Replace immediate value "0" with WOLFSSL_FAILURE and add comment to the RETURN_CODE macro

2025-07-29 18:27:29 +02:00 · 2021-03-03 11:23:11 +09:00
parent 4264a49246
commit bbf1284112
3 changed files with 18 additions and 9 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -6916,7 +6916,7 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
    int ret = wolfSSL_CTX_load_verify_locations_ex(ctx, file, path,
        WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS);

-    return RETURN_CODE(ret,0);
+    return RETURN_CODE(ret,WOLFSSL_FAILURE);
 }


@ -24409,15 +24409,15 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
    const char* footer = NULL;

    if (type != X509_FILETYPE_PEM)
-        return RETURN_CODE(BAD_FUNC_ARG,0);
+        return RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE);

    fp = XFOPEN(file, "rb");
    if (fp == XBADFILE)
-        return RETURN_CODE(BAD_FUNC_ARG,0);
+        return RETURN_CODE(BAD_FUNC_ARG,WOLFSSL_FAILURE);

    if(XFSEEK(fp, 0, XSEEK_END) != 0) {
        XFCLOSE(fp);
-        return RETURN_CODE(WOLFSSL_BAD_FILE,0);
+        return RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE);
    }
    sz = XFTELL(fp);
    XREWIND(fp);
@ -24487,12 +24487,12 @@ end:
    if (pem != NULL)
        XFREE(pem, 0, DYNAMIC_TYPE_PEM);
    XFCLOSE(fp);
-    return RETURN_CODE(ret,0);
+    return RETURN_CODE(ret,WOLFSSL_FAILURE);
 #else
    (void)lookup;
    (void)file;
    (void)type;
-    return RETURN_CODE(WOLFSSL_FAILURE,0);
+    return RETURN_CODE(WOLFSSL_FAILURE,WOLFSSL_FAILURE);
 #endif
 }

--- a/tests/api.c
+++ b/tests/api.c
@ -954,19 +954,19 @@ static void test_wolfSSL_CTX_load_verify_locations(void)

    /* invalid ca file */
    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, bogusFile, NULL),
-     RETURN_CODE(WOLFSSL_BAD_FILE,0));
+     RETURN_CODE(WOLFSSL_BAD_FILE,WOLFSSL_FAILURE));


 #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS)
    /* invalid path */
    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile),
-     RETURN_CODE(BAD_PATH_ERROR,0));
+     RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE));
 #endif

    /* load ca cert */
 #ifdef NO_RSA
    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL),
-     RETURN_CODE(ASN_UNKNOWN_OID_E,0));
+     RETURN_CODE(ASN_UNKNOWN_OID_E,WOLFSSL_FAILURE));
 #else /* Skip the following test without RSA certs. */
    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, NULL), WOLFSSL_SUCCESS);

--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -674,6 +674,15 @@ enum AlertLevel {
    alert_fatal   = 2
 };

+/* RETURN_CODE macro
+ * Some OpenSSL APIs specify "0" as the return value when an error occurs.
+ * However, some corresponding wolfSSL APIs(eg.
+ * wolfSSL_CTX_load_verify_locations) return negative values. Such functions
+ * should use this macro to fill this gap. Users who want them to return
+ * the same return value as OpenSSL can define WOLFSSL_ERR_CODE_OPENSSL.
+ * Note that this macro replaces only negative return values with the
+ * specified value.
+ */
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
    #define RETURN_CODE(w,o)  ((w < 0)?o:w)
 #else