From 793df114f376a01bdbccab2e312521fcbd92169c Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Mon, 9 Sep 2019 17:02:57 -0500 Subject: [PATCH 1/5] Adding stack object type support to sk_value --- src/ssl.c | 42 +++++++++++++++++++++++++++++++++++++++++- wolfssl/internal.h | 9 +++++++++ 2 files changed, 50 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 3615b431b..999a16d7e 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25760,11 +25760,51 @@ int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk) void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, int i) { + #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) + int offset = i; + WOLFSSL_GENERAL_NAME* gn; + #endif + WOLFSSL_ENTER("wolfSSL_sk_value"); + for (; sk != NULL && i > 0; i--) sk = sk->next; if (sk == NULL) return NULL; - return (void*)sk->data.obj; + + switch (sk->type) { + #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) + case STACK_TYPE_X509: + return (void*)sk->data.x509; + case STACK_TYPE_CIPHER: + if (sk->data.cipher == NULL) + return NULL; + sk->data.cipher->offset = offset; + return (void*)sk->data.cipher; + case STACK_TYPE_GEN_NAME: + gn = (WOLFSSL_GENERAL_NAME*)sk->data.obj; + if (gn == NULL) + return NULL; + gn->type = sk->data.obj->type; + gn->d.ia5 = sk->data.obj->d.ia5; + gn->d.iPAddress = sk->data.obj->d.iPAddress; + gn->d.dNSName = sk->data.obj->d.dNSName; + gn->d.uniformResourceIdentifier = + sk->data.obj->d.uniformResourceIdentifier; + return (void*)gn; + case STACK_TYPE_ACCESS_DESCRIPTION: + return (void*)sk->data.access; + case STACK_TYPE_OBJ: + return (void*)sk->data.obj; + break; + case STACK_TYPE_NULL: + return (void*)sk->data.generic; + break; + case STACK_TYPE_X509_EXT: + return (void*)sk->data.ext; + #endif + default: + return (void*)sk->data.obj; + } } /* Free the structure for ASN1_OBJECT stack */ diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 56509903e..7d3da06b1 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1865,11 +1865,20 @@ WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); #endif /* WOLFSSL_DTLS_EXPORT_TYPES */ +#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) +#define UINT8_SZ 255 +#endif /* wolfSSL Cipher type just points back to SSL */ struct WOLFSSL_CIPHER { byte cipherSuite0; byte cipherSuite; WOLFSSL* ssl; +#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) + char description[UINT8_SZ]; + unsigned long offset; + unsigned int in_stack; /* TRUE if added to stack in wolfSSL_get_ciphers_compat */ + int bits; +#endif }; From 082d0e459d725e44f935c65ca89c39f72e5c9504 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Tue, 17 Sep 2019 10:59:33 -0500 Subject: [PATCH 2/5] Updates from review --- src/ssl.c | 8 +++++--- wolfssl/internal.h | 5 +---- wolfssl/ssl.h | 4 ++-- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 999a16d7e..4306e9a26 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25750,7 +25750,7 @@ void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_TIME* asn1Time) XMEMSET(asn1Time->data, 0, sizeof(asn1Time->data)); } -int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk) +int wolfSSL_sk_num(WOLFSSL_STACK* sk) { WOLFSSL_ENTER("wolfSSL_sk_num"); if (sk == NULL) @@ -25758,7 +25758,7 @@ int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk) return (int)sk->num; } -void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, int i) +void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i) { #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) int offset = i; @@ -25772,9 +25772,9 @@ void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, int i) return NULL; switch (sk->type) { - #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) case STACK_TYPE_X509: return (void*)sk->data.x509; + #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) case STACK_TYPE_CIPHER: if (sk->data.cipher == NULL) return NULL; @@ -25793,12 +25793,14 @@ void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, int i) return (void*)gn; case STACK_TYPE_ACCESS_DESCRIPTION: return (void*)sk->data.access; + #endif case STACK_TYPE_OBJ: return (void*)sk->data.obj; break; case STACK_TYPE_NULL: return (void*)sk->data.generic; break; + #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) case STACK_TYPE_X509_EXT: return (void*)sk->data.ext; #endif diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 7d3da06b1..93c7b8ad5 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1865,16 +1865,13 @@ WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); #endif /* WOLFSSL_DTLS_EXPORT_TYPES */ -#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) -#define UINT8_SZ 255 -#endif /* wolfSSL Cipher type just points back to SSL */ struct WOLFSSL_CIPHER { byte cipherSuite0; byte cipherSuite; WOLFSSL* ssl; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) - char description[UINT8_SZ]; + char description[MAX_CIPHERNAME_SZ]; unsigned long offset; unsigned int in_stack; /* TRUE if added to stack in wolfSSL_get_ciphers_compat */ int bits; diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index dd4333af2..a26e60c31 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1856,8 +1856,8 @@ WOLFSSL_API int wolfSSL_ASN1_TIME_diff(int *pday, int *psec, const WOLFSSL_ASN1_TIME *from, const WOLFSSL_ASN1_TIME *to); WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t); -WOLFSSL_API int wolfSSL_sk_num(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*); -WOLFSSL_API void* wolfSSL_sk_value(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)*, int); +WOLFSSL_API int wolfSSL_sk_num(WOLFSSL_STACK* sk); +WOLFSSL_API void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i); /* stunnel 4.28 needs */ WOLFSSL_API void* wolfSSL_CTX_get_ex_data(const WOLFSSL_CTX*, int); From f01e943448caafc57b9baca9833e064e2909a91f Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Fri, 20 Sep 2019 14:14:20 -0500 Subject: [PATCH 3/5] Adding support for STACKOF(CONF_VALUE) --- src/ssl.c | 2 ++ wolfssl/internal.h | 2 ++ wolfssl/openssl/conf.h | 48 +++++++++++++++++++++++++++++++++++++++++- wolfssl/ssl.h | 1 + 4 files changed, 52 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 4306e9a26..452e875ec 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25804,6 +25804,8 @@ void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i) case STACK_TYPE_X509_EXT: return (void*)sk->data.ext; #endif + case STACK_TYPE_CONF_VALUE: + return (void*)sk->data.conf->value; default: return (void*)sk->data.obj; } diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 93c7b8ad5..c270523f3 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3503,6 +3503,7 @@ typedef struct Arrays { #define STACK_TYPE_X509_EXT 7 #define STACK_TYPE_NULL 8 #define STACK_TYPE_X509_NAME 9 +#define STACK_TYPE_CONF_VALUE 10 struct WOLFSSL_STACK { unsigned long num; /* number of nodes in stack @@ -3519,6 +3520,7 @@ struct WOLFSSL_STACK { WOLFSSL_CIPHER cipher; WOLFSSL_ACCESS_DESCRIPTION* access; WOLFSSL_X509_EXTENSION* ext; + WOLFSSL_CONF_VALUE* conf; void* generic; char* string; WOLFSSL_GENERAL_NAME* gn; diff --git a/wolfssl/openssl/conf.h b/wolfssl/openssl/conf.h index 1e328cf47..12a20c8cf 100644 --- a/wolfssl/openssl/conf.h +++ b/wolfssl/openssl/conf.h @@ -1,2 +1,48 @@ -/* conf.h for openssl */ +/* conf.h + * + * Copyright (C) 2006-2019 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ +/* conf.h for openSSL */ + +#ifndef WOLFSSL_conf_H_ +#define WOLFSSL_conf_H_ + +#ifdef __cplusplus + extern "C" { +#endif + +struct WOLFSSL_CONF_VALUE { + char *section; + char *name; + char *value; +}; + +struct WOLFSSL_INIT_SETTINGS { + char* appname; +}; + +typedef struct WOLFSSL_CONF_VALUE CONF_VALUE; +typedef struct WOLFSSL_INIT_SETTINGS OPENSSL_INIT_SETTINGS; + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* WOLFSSL_conf_H_ */ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index a26e60c31..661f804f0 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -172,6 +172,7 @@ typedef struct WOLFSSL_X509_VERIFY_PARAM WOLFSSL_X509_VERIFY_PARAM; typedef struct WOLFSSL_BIO WOLFSSL_BIO; typedef struct WOLFSSL_BIO_METHOD WOLFSSL_BIO_METHOD; typedef struct WOLFSSL_X509_EXTENSION WOLFSSL_X509_EXTENSION; +typedef struct WOLFSSL_CONF_VALUE WOLFSSL_CONF_VALUE; typedef struct WOLFSSL_ASN1_TIME WOLFSSL_ASN1_TIME; typedef struct WOLFSSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT; typedef struct WOLFSSL_ASN1_OTHERNAME WOLFSSL_ASN1_OTHERNAME; From 425548565fdedb240002a404d332ed3d0dbf7658 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Fri, 20 Sep 2019 16:16:10 -0500 Subject: [PATCH 4/5] Fix after rebase --- src/ssl.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 452e875ec..55e7dee10 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25776,10 +25776,8 @@ void* wolfSSL_sk_value(WOLFSSL_STACK* sk, int i) return (void*)sk->data.x509; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) case STACK_TYPE_CIPHER: - if (sk->data.cipher == NULL) - return NULL; - sk->data.cipher->offset = offset; - return (void*)sk->data.cipher; + sk->data.cipher.offset = offset; + return (void*)&sk->data.cipher; case STACK_TYPE_GEN_NAME: gn = (WOLFSSL_GENERAL_NAME*)sk->data.obj; if (gn == NULL) From a1b324f7f8547d5c342e76b9c33e5bebf4cd72d5 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Thu, 26 Sep 2019 11:28:59 -0500 Subject: [PATCH 5/5] Adding sk_free support for CONF_VALUE --- src/ssl.c | 30 ++++++++++++++++++++++++++++++ wolfssl/openssl/stack.h | 2 ++ 2 files changed, 32 insertions(+) diff --git a/src/ssl.c b/src/ssl.c index 55e7dee10..13b0569ab 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25842,6 +25842,9 @@ void wolfSSL_sk_free(WOLFSSL_STACK* sk) case STACK_TYPE_X509_NAME: wolfSSL_sk_X509_NAME_free(sk); break; + case STACK_TYPE_CONF_VALUE: + wolfSSL_sk_CONF_VALUE_free(sk); + break; #endif default: wolfSSL_sk_ASN1_OBJECT_free(sk); @@ -25907,6 +25910,33 @@ void wolfSSL_sk_pop_free(WOLF_STACK_OF(WOLFSSL_ASN1_OBJECT)* sk, } } +#if defined(OPENSSL_ALL) +/* Free the structure for WOLFSSL_CONF_VALUE stack + * + * sk stack to free nodes in + */ +void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk) +{ + WOLFSSL_STACK* node; + WOLFSSL_STACK* tmp; + WOLFSSL_ENTER("wolfSSL_sk_CONF_VALUE_free"); + + if (sk == NULL) + return; + + /* parse through stack freeing each node */ + node = sk->next; + while (node) { + tmp = node; + node = node->next; + XFREE(tmp, NULL, DYNAMIC_TYPE_OPENSSL); + } + + /* free head of stack */ + XFREE(sk, NULL, DYNAMIC_TYPE_ASN1); +} +#endif + /* Creates and returns a new null stack. */ WOLFSSL_STACK* wolfSSL_sk_new_null(void) { diff --git a/wolfssl/openssl/stack.h b/wolfssl/openssl/stack.h index d92baa820..394047050 100644 --- a/wolfssl/openssl/stack.h +++ b/wolfssl/openssl/stack.h @@ -34,6 +34,8 @@ WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK *); WOLFSSL_API void wolfSSL_sk_GENERIC_free(WOLFSSL_STACK *); WOLFSSL_API int wolfSSL_sk_GENERIC_push(WOLFSSL_STACK *sk, void *data); WOLFSSL_API void wolfSSL_sk_pop_free(WOLFSSL_STACK *st, void (*func) (void *)); +WOLFSSL_API +void wolfSSL_sk_CONF_VALUE_free(WOLF_STACK_OF(WOLFSSL_CONF_VALUE)* sk); WOLFSSL_API WOLFSSL_STACK *wolfSSL_sk_new_null(void); WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);