Changes for various failing build configs

2024-10-18 16:34:25 -07:00 · 2024-10-18 16:34:25 -07:00 · 87ce96527a
commit 87ce96527a
parent 1afbf55a80
3 changed files with 35 additions and 13 deletions
--- a/src/ssl_certman.c
+++ b/src/ssl_certman.c
@ -455,8 +455,8 @@ int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
    return ret;
 }

-static int wolfSSL_CertManagerUnloadIntermediateCertsEx(WOLFSSL_CERT_MANAGER* cm,
-                                                 byte type)
+static int wolfSSL_CertManagerUnloadIntermediateCertsEx(
+                                WOLFSSL_CERT_MANAGER* cm, byte type)
 {
    int ret = WOLFSSL_SUCCESS;

@ -483,14 +483,16 @@ static int wolfSSL_CertManagerUnloadIntermediateCertsEx(WOLFSSL_CERT_MANAGER* cm
 }

 #if defined(OPENSSL_EXTRA)
-static int wolfSSL_CertManagerUnloadTempIntermediateCerts(WOLFSSL_CERT_MANAGER* cm)
+static int wolfSSL_CertManagerUnloadTempIntermediateCerts(
+    WOLFSSL_CERT_MANAGER* cm)
 {
    WOLFSSL_ENTER("wolfSSL_CertManagerUnloadTempIntermediateCerts");
    return wolfSSL_CertManagerUnloadIntermediateCertsEx(cm, WOLFSSL_INTER_CA);
 }
 #endif

-int wolfSSL_CertManagerUnloadIntermediateCerts(WOLFSSL_CERT_MANAGER* cm)
+int wolfSSL_CertManagerUnloadIntermediateCerts(
+    WOLFSSL_CERT_MANAGER* cm)
 {
    WOLFSSL_ENTER("wolfSSL_CertManagerUnloadIntermediateCerts");
    return wolfSSL_CertManagerUnloadIntermediateCertsEx(cm, WOLFSSL_CHAIN_CA);
--- a/src/x509.c
+++ b/src/x509.c
@ -7597,7 +7597,7 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
        else if (wc_PemGetHeaderFooter(CERT_TYPE, &header, &footer) == 0 &&
                XSTRNSTR((char*)curr, header, (unsigned int)sz) != NULL) {
            ret = X509StoreLoadCertBuffer(lookup->store, curr,
-                                                    (word32)sz, WOLFSSL_FILETYPE_PEM);
+                                        (word32)sz, WOLFSSL_FILETYPE_PEM);
            if (ret != WOLFSSL_SUCCESS)
                goto end;
            curr = (byte*)XSTRNSTR((char*)curr, footer, (unsigned int)sz);
@ -14205,8 +14205,9 @@ int wolfSSL_X509_NAME_digest(const WOLFSSL_X509_NAME *name,

 #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
    defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
-#if defined(OPENSSL_EXTRA) && (defined(SESSION_CERTS) || \
-                               defined(WOLFSSL_SIGNER_DER_CERT))
+#if defined(OPENSSL_EXTRA) && \
+    ((defined(SESSION_CERTS) && !defined(WOLFSSL_QT)) || \
+      defined(WOLFSSL_SIGNER_DER_CERT))

 /**
 * Find the issuing cert of the input cert. On a self-signed cert this
--- a/src/x509_str.c
+++ b/src/x509_str.c
@ -247,6 +247,7 @@ static void SetupStoreCtxError(WOLFSSL_X509_STORE_CTX* ctx, int ret)
 static int X509StoreVerifyCert(WOLFSSL_X509_STORE_CTX* ctx)
 {
    int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
+    WOLFSSL_ENTER("X509StoreVerifyCert");

    if (ctx->current_cert != NULL && ctx->current_cert->derCert != NULL) {
        ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
@ -874,7 +875,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs(
 int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer,
    WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x)
 {
-    int ret = WOLFSSL_FAILURE;
+    int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
    WOLFSSL_ENTER("wolfSSL_X509_STORE_CTX_get1_issuer");

    if (issuer == NULL || ctx == NULL || x == NULL)
@ -960,6 +961,7 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
    if ((store->cm = wolfSSL_CertManagerNew()) == NULL)
        goto err_exit;

+#ifdef OPENSSL_EXTRA
    if ((store->certs = wolfSSL_sk_X509_new_null()) == NULL)
        goto err_exit;

@ -970,6 +972,7 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_new(void)
    if ((store->trusted = wolfSSL_sk_X509_new_null()) == NULL)
        goto err_exit;
 #endif
+#endif

 #ifdef HAVE_CRL
    store->crl = store->cm->crl;
@ -1057,6 +1060,7 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
                wolfSSL_CertManagerFree(store->cm);
                store->cm = NULL;
            }
+#if defined(OPENSSL_EXTRA)
            if (store->certs != NULL) {
                wolfSSL_sk_X509_free(store->certs);
                store->certs = NULL;
@ -1071,6 +1075,7 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store)
                store->trusted = NULL;
            }
 #endif
+#endif
 #ifdef OPENSSL_ALL
            if (store->objs != NULL) {
                X509StoreFreeObjList(store, store->objs);
@ -1270,14 +1275,24 @@ int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509)
    #if !defined(WOLFSSL_SIGNER_DER_CERT)
            if (result == WOLFSSL_SUCCESS && store->trusted != NULL) {
                result = wolfSSL_sk_X509_push(store->trusted, x509);
-                result = (result > 0) ? WOLFSSL_SUCCESS : WOLFSSL_FATAL_ERROR;
+                if (result > 0) {
+                    result = WOLFSSL_SUCCESS;
+                }
+                else {
+                    result = WOLFSSL_FATAL_ERROR;
+                }
            }
    #endif
        }
        else {
            if (store->certs != NULL) {
                result = wolfSSL_sk_X509_push(store->certs, x509);
-                result = (result > 0) ? WOLFSSL_SUCCESS : WOLFSSL_FATAL_ERROR;
+                if (result > 0) {
+                    result = WOLFSSL_SUCCESS;
+                }
+                else {
+                    result = WOLFSSL_FATAL_ERROR;
+                }
            }
            else {
                /* If store->certs is NULL, this is an X509_STORE managed by an
@ -1327,7 +1342,7 @@ int wolfSSL_X509_STORE_set_default_paths(WOLFSSL_X509_STORE* store)
 int X509StoreLoadCertBuffer(WOLFSSL_X509_STORE *str,
                                        byte *buf, word32 bufLen, int type)
 {
-    int ret = WOLFSSL_FAILURE;
+    int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
    WOLFSSL_X509 *x509 = NULL;

    if (str == NULL || buf == NULL) {
@ -1654,6 +1669,10 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
 {
    WOLFSSL_STACK* ret = NULL;
    WOLFSSL_STACK* cert_stack = NULL;
+#if ((defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM)) || \
+     (defined(HAVE_CRL)))
+    WOLFSSL_X509_OBJECT* obj = NULL;
+#endif
 #if defined(WOLFSSL_SIGNER_DER_CERT) && !defined(NO_FILESYSTEM)
    WOLFSSL_X509* x509 = NULL;
    int i = 0;
@ -1698,7 +1717,7 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(
     * simplify cleanup logic handling cert merging above */
    for (i = 0; i < wolfSSL_sk_X509_num(cert_stack); i++) {
        x509 = wolfSSL_sk_value(cert_stack, i);
-        WOLFSSL_X509_OBJECT* obj = wolfSSL_X509_OBJECT_new();
+        obj = wolfSSL_X509_OBJECT_new();
        if (obj == NULL) {
            WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error");
            goto err_cleanup;
@ -1720,7 +1739,7 @@ WOLF_STACK_OF(WOLFSSL_X509_OBJECT)* wolfSSL_X509_STORE_get0_objects(

 #ifdef HAVE_CRL
    if (store->cm->crl != NULL) {
-        WOLFSSL_X509_OBJECT* obj = wolfSSL_X509_OBJECT_new();
+        obj = wolfSSL_X509_OBJECT_new();
        if (obj == NULL) {
            WOLFSSL_MSG("wolfSSL_X509_OBJECT_new error");
            goto err_cleanup;