mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #6430 from kareem-wolfssl/memcached

Browse Source 
Add memcached support.
This commit is contained in:
JacobBarthelmeh 2023-11-22 16:20:28 -07:00 committed by GitHub
commit 5b3f5496f8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 228 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/main.yml vendored
View File

@ -40,6 +40,8 @@ jobs:
uses: ./.github/workflows/krb5.yml uses: ./.github/workflows/krb5.yml
packaging: packaging:
uses: ./.github/workflows/packaging.yml uses: ./.github/workflows/packaging.yml
memcached:
uses: ./.github/workflows/memcached.yml
# TODO: Currently this test fails. Enable it once it becomes passing. # TODO: Currently this test fails. Enable it once it becomes passing.
# haproxy: # haproxy:
# uses: ./.github/workflows/haproxy.yml # uses: ./.github/workflows/haproxy.yml

81
.github/workflows/memcached.yml vendored Normal file
View File

@ -0,0 +1,81 @@
name: memcached Tests
on:
workflow_call:
jobs:
build_wolfssl:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: --enable-memcached
install: true
- name: Upload built lib
uses: actions/upload-artifact@v3
with:
name: wolf-install-memcached
path: build-dir
retention-days: 1
memcached_check:
strategy:
fail-fast: false
matrix:
# List of releases to test
include:
- ref: 1.6.22
name: ${{ matrix.ref }}
runs-on: ubuntu-latest
needs: build_wolfssl
steps:
- name: Download lib
uses: actions/download-artifact@v3
with:
name: wolf-install-memcached
path: build-dir
- name: Checkout OSP
uses: actions/checkout@v3
with:
repository: wolfssl/osp
path: osp
- name: Install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y libevent-dev libevent-2.1-7 automake pkg-config make libio-socket-ssl-perl
- name: Checkout memcached
uses: actions/checkout@v3
with:
repository: memcached/memcached
ref: 1.6.22
path: memcached
- name: Configure and build memcached
run: |
cd $GITHUB_WORKSPACE/memcached/
patch -p1 < $GITHUB_WORKSPACE/osp/memcached/memcached_1.6.22.patch
./autogen.sh
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig ./configure --enable-wolfssl
make -j$(nproc)
- name: Confirm memcached built with wolfSSL
working-directory: ./memcached
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
ldd memcached | grep wolfssl
- name: Run memcached tests
working-directory: ./memcached
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
make -j$(nproc) test_tls

15
configure.ac
View File

@ -1601,6 +1601,7 @@ AC_ARG_ENABLE([mcast],
# strongSwan (--enable-strongswan) # strongSwan (--enable-strongswan)
# OpenLDAP (--enable-openldap) # OpenLDAP (--enable-openldap)
# hitch (--enable-hitch) # hitch (--enable-hitch)
# memcached (--enable-memcached)
# Bind DNS compatibility Build # Bind DNS compatibility Build
AC_ARG_ENABLE([bind], AC_ARG_ENABLE([bind],
@ -1811,6 +1812,13 @@ AC_ARG_ENABLE([hitch],
[ ENABLED_HITCH=no ] [ ENABLED_HITCH=no ]
) )
# memcached support
AC_ARG_ENABLE([memcached],
[AS_HELP_STRING([--enable-memcached],[Enable memcached support (default: disabled)])],
[ ENABLED_MEMCACHED=$enableval ],
[ ENABLED_MEMCACHED=no ]
)
# OpenSSL Coexist # OpenSSL Coexist
AC_ARG_ENABLE([opensslcoexist], AC_ARG_ENABLE([opensslcoexist],
[AS_HELP_STRING([--enable-opensslcoexist],[Enable coexistence of wolfssl/openssl (default: disabled)])], [AS_HELP_STRING([--enable-opensslcoexist],[Enable coexistence of wolfssl/openssl (default: disabled)])],
@ -6391,6 +6399,12 @@ then
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_COMPATIBLE_DEFAULTS -DWOLFSSL_CIPHER_INTERNALNAME" AM_CFLAGS="$AM_CFLAGS -DOPENSSL_COMPATIBLE_DEFAULTS -DWOLFSSL_CIPHER_INTERNALNAME"
fi fi
if test "$ENABLED_MEMCACHED" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SESSION_ID_CTX"
AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DHAVE_MEMCACHED"
fi
if test "$ENABLED_NGINX" = "yes"|| test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes" if test "$ENABLED_NGINX" = "yes"|| test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then then
@ -9682,6 +9696,7 @@ echo " * chrony: $ENABLED_CHRONY"
echo " * strongSwan: $ENABLED_STRONGSWAN" echo " * strongSwan: $ENABLED_STRONGSWAN"
echo " * OpenLDAP: $ENABLED_OPENLDAP" echo " * OpenLDAP: $ENABLED_OPENLDAP"
echo " * hitch: $ENABLED_HITCH" echo " * hitch: $ENABLED_HITCH"
echo " * memcached: $ENABLED_MEMCACHED"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS" echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS" echo " * DTLS: $ENABLED_DTLS"
echo " * DTLS v1.3: $ENABLED_DTLS13" echo " * DTLS v1.3: $ENABLED_DTLS13"

15
src/internal.c
View File

@ -7321,10 +7321,12 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ssl->alert_history.last_tx.code = -1; ssl->alert_history.last_tx.code = -1;
ssl->alert_history.last_tx.level = -1; ssl->alert_history.last_tx.level = -1;
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
/* copy over application session context ID */ /* copy over application session context ID */
ssl->sessionCtxSz = ctx->sessionCtxSz; ssl->sessionCtxSz = ctx->sessionCtxSz;
XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz); XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz);
#endif
#ifdef OPENSSL_EXTRA
ssl->cbioFlag = ctx->cbioFlag; ssl->cbioFlag = ctx->cbioFlag;
ssl->protoMsgCb = ctx->protoMsgCb; ssl->protoMsgCb = ctx->protoMsgCb;
@ -10359,6 +10361,8 @@ void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree)
int SendBuffered(WOLFSSL* ssl) int SendBuffered(WOLFSSL* ssl)
{ {
int retryLimit = WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS;
if (ssl->CBIOSend == NULL && !WOLFSSL_IS_QUIC(ssl)) { if (ssl->CBIOSend == NULL && !WOLFSSL_IS_QUIC(ssl)) {
WOLFSSL_MSG("Your IO Send callback is null, please set"); WOLFSSL_MSG("Your IO Send callback is null, please set");
return SOCKET_ERROR_E; return SOCKET_ERROR_E;
@ -10379,7 +10383,9 @@ int SendBuffered(WOLFSSL* ssl)
#endif #endif
while (ssl->buffers.outputBuffer.length > 0) { while (ssl->buffers.outputBuffer.length > 0) {
int sent = ssl->CBIOSend(ssl, int sent = 0;
retry:
sent = ssl->CBIOSend(ssl,
(char*)ssl->buffers.outputBuffer.buffer + (char*)ssl->buffers.outputBuffer.buffer +
ssl->buffers.outputBuffer.idx, ssl->buffers.outputBuffer.idx,
(int)ssl->buffers.outputBuffer.length, (int)ssl->buffers.outputBuffer.length,
@ -10388,6 +10394,11 @@ int SendBuffered(WOLFSSL* ssl)
switch (sent) { switch (sent) {
case WOLFSSL_CBIO_ERR_WANT_WRITE: /* would block */ case WOLFSSL_CBIO_ERR_WANT_WRITE: /* would block */
if (retryLimit > 0 && ssl->ctx->autoRetry &&
!ssl->options.handShakeDone && !ssl->options.dtls) {
retryLimit--;
goto retry;
}
return WANT_WRITE; return WANT_WRITE;
case WOLFSSL_CBIO_ERR_CONN_RST: /* connection reset */ case WOLFSSL_CBIO_ERR_CONN_RST: /* connection reset */

128
src/ssl.c
View File

@ -13509,7 +13509,7 @@ void SetupSession(WOLFSSL* ssl)
if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN); XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
session->haveEMS = ssl->options.haveEMS; session->haveEMS = ssl->options.haveEMS;
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
/* If using compatibility layer then check for and copy over session context /* If using compatibility layer then check for and copy over session context
* id. */ * id. */
if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) { if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) {
@ -14279,7 +14279,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
return ret; return ret;
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
/* check for application context id */ /* check for application context id */
if (ssl->sessionCtxSz > 0) { if (ssl->sessionCtxSz > 0) {
if (XMEMCMP(ssl->sessionCtx, ssl->session->sessionCtx, ssl->sessionCtxSz)) { if (XMEMCMP(ssl->sessionCtx, ssl->session->sessionCtx, ssl->sessionCtxSz)) {
@ -14288,7 +14288,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }
} }
#endif /* OPENSSL_EXTRA */ #endif /* WOLFSSL_SESSION_ID_CTX */
if (LowResTimer() >= (ssl->session->bornOn + ssl->session->timeout)) { if (LowResTimer() >= (ssl->session->bornOn + ssl->session->timeout)) {
#if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL) #if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL)
@ -17137,7 +17137,20 @@ cleanup:
#endif /* WOLFSSL_ENCRYPTED_KEYS */ #endif /* WOLFSSL_ENCRYPTED_KEYS */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
unsigned long wolfSSL_ERR_get_error(void)
{
WOLFSSL_ENTER("wolfSSL_ERR_get_error");
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
return wc_GetErrorNodeErr();
#else
return (unsigned long)(0 - NOT_COMPILED_IN);
#endif
}
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
int wolfSSL_num_locks(void) int wolfSSL_num_locks(void)
{ {
return 0; return 0;
@ -17179,16 +17192,6 @@ cleanup:
inner_idCb = f; inner_idCb = f;
} }
unsigned long wolfSSL_ERR_get_error(void)
{
WOLFSSL_ENTER("wolfSSL_ERR_get_error");
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
return wc_GetErrorNodeErr();
#else
return (unsigned long)(0 - NOT_COMPILED_IN);
#endif
}
#ifdef WOLFSSL_HAVE_ERROR_QUEUE #ifdef WOLFSSL_HAVE_ERROR_QUEUE
#ifndef NO_BIO #ifndef NO_BIO
/* print out and clear all errors */ /* print out and clear all errors */
@ -18218,7 +18221,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode) long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode)
{ {
/* WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is wolfSSL default mode */ /* WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is wolfSSL default mode */
@ -18274,39 +18277,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
} }
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
#ifndef NO_WOLFSSL_STUB
long wolfSSL_SSL_get_mode(WOLFSSL* ssl)
{
/* TODO: */
(void)ssl;
WOLFSSL_STUB("SSL_get_mode");
return 0;
}
#endif
#ifndef NO_WOLFSSL_STUB
long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
{
/* TODO: */
(void)ctx;
WOLFSSL_STUB("SSL_CTX_get_mode");
return 0;
}
#endif
#ifndef NO_WOLFSSL_STUB
void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
{
/* TODO: maybe? */
(void)ctx;
(void)m;
WOLFSSL_STUB("SSL_CTX_set_default_read_ahead");
}
#endif
/* Storing app session context id, this value is inherited by WOLFSSL /* Storing app session context id, this value is inherited by WOLFSSL
* objects created from WOLFSSL_CTX. Any session that is imported with a * objects created from WOLFSSL_CTX. Any session that is imported with a
* different session context id will be rejected. * different session context id will be rejected.
@ -18357,6 +18328,39 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
return WOLFSSL_SUCCESS; return WOLFSSL_SUCCESS;
} }
#endif
#ifdef OPENSSL_EXTRA
#ifndef NO_WOLFSSL_STUB
long wolfSSL_SSL_get_mode(WOLFSSL* ssl)
{
/* TODO: */
(void)ssl;
WOLFSSL_STUB("SSL_get_mode");
return 0;
}
#endif
#ifndef NO_WOLFSSL_STUB
long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
{
/* TODO: */
(void)ctx;
WOLFSSL_STUB("SSL_CTX_get_mode");
return 0;
}
#endif
#ifndef NO_WOLFSSL_STUB
void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
{
/* TODO: maybe? */
(void)ctx;
(void)m;
WOLFSSL_STUB("SSL_CTX_set_default_read_ahead");
}
#endif
long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx) long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
@ -20992,6 +20996,18 @@ void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
} }
} }
void wolfSSL_set_info_callback(WOLFSSL* ssl,
void (*f)(const WOLFSSL* ssl, int type, int val))
{
WOLFSSL_ENTER("wolfSSL_set_info_callback");
if (ssl == NULL) {
WOLFSSL_MSG("Bad function argument");
}
else {
ssl->CBIS = f;
}
}
unsigned long wolfSSL_ERR_peek_error(void) unsigned long wolfSSL_ERR_peek_error(void)
{ {
@ -22802,7 +22818,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
/* ServerID len | ServerID */ /* ServerID len | ServerID */
size += OPAQUE16_LEN + sess->idLen; size += OPAQUE16_LEN + sess->idLen;
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
/* session context ID len | session context ID */ /* session context ID len | session context ID */
size += OPAQUE8_LEN + sess->sessionCtxSz; size += OPAQUE8_LEN + sess->sessionCtxSz;
#endif #endif
@ -22882,7 +22898,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
XMEMCPY(data + idx, sess->serverID, sess->idLen); XMEMCPY(data + idx, sess->serverID, sess->idLen);
idx += sess->idLen; idx += sess->idLen;
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
data[idx++] = sess->sessionCtxSz; data[idx++] = sess->sessionCtxSz;
XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz); XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz);
idx += sess->sessionCtxSz; idx += sess->sessionCtxSz;
@ -23062,7 +23078,7 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
} }
XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen; XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen;
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
/* byte for length of session context ID */ /* byte for length of session context ID */
if (i - idx < OPAQUE8_LEN) { if (i - idx < OPAQUE8_LEN) {
ret = BUFFER_ERROR; ret = BUFFER_ERROR;
@ -27871,7 +27887,7 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
ssl->options.haveDilithiumSig = ctx->haveDilithiumSig; ssl->options.haveDilithiumSig = ctx->haveDilithiumSig;
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
/* copy over application session context ID */ /* copy over application session context ID */
ssl->sessionCtxSz = ctx->sessionCtxSz; ssl->sessionCtxSz = ctx->sessionCtxSz;
XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz); XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz);
@ -29472,6 +29488,16 @@ int wolfSSL_SSL_in_init(WOLFSSL *ssl)
return !wolfSSL_is_init_finished(ssl); return !wolfSSL_is_init_finished(ssl);
} }
int wolfSSL_SSL_in_before(const WOLFSSL *ssl)
{
WOLFSSL_ENTER("wolfSSL_SSL_in_before");
if (ssl == NULL)
return WOLFSSL_FAILURE;
return ssl->options.handShakeState == NULL_STATE;
}
int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl) int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl)
{ {
WOLFSSL_ENTER("wolfSSL_SSL_in_connect_init"); WOLFSSL_ENTER("wolfSSL_SSL_in_connect_init");

10
tests/api.c
View File

@ -40602,7 +40602,7 @@ static int test_wolfSSL_ERR_put_error(void)
static int test_wolfSSL_ERR_get_error_order(void) static int test_wolfSSL_ERR_get_error_order(void)
{ {
EXPECT_DECLS; EXPECT_DECLS;
#ifdef WOLFSSL_HAVE_ERROR_QUEUE #if defined(WOLFSSL_HAVE_ERROR_QUEUE) && defined(OPENSSL_EXTRA)
/* Empty the queue. */ /* Empty the queue. */
wolfSSL_ERR_clear_error(); wolfSSL_ERR_clear_error();
@ -40613,7 +40613,7 @@ static int test_wolfSSL_ERR_get_error_order(void)
ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_NO_SIGNER_E); ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_NO_SIGNER_E);
ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_SELF_SIGNED_E); ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_SELF_SIGNED_E);
ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_SELF_SIGNED_E); ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_SELF_SIGNED_E);
#endif /* WOLFSSL_HAVE_ERROR_QUEUE */ #endif /* WOLFSSL_HAVE_ERROR_QUEUE && OPENSSL_EXTRA */
return EXPECT_RESULT(); return EXPECT_RESULT();
} }
@ -45068,6 +45068,7 @@ static int test_wolfSSL_SESSION(void)
#endif #endif
ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS); ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
#ifdef WOLFSSL_SESSION_ID_CTX
/* fail case with miss match session context IDs (use compatibility API) */ /* fail case with miss match session context IDs (use compatibility API) */
ExpectIntEQ(SSL_set_session_id_context(ssl, context, contextSz), ExpectIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
SSL_SUCCESS); SSL_SUCCESS);
@ -45080,6 +45081,7 @@ static int test_wolfSSL_SESSION(void)
SSL_SUCCESS); SSL_SUCCESS);
ExpectNotNull(ssl = wolfSSL_new(ctx)); ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE); ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
#endif
#endif /* OPENSSL_EXTRA */ #endif /* OPENSSL_EXTRA */
wolfSSL_free(ssl); wolfSSL_free(ssl);
@ -62176,7 +62178,9 @@ static int test_wolfSSL_set_SSL_CTX(void)
ExpectNotNull(ssl = wolfSSL_new(ctx2)); ExpectNotNull(ssl = wolfSSL_new(ctx2));
ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0); ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
#ifdef WOLFSSL_INT_H #ifdef WOLFSSL_INT_H
#ifdef WOLFSSL_SESSION_ID_CTX
ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0); ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0);
#endif
ExpectTrue(ssl->buffers.certificate == ctx2->certificate); ExpectTrue(ssl->buffers.certificate == ctx2->certificate);
ExpectTrue(ssl->buffers.certChain == ctx2->certChain); ExpectTrue(ssl->buffers.certChain == ctx2->certChain);
#endif #endif
@ -62198,7 +62202,9 @@ static int test_wolfSSL_set_SSL_CTX(void)
#ifdef WOLFSSL_INT_H #ifdef WOLFSSL_INT_H
ExpectTrue(ssl->buffers.certificate == ctx1->certificate); ExpectTrue(ssl->buffers.certificate == ctx1->certificate);
ExpectTrue(ssl->buffers.certChain == ctx1->certChain); ExpectTrue(ssl->buffers.certChain == ctx1->certChain);
#ifdef WOLFSSL_SESSION_ID_CTX
ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0); ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0);
#endif
#endif #endif
wolfSSL_free(ssl); wolfSSL_free(ssl);

5
wolfcrypt/src/logging.c
View File

@ -443,7 +443,7 @@ WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void)
#endif /* !WOLFSSL_DEBUG_ERRORS_ONLY */ #endif /* !WOLFSSL_DEBUG_ERRORS_ONLY */
#endif /* DEBUG_WOLFSSL */ #endif /* DEBUG_WOLFSSL */
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || defined(HAVE_MEMCACHED)
#ifdef WOLFSSL_HAVE_ERROR_QUEUE #ifdef WOLFSSL_HAVE_ERROR_QUEUE
@ -1463,7 +1463,8 @@ void wc_ERR_print_errors_fp(XFILE fp)
#endif /* !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) */ #endif /* !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) */
#endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) */ #endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
|| defined(HAVE_MEMCACHED) */
/* /*
* When using OPENSSL_EXTRA or DEBUG_WOLFSSL_VERBOSE macro then WOLFSSL_ERROR is * When using OPENSSL_EXTRA or DEBUG_WOLFSSL_VERBOSE macro then WOLFSSL_ERROR is

16
wolfssl/internal.h
View File

@ -3666,11 +3666,13 @@ struct WOLFSSL_CTX {
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) #if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
word32 disabledCurves; /* curves disabled by user */ word32 disabledCurves; /* curves disabled by user */
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
byte sessionCtx[ID_LEN]; /* app session context ID */ byte sessionCtx[ID_LEN]; /* app session context ID */
byte sessionCtxSz;
#endif
#ifdef OPENSSL_EXTRA
const unsigned char *alpn_cli_protos;/* ALPN client protocol list */ const unsigned char *alpn_cli_protos;/* ALPN client protocol list */
unsigned int alpn_cli_protos_len; unsigned int alpn_cli_protos_len;
byte sessionCtxSz;
byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */ byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */
CallbackInfoState* CBIS; /* used to get info about SSL state */ CallbackInfoState* CBIS; /* used to get info about SSL state */
WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/ WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/
@ -4325,10 +4327,10 @@ struct WOLFSSL_SESSION {
word16 idLen; /* serverID length */ word16 idLen; /* serverID length */
byte serverID[SERVER_ID_LEN]; /* for easier client lookup */ byte serverID[SERVER_ID_LEN]; /* for easier client lookup */
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef WOLFSSL_SESSION_ID_CTX
byte sessionCtxSz; /* sessionCtx length */ byte sessionCtxSz; /* sessionCtx length */
byte sessionCtx[ID_LEN]; /* app specific context id */ byte sessionCtx[ID_LEN]; /* app specific context id */
#endif /* OPENSSL_EXTRA */ #endif /* WOLFSSL_SESSION_ID_CTX */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
byte peerVerifyRet; /* cert verify error */ byte peerVerifyRet; /* cert verify error */
#endif #endif
@ -5475,13 +5477,16 @@ struct WOLFSSL {
CipherSpecs specs; CipherSpecs specs;
Keys keys; Keys keys;
Options options; Options options;
#ifdef WOLFSSL_SESSION_ID_CTX
byte sessionCtx[ID_LEN]; /* app session context ID */
byte sessionCtxSz; /* size of sessionCtx stored */
#endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
CallbackInfoState* CBIS; /* used to get info about SSL state */ CallbackInfoState* CBIS; /* used to get info about SSL state */
int cbmode; /* read or write on info callback */ int cbmode; /* read or write on info callback */
int cbtype; /* event type in info callback */ int cbtype; /* event type in info callback */
WOLFSSL_BIO* biord; /* socket bio read to free/close */ WOLFSSL_BIO* biord; /* socket bio read to free/close */
WOLFSSL_BIO* biowr; /* socket bio write to free/close */ WOLFSSL_BIO* biowr; /* socket bio write to free/close */
byte sessionCtx[ID_LEN]; /* app session context ID */
WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/ WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL) #if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
@ -5493,7 +5498,6 @@ struct WOLFSSL {
#endif #endif
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
byte readAhead; byte readAhead;
byte sessionCtxSz; /* size of sessionCtx stored */
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
void* loggingCtx; /* logging callback argument */ void* loggingCtx; /* logging callback argument */
#endif #endif

3
wolfssl/openssl/ssl.h
View File

@ -925,6 +925,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_timeout(ctx, to) \ #define SSL_CTX_set_timeout(ctx, to) \
wolfSSL_CTX_set_timeout(ctx, (unsigned int)(to)) wolfSSL_CTX_set_timeout(ctx, (unsigned int)(to))
#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback #define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
#define SSL_set_info_callback wolfSSL_set_info_callback
#define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos #define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos
#define SSL_CTX_keylog_cb_func wolfSSL_CTX_keylog_cb_func #define SSL_CTX_keylog_cb_func wolfSSL_CTX_keylog_cb_func
@ -1552,6 +1553,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_OP_SINGLE_DH_USE WOLFSSL_OP_SINGLE_DH_USE #define SSL_OP_SINGLE_DH_USE WOLFSSL_OP_SINGLE_DH_USE
#define SSL_OP_SINGLE_ECDH_USE WOLFSSL_OP_SINGLE_ECDH_USE #define SSL_OP_SINGLE_ECDH_USE WOLFSSL_OP_SINGLE_ECDH_USE
#define SSL_OP_CIPHER_SERVER_PREFERENCE WOLFSSL_OP_CIPHER_SERVER_PREFERENCE #define SSL_OP_CIPHER_SERVER_PREFERENCE WOLFSSL_OP_CIPHER_SERVER_PREFERENCE
#define SSL_OP_NO_RENEGOTIATION WOLFSSL_OP_NO_RENEGOTIATION
#define OPENSSL_config wolfSSL_OPENSSL_config #define OPENSSL_config wolfSSL_OPENSSL_config
#define OPENSSL_memdup wolfSSL_OPENSSL_memdup #define OPENSSL_memdup wolfSSL_OPENSSL_memdup
@ -1563,6 +1565,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_get_wbio wolfSSL_SSL_get_wbio #define SSL_get_wbio wolfSSL_SSL_get_wbio
#define SSL_do_handshake wolfSSL_SSL_do_handshake #define SSL_do_handshake wolfSSL_SSL_do_handshake
#define SSL_in_init wolfSSL_SSL_in_init #define SSL_in_init wolfSSL_SSL_in_init
#define SSL_in_before wolfSSL_SSL_in_before
#define SSL_in_connect_init wolfSSL_SSL_in_connect_init #define SSL_in_connect_init wolfSSL_SSL_in_connect_init
#define SSL_get0_session wolfSSL_SSL_get0_session #define SSL_get0_session wolfSSL_SSL_get0_session
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb

6
wolfssl/ssl.h
View File

@ -2169,6 +2169,8 @@ WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);
WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx, WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
void (*f)(const WOLFSSL* ssl, int type, int val)); void (*f)(const WOLFSSL* ssl, int type, int val));
WOLFSSL_API void wolfSSL_set_info_callback(WOLFSSL* ssl,
void (*f)(const WOLFSSL* ssl, int type, int val));
WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void); WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void);
WOLFSSL_API int wolfSSL_GET_REASON(int); WOLFSSL_API int wolfSSL_GET_REASON(int);
@ -2271,6 +2273,7 @@ enum {
WOLFSSL_OP_TLS_D5_BUG = 0x00000080, WOLFSSL_OP_TLS_D5_BUG = 0x00000080,
WOLFSSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000100, WOLFSSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000100,
WOLFSSL_OP_TLS_ROLLBACK_BUG = 0x00000200, WOLFSSL_OP_TLS_ROLLBACK_BUG = 0x00000200,
WOLFSSL_OP_NO_RENEGOTIATION = 0x00000400,
WOLFSSL_OP_EPHEMERAL_RSA = 0x00000800, WOLFSSL_OP_EPHEMERAL_RSA = 0x00000800,
WOLFSSL_OP_NO_SSLv3 = 0x00001000, WOLFSSL_OP_NO_SSLv3 = 0x00001000,
WOLFSSL_OP_NO_TLSv1 = 0x00002000, WOLFSSL_OP_NO_TLSv1 = 0x00002000,
@ -2306,7 +2309,7 @@ enum {
}; };
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
defined(HAVE_WEBSERVER) defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
/* for compatibility these must be macros */ /* for compatibility these must be macros */
#define SSL_OP_MICROSOFT_SESS_ID_BUG WOLFSSL_OP_MICROSOFT_SESS_ID_BUG #define SSL_OP_MICROSOFT_SESS_ID_BUG WOLFSSL_OP_MICROSOFT_SESS_ID_BUG
@ -4939,6 +4942,7 @@ WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL* ssl);
#else #else
WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL* ssl);
#endif #endif
WOLFSSL_API int wolfSSL_SSL_in_before(const WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl);
#ifndef NO_SESSION_CACHE #ifndef NO_SESSION_CACHE

7
wolfssl/wolfcrypt/logging.h
View File

@ -109,11 +109,12 @@ WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix);
#if (defined(OPENSSL_EXTRA) && !defined(_WIN32) && \ #if (defined(OPENSSL_EXTRA) && !defined(_WIN32) && \
!defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE) !defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE) \
|| defined(HAVE_MEMCACHED)
#define WOLFSSL_HAVE_ERROR_QUEUE #define WOLFSSL_HAVE_ERROR_QUEUE
#endif #endif
#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || defined(HAVE_MEMCACHED)
WOLFSSL_LOCAL int wc_LoggingInit(void); WOLFSSL_LOCAL int wc_LoggingInit(void);
WOLFSSL_LOCAL int wc_LoggingCleanup(void); WOLFSSL_LOCAL int wc_LoggingCleanup(void);
WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf, WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
@ -135,7 +136,7 @@ WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix);
WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str, WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,
size_t len, void *u), void *u); size_t len, void *u), void *u);
#endif #endif
#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */ #endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE || HAVE_MEMCACHED */
#ifdef WOLFSSL_FUNC_TIME #ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance. /* WARNING: This code is only to be used for debugging performance.

3
wolfssl/wolfcrypt/settings.h
View File

@ -334,6 +334,9 @@
#undef HAVE_CTS #undef HAVE_CTS
#define HAVE_CTS #define HAVE_CTS
#undef WOLFSSL_SESSION_ID_CTX
#define WOLFSSL_SESSION_ID_CTX
#endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */ #endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */
/* Special small OpenSSL compat layer for certs */ /* Special small OpenSSL compat layer for certs */