wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Stunnel Base Commit

Browse Source
This commit is contained in:
Nickolas Lapp
2015-07-14 14:56:26 -06:00
parent 7fba0d25f9
commit 96cf16848c
14 changed files with 675 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
configure.ac
View File

@@ -1130,21 +1130,6 @@ fi
AM_CONDITIONAL([BUILD_SHA], [test "x$ENABLED_SHA" = "xyes"])
# MD4
AC_ARG_ENABLE([md4],
[ --enable-md4 Enable MD4 (default: disabled)],
[ ENABLED_MD4=$enableval ],
[ ENABLED_MD4=no ]
)
if test "$ENABLED_MD4" = "no"
then
AM_CFLAGS="$AM_CFLAGS -DNO_MD4"
fi
AM_CONDITIONAL([BUILD_MD4], [test "x$ENABLED_MD4" = "xyes"])
# Web Server Build
AC_ARG_ENABLE([webserver],
[ --enable-webserver Enable Web Server (default: disabled)],
@@ -1717,6 +1702,65 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_LIGHTY -DHAVE_WOLFSSL_SSL_H=1"
fi
# stunnel Support
AC_ARG_ENABLE([stunnel],
[ --enable-stunnel Enable stunnel (default: disabled)],
[ ENABLED_STUNNEL=$enableval ],
[ ENABLED_STUNNEL=no ]
)
if test "$ENABLED_STUNNEL" = "yes"
then
# Requires opensslextra make sure on
if test "x$ENABLED_OPENSSLEXTRA" = "xno"
then
ENABLED_OPENSSLEXTRA="yes"
AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
fi
# Requires coding make sure on
if test "x$ENABLED_CODING" = "xno"
then
ENABLED_CODING="yes"
fi
# For now, requires no fastmath, turn off if on
if test "x$ENABLED_FASTMATH" = "xyes"
then
ENABLED_FASTMATH = "no"
fi
# Requires sessioncerts make sure on
if test "x$ENABLED_SESSIONCERTS" = "xno"
then
ENABLED_SESSIONCERTS="yes"
AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_STUNNEL"
fi
# MD4
AC_ARG_ENABLE([md4],
[ --enable-md4 Enable MD4 (default: disabled)],
[ ENABLED_MD4=$enableval ],
[ ENABLED_MD4=no ]
)
if test "$ENABLED_MD4" = "no"
then
#turn on MD4 if using stunnel
if test "x$ENABLED_STUNNEL" = "xyes"
then
ENABLED_MD4="yes"
else
AM_CFLAGS="$AM_CFLAGS -DNO_MD4"
fi
fi
AM_CONDITIONAL([BUILD_MD4], [test "x$ENABLED_MD4" = "xyes"])
# PWDBASED has to come after certservice since we want it on w/o explicit on
# PWDBASED
@@ -1745,7 +1789,11 @@ FASTMATH_DEFAULT=no
if test "$host_cpu" = "x86_64"
then
FASTMATH_DEFAULT=yes
# fastmath turned off for stunnel by default
if test "x$ENABLED_STUNNEL" = "xno"
then
FASTMATH_DEFAULT=yes
fi
fi
# fastmath
@@ -2218,6 +2266,7 @@ echo " * CODING: $ENABLED_CODING"
echo " * MEMORY: $ENABLED_MEMORY"
echo " * I/O POOL: $ENABLED_IOPOOL"
echo " * LIGHTY: $ENABLED_LIGHTY"
echo " * STUNNEL: $ENABLED_STUNNEL"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS"
echo " * Old TLS Versions: $ENABLED_OLD_TLS"

2
src/internal.c
View File

@@ -4464,7 +4464,7 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#else
store->current_cert = NULL;
#endif
#ifdef FORTRESS
#if defined(HAVE_FORTRESS) || defined(HAVE_STUNNEL)
store->ex_data = ssl;
#endif
ok = ssl->verifyCallback(0, store);

493
src/ssl.c
View File

@@ -7163,7 +7163,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
WOLFSSL_X509_STORE_CTX* ctx)
{
(void)ctx;
return 0;
return NULL;
}
@@ -8787,14 +8787,18 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert)
{
WOLFSSL_ENTER("X509_get_issuer_name");
return &cert->issuer;
if(cert)
return &cert->issuer;
return NULL;
}
WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert)
{
WOLFSSL_ENTER("X509_get_subject_name");
return &cert->subject;
if(cert)
return &cert->subject;
return NULL;
}
@@ -9467,23 +9471,6 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format)
#ifdef OPENSSL_EXTRA
int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data)
{
#ifdef FORTRESS
if (ssl != NULL && idx < MAX_EX_DATA)
{
ssl->ex_data[idx] = data;
return SSL_SUCCESS;
}
#else
(void)ssl;
(void)idx;
(void)data;
#endif
return SSL_FAILURE;
}
int wolfSSL_set_session_id_context(WOLFSSL* ssl, const unsigned char* id,
unsigned int len)
{
@@ -10130,19 +10117,6 @@ int wolfSSL_COMP_add_compression_method(int method, void* data)
}
int wolfSSL_get_ex_new_index(long idx, void* data, void* cb1, void* cb2,
void* cb3)
{
(void)idx;
(void)data;
(void)cb1;
(void)cb2;
(void)cb3;
return 0;
}
void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)(
const char*, int))
{
@@ -10300,6 +10274,7 @@ int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509, STACK_OF(WOLFSSL_X509)* sk)
{
(void)sk;
WOLFSSL_ENTER(__func__);
if (ctx != NULL) {
ctx->store = store;
ctx->current_cert = x509;
@@ -10486,7 +10461,8 @@ long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* i)
void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx)
{
#ifdef FORTRESS
WOLFSSL_ENTER(__func__);
#if defined(FORTRESS) || defined(HAVE_STUNNEL)
if (ctx != NULL && idx == 0)
return ctx->ex_data;
#else
@@ -10499,24 +10475,13 @@ void* wolfSSL_X509_STORE_CTX_get_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx)
int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void)
{
WOLFSSL_ENTER(__func__);
return 0;
}
void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx)
{
#ifdef FORTRESS
if (ssl != NULL && idx < MAX_EX_DATA)
return ssl->ex_data[idx];
#else
(void)ssl;
(void)idx;
#endif
return 0;
}
void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx, void (*f)(void))
void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
void (*f)(const WOLFSSL* ssl, int type, int val))
{
(void)ctx;
(void)f;
@@ -10529,7 +10494,7 @@ unsigned long wolfSSL_ERR_peek_error(void)
}
int wolfSSL_ERR_GET_REASON(int err)
int wolfSSL_ERR_GET_REASON(unsigned long err)
{
(void)err;
return 0;
@@ -10550,7 +10515,7 @@ char* wolfSSL_alert_desc_string_long(int alertID)
}
char* wolfSSL_state_string_long(WOLFSSL* ssl)
char* wolfSSL_state_string_long(const WOLFSSL* ssl)
{
(void)ssl;
return 0;
@@ -10709,23 +10674,6 @@ void* wolfSSL_sk_value(WOLFSSL_X509_REVOKED* rev, int i)
/* stunnel 4.28 needs */
void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int d)
{
(void)ctx;
(void)d;
return 0;
}
int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX* ctx, int d, void* p)
{
(void)ctx;
(void)d;
(void)p;
return SSL_SUCCESS;
}
void wolfSSL_CTX_sess_set_get_cb(WOLFSSL_CTX* ctx,
WOLFSSL_SESSION*(*f)(WOLFSSL*, unsigned char*, int, int*))
{
@@ -10783,17 +10731,6 @@ long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
}
int wolfSSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b,
void* c)
{
(void)idx;
(void)arg;
(void)a;
(void)b;
(void)c;
return 0;
}
#endif /* OPENSSL_EXTRA */
@@ -15318,3 +15255,403 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
#endif
#endif
#ifdef OPENSSL_EXTRA
void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX* ctx, int idx)
{
WOLFSSL_ENTER(__func__);
#ifdef HAVE_STUNNEL
if(ctx != NULL && idx < MAX_EX_DATA) {
return ctx->ex_data[idx];
}
#else
(void)ctx;
(void)idx;
#endif
return NULL;
}
int wolfSSL_CTX_get_ex_new_index(long idx, void* arg, void* a, void* b,
void* c)
{
WOLFSSL_ENTER(__func__);
(void)idx;
(void)arg;
(void)a;
(void)b;
(void)c;
return 0;
}
int wolfSSL_CTX_set_ex_data(WOLFSSL_CTX* ctx, int idx, void* data)
{
WOLFSSL_ENTER(__func__);
#ifdef HAVE_STUNNEL
if (ctx != NULL && idx < MAX_EX_DATA)
{
ctx->ex_data[idx] = data;
return SSL_SUCCESS;
}
#else
(void)ctx;
(void)idx;
(void)data;
#endif
return SSL_FAILURE;
}
int wolfSSL_set_ex_data(WOLFSSL* ssl, int idx, void* data)
{
WOLFSSL_ENTER(__func__);
#if defined(FORTRESS) || defined(HAVE_STUNNEL)
if (ssl != NULL && idx < MAX_EX_DATA)
{
ssl->ex_data[idx] = data;
return SSL_SUCCESS;
}
#else
(void)ssl;
(void)idx;
(void)data;
#endif
return SSL_FAILURE;
}
int wolfSSL_get_ex_new_index(long idx, void* data, void* cb1, void* cb2,
void* cb3)
{
WOLFSSL_ENTER(__func__);
(void)idx;
(void)data;
(void)cb1;
(void)cb2;
(void)cb3;
return 0;
}
void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx)
{
WOLFSSL_ENTER(__func__);
#if defined(FORTRESS) || defined(HAVE_STUNNEL)
if (ssl != NULL && idx < MAX_EX_DATA)
return ssl->ex_data[idx];
#else
(void)ssl;
(void)idx;
#endif
return 0;
}
#endif /* OPENSSL_EXTRA */
/* stunnel compatability functions*/
#if defined(OPENSSL_EXTRA) && defined(HAVE_STUNNEL)
int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION* session, int idx, void* data)
{
WOLFSSL_ENTER(__func__);
#ifdef HAVE_STUNNEL
if(session != NULL && idx < MAX_EX_DATA) {
session->ex_data[idx] = data;
return SSL_SUCCESS;
}
#else
(void)session;
(void)idx;
(void)data;
#endif
return SSL_FAILURE;
}
int wolfSSL_SESSION_get_ex_new_index(long idx, void* data, void* cb1,
void* cb2, void* cb3)
{
WOLFSSL_ENTER(__func__);
(void)idx;
(void)cb1;
(void)cb2;
(void)cb3;
#ifdef HAVE_STUNNEL
if(XSTRNCMP(data, "redirect index", 14) == 0) {
return 0;
}
else if(XSTRNCMP(data, "addr index", 10) == 0) {
return 1;
}
#else
(void)data;
#endif
return SSL_FAILURE;
}
void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION* session, int idx)
{
WOLFSSL_ENTER(__func__);
#ifdef HAVE_STUNNEL
if (session != NULL && idx < MAX_EX_DATA)
return session->ex_data[idx];
#else
(void)session;
(void)idx;
#endif
return NULL;
}
WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode)
{
(void) filename;
(void) mode;
return NULL;
}
int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
void *(*r) (void *, size_t, const char *,
int), void (*f) (void *))
{
(void) m;
(void) r;
(void) f;
return SSL_FAILURE;
}
WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator,
void (*callback) (int, int, void *), void *cb_arg)
{
(void)prime_len;
(void)generator;
(void)callback;
(void)cb_arg;
return NULL;
}
void wolfSSL_ERR_load_crypto_strings(void){}
unsigned long wolfSSL_ERR_peek_last_error(void)
{
unsigned long l = 0UL;
return l;
}
int wolfSSL_FIPS_mode(void)
{
return SSL_FAILURE;
}
int wolfSSL_FIPS_mode_set(int r)
{
(void)r;
return SSL_FAILURE;
}
WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp, WOLFSSL_DH **x, pem_password_cb *cb, void *u)
{
(void) bp;
(void) x;
(void) cb;
(void) u;
return NULL;
}
int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x)
{
(void) bp;
(void) x;
return SSL_FAILURE;
}
int wolfSSL_RAND_set_rand_method(const void *meth)
{
(void) meth;
return SSL_FAILURE;
}
int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits)
{
if(c != NULL && c->ssl != NULL) {
if(alg_bits != NULL) {
*alg_bits = 8 * c->ssl->specs.key_size;
}
return 8 * c->ssl->specs.key_size;
}
return SSL_FAILURE;
}
int wolfSSL_sk_X509_NAME_num(const STACK_OF(WOLFSSL_X509_NAME) *s)
{
(void) s;
return SSL_FAILURE;
}
int wolfSSL_sk_X509_num(const STACK_OF(WOLFSSL_X509) *s)
{
(void) s;
return SSL_FAILURE;
}
int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* nm,
int indent, unsigned long flags)
{
(void)bio;
(void)nm;
(void)indent;
(void)flags;
return SSL_FAILURE;
}
WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(const WOLFSSL_X509* x)
{
(void)x;
return NULL;
}
int wolfSSL_CTX_add_session(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
{
(void)ctx;
(void)session;
return SSL_SUCCESS;
}
int wolfSSL_get_state(const WOLFSSL* ssl)
{
(void)ssl;
return SSL_FAILURE;
}
void* wolfSSL_sk_X509_NAME_value(STACK_OF(WOLFSSL_X509_NAME)* sk, int i)
{
(void)sk;
(void)i;
return NULL;
}
void* wolfSSL_sk_X509_value(STACK_OF(WOLFSSL_X509)* sk, int i)
{
(void)sk;
(void)i;
return NULL;
}
int wolfSSL_version(WOLFSSL* ssl)
{
if (ssl->version.major == SSLv3_MAJOR) {
switch (ssl->version.minor) {
case SSLv3_MINOR :
return SSL3_VERSION;
case TLSv1_MINOR :
case TLSv1_1_MINOR :
case TLSv1_2_MINOR :
return TLS1_VERSION;
default:
return SSL_FAILURE;
}
}
else if (ssl->version.major == DTLS_MAJOR) {
switch (ssl->version.minor) {
case DTLS_MINOR :
case DTLSv1_2_MINOR :
return DTLS1_VERSION;
default:
return SSL_FAILURE;
}
}
return SSL_FAILURE;
}
STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl)
{
(void)ssl;
return NULL;
}
long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx)
{
(void)ctx;
return 0;
}
WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl)
{
return ssl->ctx;
}
int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME* name)
{
if(!name)
return -1;
return name->sz;
}
#ifndef NO_DH
/* Intialize ctx->dh with dh's params. Return SSL_SUCCESS on ok */
long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh)
{
int pSz, gSz;
byte *p, *g;
int ret=0;
pSz = wolfSSL_BN_bn2bin(dh->p, NULL);
gSz = wolfSSL_BN_bn2bin(dh->g, NULL);
p = XMALLOC(pSz, ctx->heap, DYNAMIC_TYPE_DH);
if(!p)
return MEMORY_E;
g = XMALLOC(gSz, ctx->heap, DYNAMIC_TYPE_DH);
if(!g) {
XFREE(p, ctx->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
pSz = wolfSSL_BN_bn2bin(dh->p, p);
gSz = wolfSSL_BN_bn2bin(dh->g, g);
if(pSz != SSL_FATAL_ERROR && gSz != SSL_FATAL_ERROR)
ret = wolfSSL_CTX_SetTmpDH(ctx, p, pSz, g, gSz);
if(p)
XFREE(p, ctx->heap, DYNAMIC_TYPE_DH);
if(g)
XFREE(g, ctx->heap, DYNAMIC_TYPE_DH);
return pSz > 0 && gSz > 0 ? SSL_FATAL_ERROR : ret;
}
#endif /* NO_DH */
const byte* wolfSSL_SESSION_get_id(WOLFSSL_SESSION* sess, unsigned int* idLen)
{
if(!sess)
return NULL;
*idLen = sess->sessionIDSz;
return sess->sessionID;
}
#endif /* OPENSSL_EXTRA and HAVE_STUNNEL */

19
wolfcrypt/src/coding.c
View File

@@ -166,8 +166,8 @@ static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
else
basic = base64Encode[e];
/* check whether to escape */
if (escaped) {
/* check whether to escape. Only escape for EncodeEsc */
if (escaped == 1) {
switch ((char)basic) {
case '+' :
plus = 1;
@@ -235,8 +235,10 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
word32 outSz = (inLen + 3 - 1) / 3 * 4;
word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
if (escaped)
if (escaped == 1)
addSz *= 3; /* instead of just \n, we're doing %0A triplet */
else if (escaped == 2)
addSz = 0; /* encode without \n */
outSz += addSz;
@@ -267,7 +269,8 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
inLen -= 3;
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
/* Insert newline after PEM_LINE_SZ, unless no \n requested */
if (escaped != 2 && (++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
if (ret != 0) break;
}
@@ -299,10 +302,10 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
if (ret == 0)
if (ret == 0 && escaped != 2)
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
if (i != outSz && escaped == 0 && ret == 0)
if (i != outSz && escaped != 1 && ret == 0)
return ASN_INPUT_E;
*outLen = i;
@@ -323,6 +326,10 @@ int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen)
return DoBase64_Encode(in, inLen, out, outLen, 1);
}
int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 2);
}
#endif /* defined(WOLFSSL_BASE64_ENCODE) */

12
wolfssl/internal.h
View File

@@ -890,7 +890,7 @@ enum Misc {
MAX_WOLFSSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */
#ifdef FORTRESS
#if defined(FORTRESS) || defined (HAVE_STUNNEL)
MAX_EX_DATA = 3, /* allow for three items of ex_data */
#endif
@@ -1612,8 +1612,11 @@ struct WOLFSSL_CTX {
#endif /* HAVE_ANON */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
pem_password_cb passwd_cb;
void* userdata;
void* userdata;
#endif /* OPENSSL_EXTRA */
#ifdef HAVE_STUNNEL
void* ex_data[MAX_EX_DATA];
#endif
#ifdef HAVE_OCSP
WOLFSSL_OCSP ocsp;
#endif
@@ -1847,6 +1850,9 @@ struct WOLFSSL_SESSION {
word16 ticketLen;
byte ticket[SESSION_TICKET_LEN];
#endif
#ifdef HAVE_STUNNEL
void* ex_data[MAX_EX_DATA];
#endif
};
@@ -2300,7 +2306,7 @@ struct WOLFSSL {
#ifdef KEEP_PEER_CERT
WOLFSSL_X509 peerCert; /* X509 peer cert */
#endif
#ifdef FORTRESS
#if defined(FORTRESS) || defined(HAVE_STUNNEL)
void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */
#endif
#ifdef HAVE_CAVIUM

17
wolfssl/openssl/asn1.h
View File

@@ -1,2 +1,19 @@
/* asn1.h for openssl */
#ifndef WOLFSSL_ASN1_H_
#define WOLFSSL_ASN1_H_
struct WOLFSSL_ASN1_BIT_STRING {
int length;
int type;
char* data;
long flags;
};
struct WOLFSSL_ASN1_STRING {
int length;
int type;
char* data;
long flags;
};
#endif /* WOLFSSL_ASN1_H_ */

5
wolfssl/openssl/crypto.h
View File

@@ -21,6 +21,11 @@ WOLFSSL_API unsigned long wolfSSLeay(void);
#define SSLEAY_VERSION 0x0090600fL
#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
#ifdef HAVE_STUNNEL
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
#define FIPS_mode wolfSSL_FIPS_mode
#define FIPS_mode_set wolfSSL_FIPS_mode_set
#endif /* HAVE_STUNNEL */
#endif /* header */

7
wolfssl/openssl/dh.h
View File

@@ -11,7 +11,7 @@
extern "C" {
#endif
typedef struct WOLFSSL_DH {
struct WOLFSSL_DH {
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* g;
WOLFSSL_BIGNUM* pub_key; /* openssh deference g^x */
@@ -23,7 +23,7 @@ typedef struct WOLFSSL_DH {
* lighttpd src code.
*/
int length;
} WOLFSSL_DH;
};
WOLFSSL_API WOLFSSL_DH* wolfSSL_DH_new(void);
@@ -48,4 +48,7 @@ typedef WOLFSSL_DH DH;
} /* extern "C" */
#endif
#ifdef HAVE_STUNNEL
#define DH_generate_parameters wolfSSL_DH_generate_parameters
#endif /* HAVE_STUNNEL */
#endif /* header */

3
wolfssl/openssl/err.h
View File

@@ -1,2 +1,3 @@
/* err.h for openssl */
#define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error

8
wolfssl/openssl/opensslv.h
View File

@@ -5,7 +5,13 @@
/* api version compatibility */
#define OPENSSL_VERSION_NUMBER 0x0090810fL
#ifdef HAVE_STUNNEL
#define OPENSSL_VERSION_NUMBER 0x0090700fL
#else
#define OPENSSL_VERSION_NUMBER 0x0090810fL
#endif
#define OPENSSL_VERSION_TEXT LIBWOLFSSL_VERSION_STRING
#endif /* header */

2
wolfssl/openssl/rand.h
View File

@@ -1,4 +1,6 @@
/* rand.h for openSSL */
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/wolfcrypt/random.h>
#define RAND_set_rand_method wolfSSL_RAND_set_rand_method

53
wolfssl/openssl/ssl.h
View File

@@ -289,7 +289,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define X509_get_serialNumber wolfSSL_X509_get_serialNumber
#define ASN1_TIME_pr wolfSSL_ASN1_TIME_pr
#define ASN1_TIME_print wolfSSL_ASN1_TIME_print
#define ASN1_INTEGER_cmp wolfSSL_ASN1_INTEGER_cmp
#define ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
@@ -304,7 +304,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_CTX_set_default_passwd_cb_userdata wolfSSL_CTX_set_default_passwd_cb_userdata
#define SSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
#define SSL_CTX_set_timeout wolfSSL_CTX_set_timeout
#define SSL_CTX_set_timeout(ctx, to) wolfSSL_CTX_set_timeout(ctx, (unsigned int) to)
#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
#define ERR_peek_error wolfSSL_ERR_peek_error
@@ -392,7 +392,8 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_CTX_sess_set_remove_cb wolfSSL_CTX_sess_set_remove_cb
#define i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
#define d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
#define d2i_SSL_SESSION(sess, val, length) \
wolfSSL_d2i_SSL_SESSION(sess, (const unsigned char **)val, length)
#define SSL_SESSION_set_timeout wolfSSL_SSL_SESSION_set_timeout
#define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
#define SSL_SESSION_get_time wolfSSL_SESSION_get_time
@@ -433,6 +434,52 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#endif
#ifdef HAVE_STUNNEL
#include <wolfssl/openssl/asn1.h>
/* defined as: (SSL_ST_ACCEPT|SSL_CB_LOOP), which becomes 0x2001*/
#define SSL_CB_ACCEPT_LOOP 0x2001
#define SSL2_VERSION 0x0002
#define SSL3_VERSION 0x0300
#define TLS1_VERSION 0x0301
#define DTLS1_VERSION 0xFEFF
#define SSL23_ST_SR_CLNT_HELLO_A (0x210|0x2000)
#define SSL3_ST_SR_CLNT_HELLO_A (0x110|0x2000)
#define ASN1_STRFLGS_ESC_MSB 4
#define X509_V_ERR_CERT_REJECTED 28
#define BIO_new_file wolfSSL_BIO_new_file
#define PEM_read_bio_DHparams wolfSSL_PEM_read_bio_DHparams
#define PEM_write_bio_X509 wolfSSL_PEM_write_bio_X509
#define SSL_alert_desc_string_long wolfSSL_alert_desc_string_long
#define SSL_alert_type_string_long wolfSSL_alert_type_string_long
#define SSL_CIPHER_get_bits wolfSSL_CIPHER_get_bits
#define sk_X509_NAME_num wolfSSL_sk_X509_NAME_num
#define sk_X509_num wolfSSL_sk_X509_num
#define X509_NAME_print_ex wolfSSL_X509_NAME_print_ex
#define X509_get0_pubkey_bitstr wolfSSL_X509_get0_pubkey_bitstr
#define SSL_CTX_get_options wolfSSL_CTX_get_options
#define SSL_CTX_flush_sessions wolfSSL_flush_sessions
#define SSL_CTX_add_session wolfSSL_CTX_add_session
#define SSL_get_SSL_CTX wolfSSL_get_SSL_CTX
#define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh
#define SSL_version wolfSSL_version
#define SSL_get_state wolfSSL_get_state
#define SSL_state_string_long wolfSSL_state_string_long
#define SSL_get_peer_cert_chain wolfSSL_get_peer_cert_chain
#define sk_X509_NAME_value wolfSSL_sk_X509_NAME_value
#define sk_X509_value wolfSSL_sk_X509_value
#define SSL_SESSION_get_ex_data wolfSSL_SESSION_get_ex_data
#define SSL_SESSION_set_ex_data wolfSSL_SESSION_set_ex_data
#define SSL_SESSION_get_ex_new_index wolfSSL_SESSION_get_ex_new_index
#define SSL_SESSION_get_id wolfSSL_SESSION_get_id
typedef struct CRYPTO_EX_DATA CRYPTO_EX_DATA;
typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#endif /* HAVE_STUNNEL */
#ifdef __cplusplus
} /* extern "C" */
#endif

94
wolfssl/ssl.h
View File

@@ -92,14 +92,10 @@ typedef struct WOLFSSL_ASN1_INTEGER WOLFSSL_ASN1_INTEGER;
typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT;
typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value;
#ifdef HAVE_LIGHTY
typedef struct WOLFSSL_ASN1_STRING{
char* data;
int length;
} WOLFSSL_ASN1_STRING;
#else
typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING;
#endif
typedef struct WOLFSSL_ASN1_STRING WOLFSSL_ASN1_STRING;
typedef struct WOLFSSL_dynlock_value WOLFSSL_dynlock_value;
typedef struct WOLFSSL_DH WOLFSSL_DH;
typedef struct WOLFSSL_ASN1_BIT_STRING WOLFSSL_ASN1_BIT_STRING;
#define WOLFSSL_ASN1_UTCTIME WOLFSSL_ASN1_TIME
@@ -148,6 +144,7 @@ typedef struct WOLFSSL_X509_REVOKED {
typedef struct WOLFSSL_X509_OBJECT {
union {
char* ptr;
WOLFSSL_X509 *x509;
WOLFSSL_X509_CRL* crl; /* stunnel dereference */
} data;
} WOLFSSL_X509_OBJECT;
@@ -342,7 +339,7 @@ WOLFSSL_API int wolfSSL_dtls(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_dtls_set_peer(WOLFSSL*, void*, unsigned int);
WOLFSSL_API int wolfSSL_dtls_get_peer(WOLFSSL*, void*, unsigned int*);
WOLFSSL_API int wolfSSL_ERR_GET_REASON(int err);
WOLFSSL_API int wolfSSL_ERR_GET_REASON(unsigned long err);
WOLFSSL_API char* wolfSSL_ERR_error_string(unsigned long,char*);
WOLFSSL_API void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
unsigned long sz);
@@ -526,14 +523,15 @@ WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX*,
WOLFSSL_API void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX*, pem_password_cb);
WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*, void (*)(void));
WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX*,
void (*)(const WOLFSSL* ssl, int type, int val));
WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void);
WOLFSSL_API int wolfSSL_GET_REASON(int);
WOLFSSL_API char* wolfSSL_alert_type_string_long(int);
WOLFSSL_API char* wolfSSL_alert_desc_string_long(int);
WOLFSSL_API char* wolfSSL_state_string_long(WOLFSSL*);
WOLFSSL_API char* wolfSSL_state_string_long(const WOLFSSL*);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_RSA_generate_key(int, unsigned long,
void(*)(int, int, void*), void*);
@@ -646,11 +644,16 @@ enum {
X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20,
X509_V_ERR_CERT_HAS_EXPIRED = 21,
X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22,
X509_V_ERR_CERT_REJECTED = 23,
X509_V_OK = 0,
XN_FLAG_SPC_EQ = (1 << 23),
XN_FLAG_ONELINE = 0,
CRYPTO_LOCK = 1,
CRYPTO_NUM_LOCKS = 10
CRYPTO_NUM_LOCKS = 10,
ASN1_STRFLGS_ESC_MSB = 4
};
/* extras end */
@@ -1541,6 +1544,71 @@ WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( STACK_OF(WOLFSSL_X
#endif
#ifdef HAVE_STUNNEL
WOLFSSL_API WOLFSSL_BIO *wolfSSL_BIO_new_file(const char *filename, const char *mode);
WOLFSSL_API int wolfSSL_CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
void *(*r) (void *, size_t, const char *, int), void (*f) (void *));
WOLFSSL_API WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator,
void (*callback) (int, int, void *), void *cb_arg);
WOLFSSL_API void wolfSSL_ERR_load_crypto_strings(void);
WOLFSSL_API unsigned long wolfSSL_ERR_peek_last_error(void);
WOLFSSL_API int wolfSSL_FIPS_mode(void);
WOLFSSL_API int wolfSSL_FIPS_mode_set(int r);
WOLFSSL_API WOLFSSL_DH *wolfSSL_PEM_read_bio_DHparams(WOLFSSL_BIO *bp,
WOLFSSL_DH **x, pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_PEM_write_bio_X509(WOLFSSL_BIO *bp, WOLFSSL_X509 *x);
WOLFSSL_API int wolfSSL_RAND_set_rand_method(const void *meth);
WOLFSSL_API int wolfSSL_CIPHER_get_bits(const WOLFSSL_CIPHER *c, int *alg_bits);
WOLFSSL_API int wolfSSL_sk_X509_NAME_num(const STACK_OF(WOLFSSL_X509_NAME) *s);
WOLFSSL_API int wolfSSL_sk_X509_num(const STACK_OF(WOLFSSL_X509) *s);
WOLFSSL_API int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO*,WOLFSSL_X509_NAME*,int,unsigned long);
WOLFSSL_API WOLFSSL_ASN1_BIT_STRING* wolfSSL_X509_get0_pubkey_bitstr(
const WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX*, WOLFSSL_SESSION*);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_version(WOLFSSL*);
WOLFSSL_API int wolfSSL_get_state(const WOLFSSL*);
WOLFSSL_API void* wolfSSL_sk_X509_NAME_value(STACK_OF(WOLFSSL_X509_NAME)*, int);
WOLFSSL_API void* wolfSSL_sk_X509_value(STACK_OF(WOLFSSL_X509)*, int);
WOLFSSL_API STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
WOLFSSL_API long wolfSSL_CTX_get_options(WOLFSSL_CTX* ctx);
WOLFSSL_API void* wolfSSL_SESSION_get_ex_data(const WOLFSSL_SESSION*, int);
WOLFSSL_API int wolfSSL_SESSION_set_ex_data(WOLFSSL_SESSION*, int, void*);
WOLFSSL_API int wolfSSL_SESSION_get_ex_new_index(long,void*,void*,void*,void*);
WOLFSSL_API int wolfSSL_X509_NAME_get_sz(WOLFSSL_X509_NAME*);
WOLFSSL_API long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX*, WOLFSSL_DH*);
WOLFSSL_API const unsigned char* wolfSSL_SESSION_get_id(WOLFSSL_SESSION*, unsigned int*);
#endif /* HAVE_STUNNEL */
#ifdef __cplusplus
} /* extern "C" */
#endif

3
wolfssl/wolfcrypt/coding.h
View File

@@ -48,6 +48,9 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
WOLFSSL_API
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out,
word32* outLen);
WOLFSSL_API
int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out,
word32* outLen);
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)