Commit Graph

181 Commits

Author SHA1 Message Date
Daniel Pouzzner c81c9be9ce error code fixes:
* fix TLS layer to consistently use WOLFSSL_FATAL_ERROR for error retvals, rather than literal -1.
* add WC_NO_ERR_TRACE() wrapper around LENGTH_ONLY_E (it does not signify an error condition).
* refactor errcode handling for traceability in wolfSSL_DSA_do_sign(), wolfSSL_DH_size(), wolfSSL_EC_KEY_get_conv_form(), wolfSSL_d2i_DSA_SIG(), wolfSSL_DSA_do_sign(), SetDhInternal(), and wolfSSL_EC_KEY_get_conv_form().
2024-09-06 19:33:48 -05:00
Daniel Pouzzner b178138d83 src/internal.c: in wolfSSL_ERR_reason_error_string(), add missing error string for SCR_DIFFERENT_CERT_E, and de-gate error strings previously gated on HAVE_HTTP_CLIENT.
tests/api.c: add error_test() adapted from wolfcrypt/test/test.c, checking all error strings for expected presence/absence and length, called from existing test_wolfSSL_ERR_strings().

wolfssl/ssl.h, wolfssl/error-ssl.h, and wolfssl/wolfcrypt/error-crypt.h:
* move several negative error return codes from ssl.h to error-ssl.h,
* renumber them to conform to existing sequence, and
* include error-ssl.h from ssl.h;
* add special-case WOLFSSL_DEBUG_TRACE_ERROR_CODES macros for WOLFSSL_FAILURE;
* add missing WOLFSSL_API attribute to wc_backtrace_render().

add numerous WC_NO_ERR_TRACE()s to operand error code uses, cleaning up error traces in general, and particularly when WOLFSSL_DEBUG_TRACE_ERROR_CODES_ALWAYS.
* crypto lib (36),
* crypto test&benchmark (20),
* TLS lib (179),
* examples (122),
* linuxkm (3),
* tests/api.c (2272).
2024-08-28 23:05:04 -05:00
Juliusz Sosinowicz 3260a9b680 Address code review 2024-08-20 10:53:44 +02:00
Juliusz Sosinowicz a6a40de249 init sssd support
- Refactor OCSP to separate IO callback
- wolfSSL_BIO_reset: fix return
- CheckCertCRL_ex: return CRL_CERT_DATE_ERR instead of ASN_AFTER_DATE_E
- CheckCertCRL_ex: return most relevant error code
- i2d/d2i APIs: correct parameters handling and return codes
- Custom ASN1 structures: major refactor to make it much more versatile
- Use WOLFSSL_ASSERT_SIZEOF_GE where applicable
- wolfSSL_EVP_SignFinal: implement ecc
- wolfSSL_EVP_VerifyFinal: implement ecc
- OBJ_NAME_do_all: bring closer to OpenSSL functionality
- Correct return of *_push api
- Implement:
  - OCSP_REQ_CTX API
  - d2i_ECPKParameters
  - wolfSSL_sk_insert
  - OCSP_parse_url
  - X509_STORE_set1_param
  - X509_get0_subject_key_id
  - X509_OBJECT_retrieve_by_subject
  - OCSP_sendreq_nbio
2024-08-16 17:22:41 +02:00
Andras Fekete d7a0f49906 Programmatically remove NULL test before XFREE 2024-08-06 10:20:45 -04:00
David Garske 575df43889 Merge pull request #7768 from JacobBarthelmeh/copyright
update copyright to 2024
2024-07-19 14:27:39 -07:00
Daniel Pouzzner 787397b28e src/bio.c and related:
* refactor WOLFSSL_BIO.num and WOLFSSL_BIO.ptr as unions, for clarity and bug resistance (no functional changes).

* in wolfSSL_BIO_free(), add WOLFSSL_BIO_DGRAM to the test for closing bio->num.fd, fixing a descriptor leak.

* use SOCKET_INVALID consistently as the invalid value for WOLFSSL_BIO.num.fd, and use SOCKET_T consistently as the internal type for file descriptors.

* move the definitions for SOCKET_T and SOCKET_INVALID from wolfio.h to the filesystem section of wc_port.h, and allow override definitions of SOCKET_T.

detected and tested with wolfssl-multi-test.sh ... pq-hybrid-all-rpk-valgrind-unittest. also tested with wolfssl-multi-test.sh ... super-quick-check.
2024-07-19 14:50:26 -05:00
JacobBarthelmeh 31a6a2bf59 update copyright to 2024 2024-07-19 13:15:05 -06:00
Daniel Pouzzner ee7748f2e3 PR7648 20240418-exosip-apis peer review:
* tweak typography;
* move wolfSSL_i2d_X509_PUBKEY() from ssl.c to x509.c;
* in asn.h, add !NO_ASN_OLD_TYPE_NAMES macros to remap old names (ISSUER, SUBJECT, BEFORE, AFTER) by default unless the macros are already defined.
2024-07-16 19:12:19 -05:00
Daniel Pouzzner 9023aeef75 BIO/wolfio: refactor TranslateReturnCode(), wolfSSL_LastError(), and TranslateIoError() into complete+consistent wolfSSL_LastError() and TranslateIoReturnCode(), handling all special cases correctly, and correctly returning WOLFSSL_CBIO_ERR_WANT_WRITE and WOLFSSL_CBIO_ERR_TIMEOUT. use TranslateIoReturnCode() directly in wolfIO_Recv(), wolfIO_Send(), wolfIO_RecvFrom(), wolfIO_SendTo(), and remove now-superfluous TranslateIoError() calls from EmbedReceive(), EmbedSend(), EmbedReceiveFrom(), EmbedSendTo(), EmbedReceiveFromMcast(). 2024-07-16 19:12:19 -05:00
Daniel Pouzzner 5298039d09 fixes from peer review: move OS-specific code from wolfSSL_BIO_read() and wolfSSL_BIO_write() to wolfIO_Recv(), wolfIO_Send(), wolfIO_RecvFrom(), and wolfIO_SendTo(); add SOCKET_ETIMEDOUT definitions to wolfio.h; misc cleanups. 2024-07-16 19:12:19 -05:00
Daniel Pouzzner 7216a543dd checkpoint: complete test_wolfSSL_BIO_datagram(); fix some WOLFSSL_HAVE_BIO_ADDR gates to also gate on WOLFSSL_DTLS and OPENSSL_EXTRA; use DTLS_RECVFROM_FUNCTION, DTLS_SENDTO_FUNCTION, SOCKET_T, SOCKADDR, SOCKADDR_IN, and SOCKADDR_IN6 macros and types, and add SOCKADDR_UN type. 2024-07-16 19:12:18 -05:00
Daniel Pouzzner 29ec038aa6 checkpoint: add WOLFSSL_BIO_ADDR, wolfSSL_BIO_ADDR_new(), wolfSSL_BIO_ADDR_free(), wolfSSL_BIO_ADDR_clear(), wolfIO_SendTo(), wolfIO_RecvFrom(); fix name of wolfSSL_BIO_s_datagram(). 2024-07-16 19:12:18 -05:00
kaleb-himes c333fdf545 Check-in Nucleus Plus 2.3 port work 2024-07-09 15:53:00 -06:00
Daniel Pouzzner 88af1a2932 fixes for Coverity #394680, #394682, #394693, #394712. 2024-07-05 20:42:32 -05:00
David Garske 9b058ec3a2 Fixes for EMNET with non-blocking to handle want read/want write. ZD 18012 2024-05-24 07:42:18 -07:00
Andras Fekete 692a7d55ff Fix conversion error in wolfio.c 2024-05-14 11:02:28 -04:00
David Garske da6a11d1d1 Restore HAVE_NETDB_H and HAVE_SYS_IOCTL_H checks in the wolfio.c. 2024-04-01 09:49:22 -07:00
Andras Fekete 98f8329bf2 Add indentation for legibility 2024-03-08 11:49:38 -05:00
Andras Fekete 8fcb007301 Missing gating for netdb.h includes 2024-03-08 11:46:49 -05:00
Andras Fekete 897a8419c1 Move netdb.h and ioctl.h into wolfio.c 2024-03-01 11:59:02 -05:00
jordan e175004f85 Fix Infer Uninitialized Values. 2024-01-02 12:16:20 -06:00
Daniel Pouzzner 263973bde9 src/wolfio.c: fix stack allocations for cookie digests on NO_SHA builds;
configure.ac: fix dependencies for enable_dsa vs enable_sha in enable-all, enable-all-crypto, and ENABLED_DSA setup.
2023-11-15 14:43:23 -06:00
Daniel Pouzzner 7569cfdff8 src/internal.c,src/wolfio.c: fallback to SHA256 when NO_SHA, in LoadCertByIssuer(), MicriumGenerateCookie(), uIPGenerateCookie(), and GNRC_GenerateCookie();
tests/api.c: when NO_SHA, omit test_wolfSSL_CertManagerCheckOCSPResponse() and test_wolfSSL_CheckOCSPResponse() (both use static artifacts with SHA1 name and key hashes).
2023-11-15 00:09:22 -06:00
Per Allansson 5f20f1171d wolfio: request only IPv4 addresses unless IPv6 support is enabled 2023-10-13 15:25:16 +02:00
JacobBarthelmeh 1285ae7816 Merge pull request #6506 from DimitriPapadopoulos/codespell
Fix typos found by codespell
2023-07-24 10:34:29 -06:00
Juliusz Sosinowicz 0b4e4287c9 getsockopt needs to take in an int
This caused an issue on big endian platforms

From the getsockopt man page:
       Most socket-level options utilize an int argument for optval.  For setsockopt(), the argument should be non‐
       zero to enable a boolean option, or zero if the option is to be disabled.
2023-07-06 11:40:36 +02:00
Dimitri Papadopoulos 50752f5a2b Fix typos found by codespell 2023-07-04 07:21:27 +02:00
Mitch Capper 6185d66b01 For TranslateIoError use FormatMessage to get a better error message on win32 2023-06-23 14:05:38 -07:00
Chris Conlon 806c75d28b Merge pull request #6450 from miyazakh/fix_jenkins_android
fix to cast diff type, int and uint
2023-06-01 08:33:02 -06:00
Hideki Miyazaki 554e6472b5 addressed review comments 2023-05-31 06:54:14 +09:00
jordan 1bdd1cb157 Used codespell and fixed obvious typos in src and wolfssl. 2023-05-30 11:36:43 -05:00
Hideki Miyazaki 63a5fe3229 fix to cast diff type, int and uint 2023-05-30 17:32:42 +09:00
Marco Oliverio 5182fe3f7d wolfio: cleaning: use WOLFSSL_IP6 define instead of AF_INET6 2023-05-22 15:33:06 +00:00
Marco Oliverio 640f9cf967 wolfio: EmbedRecvFrom: check ipv6 peer on non-ipv6 version 2023-05-22 15:33:05 +00:00
Marco Oliverio 73f502e189 wolfio: dtls: retry instead of returning WANT_READ on different peer
If EmbedReceiveFrom() returns WANT_READ, a blocking socket will not know how to
deal with the error. Retry the recvfrom instead adjusting the timeout.
2023-05-22 15:31:58 +00:00
Sean Parkinson 8851065848 cppcheck fixes
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
2023-04-03 16:59:58 +10:00
jordan 409ed6232a Used codespell and fixed obvious typos in src and wolfssl. 2023-03-02 09:52:07 -06:00
David Garske fc6d693dae Update logging enter, exit, msg to match function names. Fix some typos and improper use of "enter". Fix internal uses of SSL_SUCCESS and SSL_FAILURE. Add WOLFSSL_DEBUG_NONBLOCK option to allow printing iterations without debug enabled. 2023-02-21 12:02:15 -08:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
John Bland b36d585335 remove http header length check for CRL verification 2022-12-21 13:01:58 -05:00
jordan 246ce8dbe1 Cleanup spaces. 2022-12-06 15:24:34 -06:00
jordan 87113cc88d Fix mingw-w64 build issues on windows. 2022-12-03 17:00:44 -06:00
Per Allansson 68dc01e7b7 fix bug with wolfIO_TcpConnect not working with timeout
- non-blocking connect() on Windows returns SOCKET_ERROR + WSAEWOULDBLOCK
- the check for fd against FD_SETSIZE is wrong (and not needed) on Windows
2022-10-06 14:14:33 +02:00
Juliusz Sosinowicz 112fc540bb Fix build errors and warnings for MSVC with DTLS 1.3 2022-09-13 10:13:44 +02:00
David Garske 232a750cc2 Whitespace cleanup. 2022-09-02 09:54:17 -07:00
David Garske 2695f36642 Fixes for building with 32-bit and socket size sign/unsigned mismatch.
Tested with: `./configure --enable-all CFLAGS="-m32 -DXSOCKLENT=int" LDFLAGS="-m32" && make`
2022-09-01 11:39:34 -07:00
Sean Parkinson 56be09005f Merge pull request #5427 from julek-wolfssl/dtls-timeout-and-closed-socket
DTLS socket and timeout fixes
2022-08-05 08:13:14 +10:00
Juliusz Sosinowicz ebcfa31993 Refactor checking socket type into a function 2022-08-04 11:35:27 +02:00
Juliusz Sosinowicz 67d518544b EmbedReceiveFrom: fix when using a TCP socket
- recvfrom() returns 0 on a closed TCP socket
- TCP sockets set WOLFSSL_CBIO_ERR_ISR on a timeout
2022-08-04 11:27:45 +02:00