wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 03:07:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Mongoose Update

Browse Source 
1. HAVE_WEBSERVER option turns on a couple more functions that MG is
using for client side authentication.
2. If using webserver, those functions return and error.
This commit is contained in:
John Safranek
2018-10-31 13:25:05 -07:00
parent 70d345eda0
commit bc4150af2c
2 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/ssl.c
View File

@ -11421,16 +11421,22 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
} }
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_WEBSERVER)
void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx, void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX* ctx,
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names) WOLF_STACK_OF(WOLFSSL_X509_NAME)* names)
{ {
WOLFSSL_ENTER("wolfSSL_SSL_CTX_set_client_CA_list"); WOLFSSL_ENTER("wolfSSL_SSL_CTX_set_client_CA_list");
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
if (ctx != NULL) if (ctx != NULL)
ctx->ca_names = names; ctx->ca_names = names;
#else
(void)ctx;
(void)names;
#endif
} }
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list( WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list(
const WOLFSSL_CTX *s) const WOLFSSL_CTX *s)
{ {
@ -11443,10 +11449,15 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
} }
#endif #endif
#ifdef OPENSSL_EXTRA #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
#if !defined(NO_RSA) && !defined(NO_CERTS) #if !defined(NO_RSA) && !defined(NO_CERTS)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname) WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname)
{ {
/* The webserver build is using this to load a CA into the server
* for client authentication as an option. Have this return NULL in
* that case. If OPENSSL_EXTRA is enabled, go ahead and include
* the function. */
#ifdef OPENSSL_EXTRA
WOLFSSL_STACK *list = NULL; WOLFSSL_STACK *list = NULL;
WOLFSSL_STACK *node; WOLFSSL_STACK *node;
WOLFSSL_BIO* bio; WOLFSSL_BIO* bio;
@ -11493,8 +11504,16 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
wolfSSL_X509_free(cert); wolfSSL_X509_free(cert);
wolfSSL_BIO_free(bio); wolfSSL_BIO_free(bio);
return list; return list;
#else
(void)fname;
return NULL;
#endif
} }
#endif
#endif
#ifdef OPENSSL_EXTRA
#if !defined(NO_RSA) && !defined(NO_CERTS)
int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509) int wolfSSL_CTX_add_client_CA(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509)
{ {
WOLFSSL_STACK *node = NULL; WOLFSSL_STACK *node = NULL;

2
wolfssl/ssl.h
View File

@ -1014,11 +1014,11 @@ WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER*);
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai, WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
WOLFSSL_BIGNUM *bn); WOLFSSL_BIGNUM *bn);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*);
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t, WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME*, time_t,
int, long); int, long);
#endif #endif
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char*);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list( WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_SSL_CTX_get_client_CA_list(
const WOLFSSL_CTX *s); const WOLFSSL_CTX *s);
WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*, WOLFSSL_API void wolfSSL_CTX_set_client_CA_list(WOLFSSL_CTX*,