFSSL_API void *wolfSSL_X509_get_ex_data(WOLFSSL_X509 *x509, int idx);
WOLFSSL_API int wolfSSL_X509_set_ex_data(WOLFSSL_X509 *x509, int idx,
void *data);
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) \
|| defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)

2
wolfssl/wolfcrypt/asn.h
View File

@@ -1262,7 +1262,7 @@ struct CertStatus {
byte nextDate[MAX_DATE_SIZE];
byte thisDateFormat;
byte nextDateFormat;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
WOLFSSL_ASN1_TIME thisDateParsed;
WOLFSSL_ASN1_TIME nextDateParsed;
byte* thisDateAsn;