wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

add and use WOLFSSL_PARTIAL_CHAIN as native bitmask macro for compat layer X509_V_FLAG_PARTIAL_CHAIN;

Browse Source 
in src/x509_str.c, fix several C++ "invalid conversion" errors in X509StoreFreeObjList() and wolfSSL_X509_STORE_get0_objects().
This commit is contained in:
Daniel Pouzzner
2024-10-23 16:57:58 -05:00
parent 6f0bcac737
commit cab20fbdd2
3 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/x509_str.c
View File

@ -415,8 +415,8 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
* a trusted CA in the CM */ * a trusted CA in the CM */
ret = X509StoreVerifyCert(ctx); ret = X509StoreVerifyCert(ctx);
if (ret != WOLFSSL_SUCCESS) { if (ret != WOLFSSL_SUCCESS) {
if (((ctx->flags & X509_V_FLAG_PARTIAL_CHAIN) || if (((ctx->flags & WOLFSSL_PARTIAL_CHAIN) ||
(ctx->store->param->flags & X509_V_FLAG_PARTIAL_CHAIN)) && (ctx->store->param->flags & WOLFSSL_PARTIAL_CHAIN)) &&
(added == 1)) { (added == 1)) {
wolfSSL_sk_X509_push(ctx->chain, ctx->current_cert); wolfSSL_sk_X509_push(ctx->chain, ctx->current_cert);
ret = WOLFSSL_SUCCESS; ret = WOLFSSL_SUCCESS;
@ -592,8 +592,8 @@ int wolfSSL_X509_STORE_CTX_set_purpose(WOLFSSL_X509_STORE_CTX *ctx,
void wolfSSL_X509_STORE_CTX_set_flags(WOLFSSL_X509_STORE_CTX *ctx, void wolfSSL_X509_STORE_CTX_set_flags(WOLFSSL_X509_STORE_CTX *ctx,
unsigned long flags) unsigned long flags)
{ {
if ((ctx != NULL) && (flags & X509_V_FLAG_PARTIAL_CHAIN)){ if ((ctx != NULL) && (flags & WOLFSSL_PARTIAL_CHAIN)){
ctx->flags |= X509_V_FLAG_PARTIAL_CHAIN; ctx->flags |= WOLFSSL_PARTIAL_CHAIN;
} }
} }
@ -1059,9 +1059,9 @@ static void X509StoreFreeObjList(WOLFSSL_X509_STORE* store,
i = wolfSSL_sk_X509_OBJECT_num(objs) - 1; i = wolfSSL_sk_X509_OBJECT_num(objs) - 1;
while (cnt > 0 && i > 0) { while (cnt > 0 && i > 0) {
/* The inner X509 is owned by somebody else, NULL out the reference */ /* The inner X509 is owned by somebody else, NULL out the reference */
obj = wolfSSL_sk_X509_OBJECT_value(objs, i); obj = (WOLFSSL_X509_OBJECT *)wolfSSL_sk_X509_OBJECT_value(objs, i);
if (obj != NULL) { if (obj != NULL) {
obj->type = 0; obj->type = (WOLFSSL_X509_LOOKUP_TYPE)0;
obj->data.ptr = NULL; obj->data.ptr = NULL;
} }
cnt--; cnt--;
@ -1363,8 +1363,8 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag)
ret = wolfSSL_CertManagerDisableCRL(store->cm); ret = wolfSSL_CertManagerDisableCRL(store->cm);
} }
#endif #endif
if (flag & X509_V_FLAG_PARTIAL_CHAIN) { if (flag & WOLFSSL_PARTIAL_CHAIN) {
store->param->flags |= X509_V_FLAG_PARTIAL_CHAIN; store->param->flags |= WOLFSSL_PARTIAL_CHAIN;
} }
return ret; return ret;
} }
@ -1753,7 +1753,7 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
/* Do not modify stack until after we guarantee success to /* Do not modify stack until after we guarantee success to
* simplify cleanup logic handling cert merging above */ * simplify cleanup logic handling cert merging above */
for (i = 0; i < wolfSSL_sk_X509_num(cert_stack); i++) { for (i = 0; i < wolfSSL_sk_X509_num(cert_stack); i++) {
x509 = wolfSSL_sk_value(cert_stack, i); x509 = (WOLFSSL_X509 *)wolfSSL_sk_value(cert_stack, i);
obj = wolfSSL_X509_OBJECT_new(); obj = wolfSSL_X509_OBJECT_new();
if (obj == NULL) { if (obj == NULL) {
WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error"); WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error");

4
wolfssl/openssl/ssl.h
View File

@ -643,8 +643,8 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK #define X509_V_FLAG_CRL_CHECK WOLFSSL_CRL_CHECK
#define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL #define X509_V_FLAG_CRL_CHECK_ALL WOLFSSL_CRL_CHECKALL
#define X509_V_FLAG_PARTIAL_CHAIN 0x80000 #define X509_V_FLAG_PARTIAL_CHAIN WOLFSSL_PARTIAL_CHAIN
#define X509_V_FLAG_TRUSTED_FIRST 0 #define X509_V_FLAG_TRUSTED_FIRST 0 /* dummy value needed for gRPC port */
#define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME #define X509_V_FLAG_USE_CHECK_TIME WOLFSSL_USE_CHECK_TIME
#define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME #define X509_V_FLAG_NO_CHECK_TIME WOLFSSL_NO_CHECK_TIME

1
wolfssl/ssl.h
View File

@ -616,6 +616,7 @@ struct WOLFSSL_X509_STORE {
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
#define WOLFSSL_USE_CHECK_TIME 0x2 #define WOLFSSL_USE_CHECK_TIME 0x2
#define WOLFSSL_NO_CHECK_TIME 0x200000 #define WOLFSSL_NO_CHECK_TIME 0x200000
#define WOLFSSL_PARTIAL_CHAIN 0x80000
#define WOLFSSL_HOST_NAME_MAX 256 #define WOLFSSL_HOST_NAME_MAX 256
#define WOLFSSL_VPARAM_DEFAULT 0x1 #define WOLFSSL_VPARAM_DEFAULT 0x1