Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes for minor whitespace and scan tools #4891

Merged
merged 7 commits into from
Feb 28, 2022
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -6843,7 +6843,7 @@ AS_CASE(["$CFLAGS $CPPFLAGS"],[*'WOLFSSL_TRUST_PEER_CERT'*],[ENABLED_TRUSTED_PEE


AS_CASE(["$CFLAGS $CPPFLAGS $AM_CFLAGS"],[*'OPENSSL_COMPATIBLE_DEFAULTS'*],
[ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=yes])
[ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=yes])
if test "x$ENABLED_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TRUST_PEER_CERT"
Expand Down
4 changes: 2 additions & 2 deletions examples/client/client.c
Original file line number Diff line number Diff line change
Expand Up @@ -3191,8 +3191,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif /* HAVE_ECC */
#if defined(WOLFSSL_TRUST_PEER_CERT) && !defined(NO_FILESYSTEM)
if (trustCert) {
if ((ret = wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
if (wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't load trusted peer cert file");
}
Expand Down
9 changes: 4 additions & 5 deletions examples/server/server.c
Original file line number Diff line number Diff line change
Expand Up @@ -2568,9 +2568,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
#ifdef WOLFSSL_TRUST_PEER_CERT
if (trustCert) {
if ((ret = wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
WOLFSSL_FILETYPE_PEM))
!= WOLFSSL_SUCCESS) {
if (wolfSSL_CTX_trust_peer_cert(ctx, trustCert,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
err_sys_ex(runWithErrors, "can't load trusted peer cert file");
}
}
Expand Down Expand Up @@ -2790,8 +2789,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
#ifdef WOLFSSL_TRUST_PEER_CERT
if (trustCert) {
if ((ret = wolfSSL_trust_peer_cert(ssl, trustCert,
WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
if (wolfSSL_trust_peer_cert(ssl, trustCert,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
err_sys_ex(runWithErrors, "can't load trusted peer cert "
"file");
}
Expand Down
12 changes: 6 additions & 6 deletions src/internal.c
Original file line number Diff line number Diff line change
Expand Up @@ -30626,7 +30626,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
id = ssl->session->altSessionID;
idSz = ID_LEN;
}
XMEMCPY(it.id, id, ID_LEN);
XMEMCPY(it.id, id, idSz);
julek-wolfssl marked this conversation as resolved.
Show resolved Hide resolved
}
#endif

Expand Down Expand Up @@ -30765,28 +30765,28 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* get master secret */
if (ret == WOLFSSL_TICKET_RET_OK || ret == WOLFSSL_TICKET_RET_CREATE) {
if (ssl->version.minor < it->pv.minor) {
ForceZero(&it, sizeof(it));
ForceZero(it, sizeof(*it));
julek-wolfssl marked this conversation as resolved.
Show resolved Hide resolved
WOLFSSL_MSG("Ticket has greater version");
return VERSION_ERROR;
}
else if (ssl->version.minor > it->pv.minor) {
if (IsAtLeastTLSv1_3(it->pv) != IsAtLeastTLSv1_3(ssl->version)) {
ForceZero(&it, sizeof(it));
ForceZero(it, sizeof(*it));
WOLFSSL_MSG("Tickets cannot be shared between "
"TLS 1.3 and TLS 1.2 and lower");
return VERSION_ERROR;
}

if (!ssl->options.downgrade) {
ForceZero(&it, sizeof(it));
ForceZero(it, sizeof(*it));
WOLFSSL_MSG("Ticket has lesser version");
return VERSION_ERROR;
}

WOLFSSL_MSG("Downgrading protocol due to ticket");

if (it->pv.minor < ssl->options.minDowngrade) {
ForceZero(&it, sizeof(it));
ForceZero(it, sizeof(*it));
return VERSION_ERROR;
}
ssl->version.minor = it->pv.minor;
Expand Down Expand Up @@ -30837,7 +30837,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
}

ForceZero(&it, sizeof(it));
ForceZero(it, sizeof(*it));

WOLFSSL_LEAVE("DoClientTicket", ret);
WOLFSSL_END(WC_FUNC_TICKET_DO);
Expand Down
17 changes: 10 additions & 7 deletions src/ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -5266,7 +5266,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
#define SESSIONS_PER_ROW 3
#define SESSION_ROWS 11
#endif
#define INVALID_SESSION_ROW -1
#define INVALID_SESSION_ROW (-1)

#ifdef NO_SESSION_CACHE_ROW_LOCK
#undef ENABLE_SESSION_CACHE_ROW_LOCK
Expand Down Expand Up @@ -5330,11 +5330,15 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
#error CLIENT_SESSION_ROWS too big
#endif

typedef struct ClientSession {
struct ClientSession {
word16 serverRow; /* SessionCache Row id */
word16 serverIdx; /* SessionCache Idx (column) */
word32 sessionIDHash;
} ClientSession;
};
#ifndef WOLFSSL_CLIENT_SESSION_DEFINED
typedef struct ClientSession ClientSession;
#define WOLFSSL_CLIENT_SESSION_DEFINED
#endif

typedef struct ClientRow {
int nextIdx; /* where to place next one */
Expand Down Expand Up @@ -15507,6 +15511,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
return WOLFSSL_FAILURE;
#endif

XMEMSET(bogusID, 0, sizeof(bogusID));
if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
id = ssl->arrays->sessionID;
else if (ssl->session->haveAltSessionID) {
Expand Down Expand Up @@ -15763,8 +15768,6 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
SESSION_ROW_UNLOCK(sessRow);
sessRow = NULL;
}
/* Make sure we don't access this anymore */
session = NULL;
julek-wolfssl marked this conversation as resolved.
Show resolved Hide resolved

if (ret != WOLFSSL_SUCCESS)
return ret;
Expand Down Expand Up @@ -24094,7 +24097,7 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
output->heap, DYNAMIC_TYPE_SESSION_TICK);
SparkiDev marked this conversation as resolved.
Show resolved Hide resolved
if (tmp == NULL) {
WOLFSSL_MSG("Failed to allocate memory for ticket");
XFREE(ticBuff, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
output->ticket = NULL;
output->ticketLen = 0;
output->ticketLenAlloc = 0;
Expand Down Expand Up @@ -24138,7 +24141,7 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
}
else {
if (ticBuff != NULL)
XFREE(ticBuff, input->heap, DYNAMIC_TYPE_SESSION_TICK);
XFREE(ticBuff, output->heap, DYNAMIC_TYPE_SESSION_TICK);
output->ticket = output->_staticTicket;
output->ticketLenAlloc = 0;
}
Expand Down
2 changes: 2 additions & 0 deletions src/wolfio.c
Original file line number Diff line number Diff line change
Expand Up @@ -834,10 +834,12 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
return -1;
}

#if !defined(HAVE_GETADDRINFO)
#ifdef WOLFSSL_IPV6
sockaddr_len = sizeof(SOCKADDR_IN6);
#else
sockaddr_len = sizeof(SOCKADDR_IN);
#endif
#endif
XMEMSET(&addr, 0, sizeof(addr));

Expand Down
2 changes: 2 additions & 0 deletions tests/api.c
Original file line number Diff line number Diff line change
Expand Up @@ -39320,6 +39320,8 @@ static void test_wolfSSL_SESSION(void)
#else
AssertIntEQ(wolfSSL_SESSION_has_ticket(sess), 0);
#endif
#else
(void)sess;
#endif /* OPENSSL_EXTRA */

/* Retain copy of the session for later testing */
Expand Down
9 changes: 6 additions & 3 deletions wolfssl/internal.h
Original file line number Diff line number Diff line change
Expand Up @@ -1691,7 +1691,10 @@ typedef WOLFSSL_BUFFER_INFO buffer;
typedef struct Suites Suites;

/* Declare opaque struct for API to use */
typedef struct ClientSession ClientSession;
#ifndef WOLFSSL_CLIENT_SESSION_DEFINED
typedef struct ClientSession ClientSession;
#define WOLFSSL_CLIENT_SESSION_DEFINED
#endif

/* defaults to client */
WOLFSSL_LOCAL void InitSSL_Method(WOLFSSL_METHOD* method, ProtocolVersion pv);
Expand Down Expand Up @@ -4608,13 +4611,13 @@ struct WOLFSSL {
*/
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
#define CLEAR_ASN_NO_PEM_HEADER_ERROR(err) \
err = wolfSSL_ERR_peek_last_error(); \
(err) = wolfSSL_ERR_peek_last_error(); \
if (ERR_GET_LIB(err) == ERR_LIB_PEM && \
ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { \
wc_RemoveErrorNode(-1); \
}
#else
#define CLEAR_ASN_NO_PEM_HEADER_ERROR(err) (void)err;
#define CLEAR_ASN_NO_PEM_HEADER_ERROR(err) (void)(err);
#endif

/*
Expand Down
3 changes: 2 additions & 1 deletion wolfssl/ssl.h
Original file line number Diff line number Diff line change
Expand Up @@ -2852,7 +2852,8 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* key, unsigned int len,
WOLFSSL_API int wolfSSL_Unload_trust_peers(WOLFSSL* ssl);
#endif
WOLFSSL_API int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX* ctx,
const unsigned char*, long, int);
const unsigned char* in,
long sz, int format);
#endif
WOLFSSL_API int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX* ctx,
const unsigned char* in, long sz, int format,
Expand Down