From 17e102d914a59cfff8962dfb9ca363682cc288c8 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 1 Aug 2018 19:45:09 -0700 Subject: [PATCH] Fixes for asio build options (so includes OPENSSL_EXTRA). Fix for bad named variable `shutdown`. Fix for the side size in Options struct to support `WOLFSSL_SIDE_NEITHER` (3). Fix to set the side on wolfSS_connect() or wolfSS_accept(). --- configure.ac | 7 ++++--- src/ssl.c | 30 ++++++++++++++++++++---------- wolfssl/internal.h | 2 +- 3 files changed, 25 insertions(+), 14 deletions(-) diff --git a/configure.ac b/configure.ac index b3510c4a2..e50956bf1 100644 --- a/configure.ac +++ b/configure.ac @@ -3069,14 +3069,15 @@ AC_ARG_ENABLE([asio], ) if test "$ENABLED_ASIO" = "yes" then - # Requires opensslall make sure on + # Requires opensslextra and opensslall if test "x$ENABLED_OPENSSLALL" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno" then ENABLED_OPENSSLALL="yes" - AM_CFLAGS="-DOPENSSL_ALL $AM_CFLAGS" + ENABLED_OPENSSLEXTRA="yes" + AM_CFLAGS="-DOPENSSL_EXTRA -DOPENSSL_ALL $AM_CFLAGS" fi AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASIO -DASIO_USE_WOLFSSL -DWOLFSSL_KEY_GEN" - AM_CFLAGS="$AM_CFLAGS -DBOOST_ASIO_USE_WOLFSSL" + AM_CFLAGS="$AM_CFLAGS -DBOOST_ASIO_USE_WOLFSSL -DHAVE_EX_DATA" AM_CFLAGS="$AM_CFLAGS -DSSL_TXT_TLSV1_2 -DSSL_TXT_TLSV1_1" AM_CFLAGS="$AM_CFLAGS -DOPENSSL_NO_SSL2 -DOPENSSL_NO_SSL3" if test "$ENABLED_TLSV10" = "yes" diff --git a/src/ssl.c b/src/ssl.c index 7e19734cc..755cbcbc9 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -248,7 +248,7 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap) { WOLFSSL_CTX* ctx = NULL; - WOLFSSL_ENTER("WOLFSSL_CTX_new_ex"); + WOLFSSL_ENTER("wolfSSL_CTX_new_ex"); if (initRefCount == 0) { /* user no longer forced to call Init themselves */ @@ -8739,12 +8739,16 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, if (ssl == NULL) return BAD_FUNC_ARG; - #ifdef OPENSSL_EXTRA - if (ssl->CBIS != NULL) { - ssl->CBIS(ssl, SSL_ST_CONNECT, SSL_SUCCESS); - ssl->cbmode = SSL_CB_WRITE; - } - #endif + #ifdef OPENSSL_EXTRA + if (ssl->options.side == WOLFSSL_NEITHER_END) { + ssl->options.side = WOLFSSL_CLIENT_END; + } + + if (ssl->CBIS != NULL) { + ssl->CBIS(ssl, SSL_ST_CONNECT, SSL_SUCCESS); + ssl->cbmode = SSL_CB_WRITE; + } + #endif if (ssl->options.side != WOLFSSL_CLIENT_END) { WOLFSSL_ERROR(ssl->error = SIDE_ERROR); return WOLFSSL_FATAL_ERROR; @@ -9125,6 +9129,12 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif (void)haveMcast; + #ifdef OPENSSL_EXTRA + if (ssl->options.side == WOLFSSL_NEITHER_END) { + ssl->options.side = WOLFSSL_SERVER_END; + } + #endif + if (ssl->options.side != WOLFSSL_SERVER_END) { WOLFSSL_ERROR(ssl->error = SIDE_ERROR); return WOLFSSL_FATAL_ERROR; @@ -15444,17 +15454,17 @@ void wolfSSL_set_connect_state(WOLFSSL* ssl) int wolfSSL_get_shutdown(const WOLFSSL* ssl) { - int shutdown = 0; + int isShutdown = 0; WOLFSSL_ENTER("wolfSSL_get_shutdown"); if (ssl) { /* in OpenSSL, WOLFSSL_SENT_SHUTDOWN = 1, when closeNotifySent * * WOLFSSL_RECEIVED_SHUTDOWN = 2, from close notify or fatal err */ - shutdown = ((ssl->options.closeNotify||ssl->options.connReset) << 1) + isShutdown = ((ssl->options.closeNotify||ssl->options.connReset) << 1) | (ssl->options.sentNotify); } - return shutdown; + return isShutdown; } diff --git a/wolfssl/internal.h b/wolfssl/internal.h index ab96ac799..a3a8af56f 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3105,7 +3105,7 @@ typedef struct Options { #ifdef HAVE_EXT_CACHE word16 internalCacheOff:1; #endif - word16 side:1; /* client or server end */ + word16 side:2; /* client, server or neither end */ word16 verifyPeer:1; word16 verifyNone:1; word16 failNoCert:1;