wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5576 from julek-wolfssl/dtls-windows

Browse Source 
Fix build errors and warnings for MSVC with DTLS 1.3
This commit is contained in:
JacobBarthelmeh
2022-09-16 11:11:46 -06:00
committed by GitHub
parent b780ad6da0 17df33cef8
commit c6f6086b15
11 changed files with 63 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
IDE/WIN/user_settings.h
View File

@ -6,13 +6,22 @@
#error This user_settings.h header is only designed for Windows
#endif
#define USE_WOLFSSL_IO
#define HAVE_AESGCM
#define WOLFSSL_TLS13
#define HAVE_HKDF
#define HAVE_FFDHE_4096
#define WC_RSA_PSS
#define WOLFSSL_DTLS
#define WOLFSSL_DTLS13
#define WOLFSSL_DTLS_CID
/* Configurations */
#if defined(HAVE_FIPS)
/* FIPS */
#define OPENSSL_EXTRA
#define HAVE_THREAD_LS
#define WOLFSSL_KEY_GEN
#define HAVE_AESGCM
#define HAVE_HASHDRBG
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512

2
examples/echoclient/echoclient.c
View File

@ -180,7 +180,7 @@ void echoclient_test(void* args)
#if defined(CYASSL_SNIFFER)
/* Only set if not running testsuite */
if (XSTRSTR(argv[0], "testsuite") != 0) {
if (XSTRSTR(argv[0], "testsuite") == NULL) {
/* don't use EDH, can't sniff tmp keys */
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
}

2
examples/echoserver/echoserver.c
View File

@ -245,7 +245,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#if defined(CYASSL_SNIFFER)
/* Only set if not running testsuite */
if (XSTRSTR(argv[0], "testsuite") != 0) {
if (XSTRSTR(argv[0], "testsuite") == NULL) {
/* don't use EDH, can't sniff tmp keys */
CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
}

5
src/dtls.c
View File

@ -33,6 +33,11 @@
typedef struct ConnectionID {
byte length;
/* Ignore "nonstandard extension used : zero-sized array in struct/union"
* MSVC warning */
#ifdef _MSC_VER
#pragma warning(disable: 4200)
#endif
byte id[];
} ConnectionID;

24
src/dtls13.c
View File

@ -206,7 +206,7 @@ static int Dtls13HandshakeAddHeaderFrag(WOLFSSL* ssl, byte* output,
static byte Dtls13TypeIsEncrypted(enum HandShakeType hs_type)
{
int ret = 0;
byte ret = 0;
switch (hs_type) {
case hello_request:
@ -240,7 +240,6 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
enum rnDirection dir)
{
RecordNumberCiphers* c;
int ret;
if (dir == PROTECT)
c = &ssl->dtlsRecordNumberEncrypt;
@ -260,6 +259,7 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
#ifdef HAVE_CHACHA
if (ssl->specs.bulk_cipher_algorithm == wolfssl_chacha) {
word32 counter;
int ret;
if (c->chacha == NULL)
return BAD_STATE_E;
@ -886,7 +886,7 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
ret = Dtls13SendOneFragmentRtx(ssl,
(enum HandShakeType)ssl->dtls13FragHandshakeType,
recordLength + MAX_MSG_EXTRA, output, recordLength, 0);
(word16)recordLength + MAX_MSG_EXTRA, output, (word32)recordLength, 0);
if (ret == WANT_WRITE) {
ssl->dtls13FragOffset += fragLength;
return ret;
@ -930,7 +930,7 @@ static int Dtls13SendFragmented(WOLFSSL* ssl, byte* message, word16 length,
hash now pretending fragmentation will not happen */
if (hash_output) {
ret = Dtls13HashHandshake(ssl, message + rlHeaderLength,
length - rlHeaderLength);
length - (word16)rlHeaderLength);
if (ret != 0)
return ret;
}
@ -1022,7 +1022,7 @@ static int Dtls13UnifiedHeaderParseCID(WOLFSSL* ssl, byte flags,
if (ret != WOLFSSL_SUCCESS)
return ret;
*idx += _cidSz;
*idx += (word16)_cidSz;
return 0;
}
@ -1256,7 +1256,7 @@ int Dtls13ReconstructEpochNumber(WOLFSSL* ssl, byte epochBits,
{
w64wrapper _epoch;
Dtls13Epoch* e;
byte found;
byte found = 0;
int i;
if (Dtls13GetEpochBits(ssl->dtls13PeerEpoch) == epochBits) {
@ -1465,7 +1465,7 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
seq = ssl->dtls13EncryptEpoch->nextSeqNumber;
ret = Dtls13SendFragment(ssl, output, sendSz, r->length + headerLength,
ret = Dtls13SendFragment(ssl, output, (word16)sendSz, r->length + headerLength,
(enum HandShakeType)r->handshakeType, 0,
isLast || !ssl->options.groupMessages);
if (ret != 0 && ret != WANT_WRITE)
@ -1590,7 +1590,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
ssl->keys.dtls_expected_peer_handshake_number ||
usingAsyncCrypto) {
if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) {
DtlsMsgStore(ssl, w64GetLow32(ssl->keys.curEpoch64),
DtlsMsgStore(ssl, (word16)w64GetLow32(ssl->keys.curEpoch64),
ssl->keys.dtls_peer_handshake_number,
input + DTLS_HANDSHAKE_HEADER_SZ, messageLength, handshakeType,
fragOff, fragLength, ssl->heap);
@ -1672,7 +1672,7 @@ int Dtls13AddHeaders(byte* output, word32 length, enum HandShakeType hsType,
WOLFSSL* ssl)
{
word16 handshakeOffset;
int isEncrypted;
byte isEncrypted;
isEncrypted = Dtls13TypeIsEncrypted(hsType);
handshakeOffset = Dtls13GetRlHeaderLength(ssl, isEncrypted);
@ -2004,7 +2004,7 @@ int Dtls13NewEpoch(WOLFSSL* ssl, w64wrapper epochNumber, int side)
/* fresh epoch, initialize fields */
e->epochNumber = epochNumber;
e->isValid = 1;
e->side = side;
e->side = (byte)side;
}
else if (e->side != side) {
/* epoch used for the other side already. update side */
@ -2212,7 +2212,7 @@ static int Dtls13GetAckListLength(Dtls13RecordNumber* list, word16* length)
numberElements++;
}
*length = DTLS13_RN_SIZE * numberElements;
*length = (word16)(DTLS13_RN_SIZE * numberElements);
return 0;
}
@ -2525,7 +2525,7 @@ int SendDtls13Ack(WOLFSSL* ssl)
output =
ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length;
ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, length);
ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, (word16)length);
if (ret != 0)
return ret;

16
src/internal.c
View File

@ -8381,16 +8381,15 @@ static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
/* frag->padding makes sure we can fit the entire DTLS handshake header
* before frag->buf */
dtls = (DtlsHandShakeHeader*)(void *)((char *)msg->fragBucketList
+ OFFSETOF(DtlsFragBucket,buf)
- DTLS_HANDSHAKE_HEADER_SZ);
dtls = (DtlsHandShakeHeader*)(msg->fragBucketList->buf -
DTLS_HANDSHAKE_HEADER_SZ);
msg->fragBucketList = NULL;
msg->fragBucketListCount = 0;
dtls->type = msg->type;
c32to24(msg->sz, dtls->length);
c16toa(msg->seq, dtls->message_seq);
c16toa((word16)msg->seq, dtls->message_seq);
c32to24(0, dtls->fragment_offset);
c32to24(msg->sz, dtls->fragment_length);
}
@ -9312,7 +9311,7 @@ int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
if (IsAtLeastTLSv1_3(ssl->version)) {
#ifdef WOLFSSL_DTLS13
word16 dtls_record_extra;
dtls_record_extra = Dtls13GetRlHeaderLength(ssl, IsEncryptionOn(ssl, 1));
dtls_record_extra = Dtls13GetRlHeaderLength(ssl, (byte)IsEncryptionOn(ssl, 1));
dtls_record_extra -= RECORD_HEADER_SZ;
adj += dtls_record_extra;
@ -9348,7 +9347,7 @@ int HashInput(WOLFSSL* ssl, const byte* input, int sz)
#ifdef WOLFSSL_DTLS13
if (IsAtLeastTLSv1_3(ssl->version))
return Dtls13HashHandshake(ssl, adj, sz);
return Dtls13HashHandshake(ssl, adj, (word16)sz);
#endif /* WOLFSSL_DTLS13 */
}
@ -10170,7 +10169,7 @@ static int GetDtls13RecordHeader(WOLFSSL* ssl, const byte* input,
return ret;
}
ret = Dtls13ParseUnifiedRecordLayer(ssl, input + *inOutIdx, readSize,
ret = Dtls13ParseUnifiedRecordLayer(ssl, input + *inOutIdx, (word16)readSize,
&hdrInfo);
if (ret != 0)
@ -20690,6 +20689,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
if (sizeOnly)
goto exit_buildmsg;
{
#if defined(HAVE_SECURE_RENEGOTIATION) && defined(WOLFSSL_DTLS)
/* If we want the PREV_ORDER then modify CUR_ORDER sequence number
* for all encryption algos that use it for encryption parameters */
@ -20730,6 +20730,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
ssl->keys.dtls_sequence_number_lo = dtls_sequence_number_lo;
}
#endif
}
if (ret != 0)
goto exit_buildmsg;
ssl->options.buildMsgState = BUILD_MSG_ENCRYPTED_VERIFY_MAC;

2
src/ssl.c
View File

@ -1217,7 +1217,7 @@ void* wolfSSL_dtls_create_peer(int port, char* ip)
}
addr->sin_family = AF_INET;
addr->sin_port = htons(port);
addr->sin_port = XHTONS((word16)port);
if (XINET_PTON(AF_INET, ip, &addr->sin_addr) < 1) {
XFREE(addr, NULL, DYNAMIC_TYPE_SOCKADDR);
return NULL;

2
src/tls.c
View File

@ -5937,7 +5937,7 @@ static int TLSX_SupportedVersions_Parse(WOLFSSL* ssl, const byte* input,
ProtocolVersion pv = ssl->ctx->method->version;
int i;
int len;
int newMinor = 0;
byte newMinor = 0;
int set = 0;
int ret;
byte major, minor;

32
src/tls13.c
View File

@ -2994,7 +2994,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
#ifdef WOLFSSL_DTLS13
if (ret == 0 && ssl->options.dtls) {
/* AAD points to the header. Reuse the variable */
ret = Dtls13EncryptRecordNumber(ssl, (byte*)aad, args->sz);
ret = Dtls13EncryptRecordNumber(ssl, (byte*)aad, (word16)args->sz);
}
#endif /* WOLFSSL_DTLS13 */
}
@ -3954,7 +3954,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
if (ssl->options.dtls)
ret = Dtls13HashHandshake(ssl,
args->output + Dtls13GetRlHeaderLength(ssl, 0),
args->idx - Dtls13GetRlHeaderLength(ssl, 0));
(word16)args->idx - Dtls13GetRlHeaderLength(ssl, 0));
else
#endif /* WOLFSSL_DTLS13 */
ret = HashOutput(ssl, args->output, args->idx, 0);
@ -3975,8 +3975,8 @@ int SendTls13ClientHello(WOLFSSL* ssl)
ssl->options.buildingMsg = 0;
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HandshakeSend(ssl, args->output, args->sendSz,
args->idx, client_hello, 0);
ret = Dtls13HandshakeSend(ssl, args->output, (word16)args->sendSz,
(word16)args->idx, client_hello, 0);
WOLFSSL_LEAVE("SendTls13ClientHello", ret);
WOLFSSL_END(WC_FUNC_CLIENT_HELLO_SEND);
@ -4035,7 +4035,7 @@ static int Dtls13DoDowngrade(WOLFSSL* ssl)
ssl->dtls13ClientHello = NULL;
ssl->dtls13ClientHelloSz = 0;
ssl->keys.dtls_sequence_number_hi =
w64GetHigh32(ssl->dtls13EncryptEpoch->nextSeqNumber);
(word16)w64GetHigh32(ssl->dtls13EncryptEpoch->nextSeqNumber);
ssl->keys.dtls_sequence_number_lo =
w64GetLow32(ssl->dtls13EncryptEpoch->nextSeqNumber);
return ret;
@ -6176,8 +6176,8 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HashHandshake(ssl,
output + Dtls13GetRlHeaderLength(ssl, 0) ,
sendSz - Dtls13GetRlHeaderLength(ssl, 0));
output + Dtls13GetRlHeaderLength(ssl, 0) ,
(word16)sendSz - Dtls13GetRlHeaderLength(ssl, 0));
}
else
#endif /* WOLFSSL_DTLS13 */
@ -6204,7 +6204,7 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
ssl->options.buildingMsg = 0;
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HandshakeSend(ssl, output, sendSz, sendSz,
ret = Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)sendSz,
(enum HandShakeType)extMsgType, 0);
WOLFSSL_LEAVE("SendTls13ServerHello", ret);
@ -6345,7 +6345,7 @@ static int SendTls13EncryptedExtensions(WOLFSSL* ssl)
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ssl->options.buildingMsg = 0;
ret = Dtls13HandshakeSend(ssl, output, sendSz, idx,
ret = Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)idx,
encrypted_extensions, 1);
if (ret == 0)
@ -6457,7 +6457,8 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
if (ssl->options.dtls) {
ssl->options.buildingMsg = 0;
ret =
Dtls13HandshakeSend(ssl, output, sendSz, i, certificate_request, 1);
Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)i,
certificate_request, 1);
WOLFSSL_LEAVE("SendTls13CertificateRequest", ret);
WOLFSSL_END(WC_FUNC_CERTIFICATE_REQUEST_SEND);
@ -7267,7 +7268,8 @@ static int SendTls13Certificate(WOLFSSL* ssl)
/* DTLS1.3 uses a separate variable and logic for fragments */
ssl->options.buildingMsg = 0;
ssl->fragOffset = 0;
ret = Dtls13HandshakeSend(ssl, output, sendSz, i, certificate, 1);
ret = Dtls13HandshakeSend(ssl, output, (word16)sendSz, (word16)i,
certificate, 1);
}
else
#endif /* WOLFSSL_DTLS13 */
@ -7804,7 +7806,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
ssl->options.buildingMsg = 0;
ret = Dtls13HandshakeSend(ssl, args->output,
MAX_CERT_VERIFY_SZ + MAX_MSG_EXTRA + MAX_MSG_EXTRA,
args->sendSz, certificate_verify, 1);
(word16)args->sendSz, certificate_verify, 1);
if (ret != 0)
goto exit_scv;
@ -8731,8 +8733,8 @@ static int SendTls13Finished(WOLFSSL* ssl)
#ifdef WOLFSSL_DTLS13
if (isDtls) {
dtlsRet = Dtls13HandshakeSend(ssl, output, outputSz,
Dtls13GetRlHeaderLength(ssl, 1) + headerSz + finishedSz, finished,
dtlsRet = Dtls13HandshakeSend(ssl, output, (word16)outputSz,
(word16)(Dtls13GetRlHeaderLength(ssl, 1) + headerSz + finishedSz), finished,
1);
if (dtlsRet != 0 && dtlsRet != WANT_WRITE)
return ret;
@ -8943,7 +8945,7 @@ static int SendTls13KeyUpdate(WOLFSSL* ssl)
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13HandshakeSend(ssl, output, outputSz,
ret = Dtls13HandshakeSend(ssl, output, (word16)outputSz,
OPAQUE8_LEN + Dtls13GetRlHeaderLength(ssl, 1) +
DTLS_HANDSHAKE_HEADER_SZ,
key_update, 0);

6
src/wolfio.c
View File

@ -374,9 +374,9 @@ static int sockAddrEqual(
static int isDGramSock(int sfd)
{
int type = 0;
char type = 0;
/* optvalue 'type' is of size int */
XSOCKLENT length = (XSOCKLENT)sizeof(int);
XSOCKLENT length = (XSOCKLENT)sizeof(char);
if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, &type, &length) == 0 &&
type != SOCK_DGRAM) {
@ -399,7 +399,7 @@ int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
byte doDtlsTimeout;
SOCKADDR_S lclPeer;
SOCKADDR_S* peer;
XSOCKLENT peerSz;
XSOCKLENT peerSz = 0;
WOLFSSL_ENTER("EmbedReceiveFrom()");

4
testsuite/testsuite.c
View File

@ -449,7 +449,9 @@ void wait_tcp_ready(func_args* args)
* args->signal->ready = 0; */
(void)tx_mutex_put(&args->signal->mutex);
#elif defined(USE_WINDOWS_API)
/* Give peer a moment to get running */
_sleep(500);
#else
(void)args;
#endif