From b02fe0853fbaba78166c4bbebea73f15b9892f88 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Thu, 24 Aug 2023 14:34:14 +0200 Subject: [PATCH] CI fixes --- src/crl.c | 4 ++-- tests/api.c | 10 +++++----- wolfssl/internal.h | 6 ++++-- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/src/crl.c b/src/crl.c index bcafc309c..8c7630c05 100644 --- a/src/crl.c +++ b/src/crl.c @@ -666,8 +666,8 @@ static RevokedCert *DupRevokedCertList(RevokedCert* in, void* heap) static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap) { CRL_Entry *dupl; - const size_t copyOffset = OFFSETOF(CRL_Entry, next) + - sizeof(ent->next); + const size_t copyOffset = OFFSETOF(CRL_Entry, verifyMutex) + + sizeof(ent->verifyMutex); #ifdef CRL_STATIC_REVOKED_LIST if (ent->totalCerts > CRL_MAX_REVOKED_CERTS) { return NULL; diff --git a/tests/api.c b/tests/api.c index 565ecac16..ddb7b025f 100644 --- a/tests/api.c +++ b/tests/api.c @@ -366,7 +366,8 @@ defined(HAVE_SESSION_TICKET) || (defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)) || \ defined(WOLFSSL_TEST_STATIC_BUILD) || defined(WOLFSSL_DTLS) || \ - defined(HAVE_ECH) || defined(HAVE_EX_DATA) || !defined(NO_SESSION_CACHE) + defined(HAVE_ECH) || defined(HAVE_EX_DATA) || !defined(NO_SESSION_CACHE) \ + || !defined(WOLFSSL_NO_TLS12) /* for testing SSL_get_peer_cert_chain, or SESSION_TICKET_HINT_DEFAULT, * for setting authKeyIdSrc in WOLFSSL_X509, or testing DTLS sequence * number tracking */ @@ -64946,7 +64947,7 @@ static int test_certreq_sighash_algos(void) #if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \ !defined(WOLFSSL_MAX_STRENGTH) && defined(HAVE_ECC) && \ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \ - defined(HAVE_AES_CBC) + defined(HAVE_AES_CBC) && !defined(WOLFSSL_NO_TLS12) WOLFSSL_CTX *ctx_c = NULL; WOLFSSL_CTX *ctx_s = NULL; WOLFSSL *ssl_c = NULL; @@ -64957,15 +64958,14 @@ static int test_certreq_sighash_algos(void) XMEMSET(&test_ctx, 0, sizeof(test_ctx)); test_ctx.c_ciphers = test_ctx.s_ciphers = - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:" - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"; + "ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA384"; ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s, wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0); ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx_c, "./certs/ca-ecc-cert.pem", NULL), WOLFSSL_SUCCESS); - wolfSSL_set_verify(ssl_s, SSL_VERIFY_PEER, NULL); + wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_PEER, NULL); ExpectIntEQ(wolfSSL_use_PrivateKey_file(ssl_s, "./certs/ecc-key.pem", WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_use_certificate_file(ssl_s, "./certs/server-ecc.pem", diff --git a/wolfssl/internal.h b/wolfssl/internal.h index a46e7c6ac..c983a39e1 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2464,14 +2464,16 @@ typedef struct CRL_Entry CRL_Entry; #endif /* Complete CRL */ struct CRL_Entry { - wolfSSL_Mutex verifyMutex; byte* toBeSigned; byte* signature; #if defined(OPENSSL_EXTRA) WOLFSSL_X509_NAME* issuer; /* X509_NAME type issuer */ #endif CRL_Entry* next; /* next entry */ - /* DupCRL_Entry copies data after the `next` member */ + wolfSSL_Mutex verifyMutex; + /* DupCRL_Entry copies data after the `verifyMutex` member. Using the mutex + * as the marker because clang-tidy doesn't like taking the sizeof a + * pointer. */ byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */ /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */ /* restore the hash here if needed for optimized comparisons */