MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used.

configure.ac

@@ -2621,12 +2621,22 @@ fi
 LIB_SOCKET_NSL
 AX_HARDEN_CC_COMPILER_FLAGS
 
-# link to ws2_32 if on mingw
+# if mingw then link to ws2_32 for sockets
 case $host_os in
-    *mingw32)
+    mingw*)
         LDFLAGS="$LDFLAGS -lws2_32" ;;
 esac
 
+# add wolfSSL defines for shared/static
+if test "$enable_shared" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHARED"
+fi
+if test "$enable_static" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC"
+fi
+
 # add user C_EXTRA_FLAGS back
 CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS"
 OPTION_FLAGS="$USER_CFLAGS $USER_C_EXTRA_FLAGS $AM_CFLAGS"
@@ -2700,7 +2710,7 @@ for option in $OPTION_FLAGS; do
         noequalsign=`echo $defonly | sed 's/=/ /'`
         if test "$noequalsign" = "NDEBUG" || test "$noequalsign" = "DEBUG"
         then
-            echo "not outputing (N)DEBUG to $OPTION_FILE"
+            echo "not outputting (N)DEBUG to $OPTION_FILE"
             continue
         fi
 
@@ -2750,8 +2760,16 @@ done < $OPTION_FILE
 
 # switch ifdef protection in cyassl/option.h to CYASSL_OPTONS_H, remove bak
 sed -i.bak 's/WOLFSSL_OPTIONS_H/CYASSL_OPTIONS_H/g' cyassl/options.h
+
+# workaround for mingw sed that may get "Permission denied" trying to preserver permissions
+case $host_os in
+    mingw*)
+        chmod u+w cyassl/options.h ;;
+esac
+
 rm cyassl/options.h.bak
 
+
 # output config summary
 echo "---"
 echo "Configuration summary for $PACKAGE_NAME version $VERSION"

examples/echoserver/echoserver.c

@@ -84,7 +84,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     int    outCreated = 0;
     int    shutDown = 0;
     int    useAnyAddr = 0;
-    word16 port = wolfSSLPort;
+    word16 port;
     int    argc = ((func_args*)args)->argc;
     char** argv = ((func_args*)args)->argv;
 
@@ -114,14 +114,21 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     doPSK = 1;
 #endif
 
-    #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
-        !defined(CYASSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \
-        !defined(CYASSL_TIRTOS)
-        port = 0;
-    #endif
-    #if defined(USE_ANY_ADDR)
-        useAnyAddr = 1;
-    #endif
+#if defined(USE_WINDOWS_API)
+    /* Generate random port for testing */
+    port = GetRandomPort();
+#elif defined(NO_MAIN_DRIVER) && !defined(CYASSL_SNIFFER) && \
+     !defined(WOLFSSL_MDK_SHELL) && !defined(CYASSL_TIRTOS)
+    /* Let tcp_listen assign port */
+    port = 0;
+#else
+    /* Use default port */
+    port = wolfSSLPort;
+#endif
+
+#if defined(USE_ANY_ADDR)
+    useAnyAddr = 1;
+#endif
 
 #ifdef CYASSL_TIRTOS
     fdOpenSession(Task_self());

examples/server/server.c

@@ -398,10 +398,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
 
             case 'p' :
                 port = (word16)atoi(myoptarg);
-                #if defined(USE_WINDOWS_API)
-                    if (port == 0)
-                        err_sys("port number cannot be 0");
-                #endif
                 break;
 
             case 'w' :
@@ -726,6 +722,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
             err_sys("UseSNI failed");
 #endif
 
+#ifdef USE_WINDOWS_API
+    if (port == 0) {
+        /* Generate random port for testing */
+        port = GetRandomPort();
+    }
+#endif /* USE_WINDOWS_API */
+
     while (1) {
         /* allow resume option */
         if(resumeCount > 1) {

m4/visibility.m4

@@ -1,5 +1,5 @@
-# visibility.m4 serial 4 (gettext-0.18.2)
-dnl Copyright (C) 2005, 2008, 2010-2011 Free Software Foundation, Inc.
+# visibility.m4 serial 5 (gettext-0.18.2)
+dnl Copyright (C) 2005, 2008, 2010-2014 Free Software Foundation, Inc.
 dnl This file is free software; the Free Software Foundation
 dnl gives unlimited permission to copy and/or distribute it,
 dnl with or without modifications, as long as this notice is preserved.
@@ -12,7 +12,7 @@ dnl __attribute__((__visibility__("hidden"))) and
 dnl __attribute__((__visibility__("default"))).
 dnl Does *not* test for __visibility__("protected") - which has tricky
 dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on
-dnl MacOS X.
+dnl Mac OS X.
 dnl Does *not* test for __visibility__("internal") - which has processor
 dnl dependent semantics.
 dnl Does *not* test for #pragma GCC visibility push(hidden) - which is
@@ -58,7 +58,7 @@ AC_DEFUN([gl_VISIBILITY],
              extern __attribute__((__visibility__("default"))) int exportedvar;
              extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void);
              extern __attribute__((__visibility__("default"))) int exportedfunc (void);
-             void dummyfunc (void) {}
+             int hiddenfunc (void) { return 0; }
            ]],
            [[]])],
         [gl_cv_cc_visibility=yes],

scripts/external.test

@@ -16,9 +16,7 @@ else
 fi
 
 # is our desired server there?
-ping -c 2 $server
-RESULT=$?
-[ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
+./scripts/ping.test $server 2
 
 # client test against the server
 ./examples/client/client -X -C -h $server -p 443 -g -A $ca

scripts/google.test

@@ -7,9 +7,7 @@ server=www.google.com
 [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
 
 # is our desired server there?
-ping -c 2 $server
-RESULT=$?
-[ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
+./scripts/ping.test $server 2
 
 # client test against the server
 ./examples/client/client -X -C -h $server -p 443 -g -d

scripts/include.am

@@ -57,6 +57,8 @@ dist_noinst_SCRIPTS+= scripts/google.test
 endif
 endif
 
-EXTRA_DIST +=  scripts/testsuite.pcap
+EXTRA_DIST +=  scripts/testsuite.pcap \
+               scripts/ping.test
+
 # leave openssl.test as extra until non bash works
 EXTRA_DIST +=  scripts/openssl.test

scripts/ocsp-stapling.test

@@ -10,9 +10,7 @@ ca=certs/external/ca-verisign-g5.pem
 [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
 
 # is our desired server there? - login.live.com doesn't answers PING
-# ping -c 2 $server
-# RESULT=$?
-# [ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
+#./scripts/ping.test $server 2
 
 # client test against the server
 ./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1

scripts/ocsp.test

@@ -8,9 +8,7 @@ ca=certs/external/ca-globalsign-root-r2.pem
 [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
 
 # is our desired server there?
-ping -c 2 $server
-RESULT=$?
-[ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
+./scripts/ping.test $server 2
 
 # client test against the server
 ./examples/client/client -X -C -h $server -p 443 -A $ca -g -o

scripts/ping.test

@@ -0,0 +1,29 @@
+#!/bin/sh
+
+# ping.test
+
+# defaults
+server=www.wolfssl.com
+tries=2
+
+# populate args
+if [ "$#" -gt 1 ]; then
+    tries=$2
+fi
+if [ "$#" -gt 0 ]; then
+    server=$1
+fi
+
+# determine os
+OS="`uname`"
+case $OS in
+    MINGW* | MSYS*) PINGSW=-n ;;
+    *) PINGSW=-c ;;
+esac
+
+# is our desired server there?
+ping $PINGSW $tries $server
+RESULT=$?
+[ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
+
+exit 0

tests/api.c

@@ -58,7 +58,13 @@ static const char* passed = "passed";
 static const char* failed = "failed";
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
-static const char* bogusFile  = "/dev/null";
+    static const char* bogusFile  = 
+    #ifdef _WIN32
+        "NUL"
+    #else
+        "/dev/null"
+    #endif
+    ;
 #endif
 
 /*----------------------------------------------------------------------------*
@@ -485,7 +491,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
 {
     SOCKET_T sockfd = 0;
     SOCKET_T clientfd = 0;
-    word16 port = wolfSSLPort;
+    word16 port;
 
     WOLFSSL_METHOD* method = 0;
     WOLFSSL_CTX* ctx = 0;
@@ -503,10 +509,16 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
     method = wolfSSLv23_server_method();
     ctx = wolfSSL_CTX_new(method);
 
-#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
-   !defined(WOLFSSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \
-   !defined(WOLFSSL_TIRTOS)
+#if defined(USE_WINDOWS_API)
+    /* Generate random port for testing */
+    port = GetRandomPort();
+#elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
+     !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
+    /* Let tcp_listen assign port */
     port = 0;
+#else
+    /* Use default port */
+    port = wolfSSLPort;
 #endif
 
     wolfSSL_CTX_set_verify(ctx,
@@ -704,7 +716,7 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
     WOLFSSL*     ssl = NULL;
     SOCKET_T    sfd = 0;
     SOCKET_T    cfd = 0;
-    word16      port = wolfSSLPort;
+    word16      port;
 
     char msg[] = "I hear you fa shizzle!";
     int  len   = (int) XSTRLEN(msg);
@@ -716,10 +728,16 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
 #endif
     ((func_args*)args)->return_code = TEST_FAIL;
 
-#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
-   !defined(WOLFSSL_SNIFFER) && !defined(WOLFSSL_MDK_SHELL) && \
-   !defined(WOLFSSL_TIRTOS)
+#if defined(USE_WINDOWS_API)
+    /* Generate random port for testing */
+    port = GetRandomPort();
+#elif defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
+     !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS)
+    /* Let tcp_listen assign port */
     port = 0;
+#else
+    /* Use default port */
+    port = wolfSSLPort;
 #endif
 
     wolfSSL_CTX_set_verify(ctx,

tests/unit.c

@@ -152,6 +152,7 @@ void join_thread(THREAD_TYPE thread)
     assert(res == WAIT_OBJECT_0);
     res = CloseHandle((HANDLE)thread);
     assert(res);
+    (void)res; /* Suppress un-used variable warning */
 #endif
 }
 

testsuite/testsuite.c

@@ -332,6 +332,7 @@ void join_thread(THREAD_TYPE thread)
     assert(res == WAIT_OBJECT_0);
     res = CloseHandle((HANDLE)thread);
     assert(res);
+    (void)res; /* Suppress un-used variable warning */
 #endif
 }
 

wolfcrypt/src/asn.c

@@ -7093,7 +7093,7 @@ static int WriteCertBody(DerCert* der, byte* buffer)
     if (der->extensionsSz) {
         /* extensions */
         XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
-                                                   sizeof(der->extensions)));
+                                                   (int)sizeof(der->extensions)));
         idx += der->extensionsSz;
     }
 

wolfcrypt/src/dsa.c

@@ -347,7 +347,7 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
     int    ret, sz;
     byte   buffer[DSA_HALF_SIZE];
 
-    sz = min(sizeof(buffer), mp_unsigned_bin_size(&key->q));
+    sz = min((int)sizeof(buffer), mp_unsigned_bin_size(&key->q));
 
     /* generate k */
     ret = wc_RNG_GenerateBlock(rng, buffer, sz);

wolfssl/test.h

@@ -1925,4 +1925,18 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
     }
 #endif
 
+static INLINE word16 GetRandomPort(void)
+{
+    word16 port = 0;
+
+    /* Generate random port for testing */
+    WC_RNG rng;
+    if (wc_InitRng(&rng) == 0) {
+        wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port));
+        port |= 0xC000; /* Make sure its in the 49152 - 65535 range */
+        wc_FreeRng(&rng);
+    }
+    return port;
+}
+
 #endif /* wolfSSL_TEST_H */

wolfssl/wolfcrypt/types.h

@@ -223,6 +223,13 @@
                 #define XSTRTOK strtok_r
             #else
                 #define XSTRTOK strtok_s
+
+                #ifdef __MINGW32__
+                    #pragma GCC diagnostic push
+                    #pragma GCC diagnostic warning "-Wcpp"
+                    #warning "MinGW may be missing strtok_s. You can find a public domain implementation here: https://github.com/fletcher/MultiMarkdown-4/blob/master/strtok.c"
+                    #pragma GCC diagnostic pop
+                #endif
             #endif
         #endif
 	#endif

wolfssl/wolfcrypt/visibility.h

@@ -47,7 +47,8 @@
         #define WOLFSSL_API   __global
         #define WOLFSSL_LOCAL __hidden
     #elif defined(_MSC_VER)
-        #ifdef WOLFSSL_DLL
+        #if defined(WOLFSSL_DLL) || \
+            (defined(__MINGW32__) && defined(WOLFSSL_SHARED))
             #define WOLFSSL_API __declspec(dllexport)
         #else
             #define WOLFSSL_API
@@ -59,7 +60,8 @@
     #endif /* HAVE_VISIBILITY */
 #else /* BUILDING_WOLFSSL */
     #if defined(_MSC_VER)
-        #ifdef WOLFSSL_DLL
+        #if defined(WOLFSSL_DLL) || \
+            (defined(__MINGW32__) && defined(WOLFSSL_SHARED))
             #define WOLFSSL_API __declspec(dllimport)
         #else
             #define WOLFSSL_API