From f19541ffe5d47a4f4fd43f15d168bdc62c3e48d5 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 27 Apr 2016 11:29:42 -0600 Subject: [PATCH] update to MYSQL compatibility --- IDE/MYSQL/CMakeLists_wolfCrypt.txt | 3 +- src/ssl.c | 204 +++++++++++++++++++++++++++-- tests/api.c | 54 ++++++++ wolfssl/internal.h | 4 + wolfssl/openssl/des.h | 33 ++--- wolfssl/openssl/ssl.h | 14 +- wolfssl/ssl.h | 19 ++- 7 files changed, 289 insertions(+), 42 deletions(-) diff --git a/IDE/MYSQL/CMakeLists_wolfCrypt.txt b/IDE/MYSQL/CMakeLists_wolfCrypt.txt index 62184780b..49953507a 100644 --- a/IDE/MYSQL/CMakeLists_wolfCrypt.txt +++ b/IDE/MYSQL/CMakeLists_wolfCrypt.txt @@ -27,7 +27,7 @@ SET(WOLFCRYPT_SOURCES src/aes.c src/arc4.c src/asn.c src/blake2b.c src/camellia.c src/chacha.c src/coding.c src/compress.c src/des3.c src/dh.c src/dsa.c src/ecc.c src/error.c src/hc128.c src/hmac.c src/integer.c src/logging.c src/md2.c src/md4.c src/md5.c src/memory.c - src/misc.c src/pkcs7.c src/poly1305.c src/pwdbased.c src/rabbit.c + src/pkcs7.c src/poly1305.c src/pwdbased.c src/rabbit.c src/random.c src/ripemd.c src/rsa.c src/sha.c src/sha256.c src/sha512.c src/tfm.c src/wc_port.c src/wc_encrypt.c src/hash.c ../wolfssl/wolfcrypt/aes.h ../wolfssl/wolfcrypt/arc4.h ../wolfssl/wolfcrypt/asn.h ../wolfssl/wolfcrypt/blake2.h @@ -39,6 +39,7 @@ SET(WOLFCRYPT_SOURCES src/aes.c src/arc4.c src/asn.c src/blake2b.c ../wolfssl/wolfcrypt/tfm.h ../wolfssl/wolfcrypt/wc_port.h ../wolfssl/wolfcrypt/wc_encrypt.h ../wolfssl/wolfcrypt/hash.h ) +# misc.c is not compiled in since using INLINE ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES}) RESTRICT_SYMBOL_EXPORTS(wolfcrypt) diff --git a/src/ssl.c b/src/ssl.c index 3e58df848..411cea572 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -81,6 +81,7 @@ #include #include #include + #include #ifdef HAVE_STUNNEL #include #endif /* WITH_STUNNEL */ @@ -9760,6 +9761,35 @@ int wolfSSL_set_compression(WOLFSSL* ssl) } + /* WOLFSSL_DES_key_schedule is a unsigned char array of size 8 */ + void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input, + unsigned char* output, long sz, + WOLFSSL_DES_key_schedule* ks1, + WOLFSSL_DES_key_schedule* ks2, + WOLFSSL_DES_key_schedule* ks3, + WOLFSSL_DES_cblock* ivec, int enc) + { + Des3 des; + byte key[24];/* EDE uses 24 size key */ + + WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt"); + + XMEMSET(key, 0, sizeof(key)); + XMEMCPY(key, *ks1, DES_BLOCK_SIZE); + XMEMCPY(&key[DES_BLOCK_SIZE], *ks2, DES_BLOCK_SIZE); + XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE); + + if (enc) { + wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION); + wc_Des3_CbcEncrypt(&des, output, input, (word32)sz); + } + else { + wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_DECRYPTION); + wc_Des3_CbcDecrypt(&des, output, input, (word32)sz); + } + } + + /* correctly sets ivec for next call */ void wolfSSL_DES_ncbc_encrypt(const unsigned char* input, unsigned char* output, long length, @@ -10216,6 +10246,71 @@ static void ExternalFreeX509(WOLFSSL_X509* x509) WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_text_by_NID", textSz); return textSz; } + + int wolfSSL_X509_NAME_get_index_by_NID(WOLFSSL_X509_NAME* name, + int nid, int pos) + { + int ret = -1; + + WOLFSSL_ENTER("wolfSSL_X509_NAME_get_index_by_NID"); + + if (name == NULL) { + return BAD_FUNC_ARG; + } + + /* these index values are already stored in DecodedName + use those when available */ + if (name->fullName.fullName && name->fullName.fullNameLen > 0) { + switch (nid) { + case ASN_COMMON_NAME: + ret = name->fullName.cnIdx; + break; + default: + WOLFSSL_MSG("NID not yet implemented"); + break; + } + } + + WOLFSSL_LEAVE("wolfSSL_X509_NAME_get_index_by_NID", ret); + + (void)pos; + (void)nid; + + return ret; + } + + + WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY* in) + { + WOLFSSL_ENTER("wolfSSL_X509_NAME_ENTRY_get_data"); + return in->value; + } + + + char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING* asn) + { + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_data"); + + if (asn) { + return asn->data; + } + else { + return NULL; + } + } + + + int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING* asn) + { + WOLFSSL_ENTER("wolfSSL_ASN1_STRING_length"); + + if (asn) { + return asn->length; + } + else { + return 0; + } + } #endif @@ -10636,6 +10731,14 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format) #endif /* NO_FILESYSTEM */ #endif /* KEEP_PEER_CERT || SESSION_CERTS */ + +#ifdef OPENSSL_EXTRA /* needed for wolfSSL_X509_d21 function */ +WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl) +{ + DerBuffer* cert = ssl->buffers.certificate; + return wolfSSL_X509_d2i(NULL, cert->buffer, cert->length); +} +#endif /* OPENSSL_EXTRA */ #endif /* NO_CERTS */ @@ -11656,7 +11759,6 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime) } - int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a, const WOLFSSL_ASN1_INTEGER* b) { @@ -11835,14 +11937,16 @@ long wolfSSL_CTX_sess_number(WOLFSSL_CTX* ctx) void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes, WOLFSSL_DES_key_schedule* key) { - (void)myDes; - (void)key; + if (myDes != NULL && key != NULL) { + XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock)); + } } void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes) { (void)myDes; + WOLFSSL_STUB("wolfSSL_DES_set_odd_parity"); } @@ -11853,6 +11957,7 @@ void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa, (void)desb; (void)key; (void)len; + WOLFSSL_STUB("wolfSSL_DES_ecb_encrypt"); } #endif /* NO_DES3 */ @@ -16882,7 +16987,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl) #ifdef OPENSSL_EXTRA /*Lighttp compatibility*/ -#ifdef HAVE_LIGHTY +#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n, unsigned char *md) { @@ -16998,12 +17103,90 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl) } WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NAME *name, int loc) { + + int maxLoc = name->fullName.fullNameLen; + char* data = NULL; + int length; + int type; + + WOLFSSL_ASN1_STRING* asnStr; + WOLFSSL_X509_NAME_ENTRY* ret; + + WOLFSSL_ENTER("wolfSSL_X509_NAME_get_entry"); + + if (loc < 0 || loc > maxLoc) { + WOLFSSL_MSG("Bad argument"); + return NULL; + } + + ret = XMALLOC(sizeof(WOLFSSL_X509_NAME_ENTRY), NULL, DYNAMIC_TYPE_X509); + if (ret == NULL) { + return ret; + } + asnStr = XMALLOC(sizeof(WOLFSSL_ASN1_STRING), NULL, + DYNAMIC_TYPE_X509); + if (asnStr == NULL) { + XFREE(ret, NULL, DYNAMIC_TYPE_X509); + ret = NULL; + } + + /* initialize both structures */ + XMEMSET(ret, 0, sizeof(WOLFSSL_X509_NAME_ENTRY)); + XMEMSET(asnStr, 0, sizeof(WOLFSSL_ASN1_STRING)); + + /* common name index case */ + if (loc == name->fullName.cnIdx) { + length = name->fullName.cnLen; + data = name->fullName.fullName + loc; + type = ASN_COMMON_NAME; + } + + /* additionall cases to check for go here */ + + + if (data == NULL) { + WOLFSSL_MSG("Index not found"); + XFREE(asnStr, NULL, DYNAMIC_TYPE_X509); + XFREE(ret, NULL, DYNAMIC_TYPE_X509); + ret = NULL; + } + else { + asnStr->data = XMALLOC(length + 1, NULL, DYNAMIC_TYPE_X509); + if (asnStr->data == NULL) { + XFREE(asnStr, NULL, DYNAMIC_TYPE_X509); + XFREE(ret, NULL, DYNAMIC_TYPE_X509); + ret = NULL; + } + + /* check bounds before copying from fullName */ + if (loc + length > maxLoc) { + XFREE(asnStr, NULL, DYNAMIC_TYPE_X509); + XFREE(ret, NULL, DYNAMIC_TYPE_X509); + ret = NULL; + } + + if (ret != NULL) { + XMEMCPY(asnStr->data, data, length); + asnStr->data[length] = 0; + asnStr->length = length; + asnStr->type = type; + asnStr->flags = 0; + + ret->object = NULL; + ret->value = asnStr; + ret->set = 1; + ret->size = asnStr->length + sizeof(WOLFSSL_ASN1_STRING) + + sizeof(WOLFSSL_X509_NAME_ENTRY); + } + } + (void)name; (void)loc; - WOLFSSL_ENTER("wolfSSL_X509_NAME_get_entry"); - WOLFSSL_STUB("wolfSSL_X509_NAME_get_entry"); + (void)data; + (void)type; + (void)length; - return NULL; + return ret; } #ifndef NO_CERTS @@ -17038,7 +17221,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl) return NULL; } -#endif +#endif /* HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE */ #endif @@ -17135,7 +17318,8 @@ void* wolfSSL_get_ex_data(const WOLFSSL* ssl, int idx) #endif /* OPENSSL_EXTRA */ -#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) +#if defined(HAVE_LIGHTY) || defined(HAVE_STUNNEL) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) char * wolf_OBJ_nid2ln(int n) { (void)n; WOLFSSL_ENTER("wolf_OBJ_nid2ln"); @@ -17228,7 +17412,7 @@ long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh) return pSz > 0 && gSz > 0 ? ret : SSL_FATAL_ERROR; } #endif /* NO_DH */ -#endif /* HAVE_LIGHTY || HAVE_STUNNEL */ +#endif /* HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE */ /* stunnel compatibility functions*/ diff --git a/tests/api.c b/tests/api.c index da2273c53..630588d75 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39,6 +39,10 @@ #include #include +#ifdef OPENSSL_EXTRA + #include +#endif + /* enable testing buffer load functions */ #ifndef USE_CERT_BUFFERS_2048 #define USE_CERT_BUFFERS_2048 @@ -1662,6 +1666,53 @@ static void test_wolfSSL_UseALPN(void) #endif } +/*----------------------------------------------------------------------------* + | X509 Tests + *----------------------------------------------------------------------------*/ +static void test_wolfSSL_X509_NAME_get_entry(void) +{ +#ifndef NO_CERTS +#if defined(OPENSSL_EXTRA) && (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)) \ + && (defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE)) + printf(testingFmt, "wolfSSL_X509_NAME_get_entry()"); + + { + /* use openssl like name to test mapping */ + X509_NAME_ENTRY* ne = NULL; + X509_NAME* name = NULL; + char* subCN = NULL; + X509* x509; + ASN1_STRING* asn; + int idx; + + #ifndef NO_FILESYSTEM + x509 = wolfSSL_X509_load_certificate_file(cliCert, SSL_FILETYPE_PEM); + AssertNotNull(x509); + + name = X509_get_subject_name(x509); + + idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1); + AssertIntGE(idx, 0); + + ne = X509_NAME_get_entry(name, idx); + AssertNotNull(ne); + + asn = X509_NAME_ENTRY_get_data(ne); + AssertNotNull(asn); + + subCN = (char*)ASN1_STRING_data(asn); + AssertNotNull(subCN); + + #endif + + } + + printf(resultFmt, passed); +#endif /* OPENSSL_EXTRA */ +#endif /* !NO_CERTS */ +} + + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -1692,6 +1743,9 @@ void ApiTest(void) test_wolfSSL_UseSupportedCurve(); test_wolfSSL_UseALPN(); + /* X509 tests */ + test_wolfSSL_X509_NAME_get_entry(); + test_wolfSSL_Cleanup(); printf(" End API Tests\n"); } diff --git a/wolfssl/internal.h b/wolfssl/internal.h index cf101366a..507f152e1 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -873,7 +873,11 @@ enum Misc { ZLIB_COMPRESSION = 221, /* wolfSSL zlib compression */ HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */ SECRET_LEN = 48, /* pre RSA and all master */ +#if defined(WOLFSSL_MYSQL_COMPATIBLE) + ENCRYPT_LEN = 1024, /* allow larger static buffer with mysql */ +#else ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */ +#endif SIZEOF_SENDER = 4, /* clnt or srvr */ FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */ MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */ diff --git a/wolfssl/openssl/des.h b/wolfssl/openssl/des.h index e8c2ac42b..14b843b0b 100644 --- a/wolfssl/openssl/des.h +++ b/wolfssl/openssl/des.h @@ -61,6 +61,12 @@ WOLFSSL_API void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output, long length, WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec, int enc); +WOLFSSL_API void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input, + unsigned char* output, long sz, + WOLFSSL_DES_key_schedule* ks1, + WOLFSSL_DES_key_schedule* ks2, + WOLFSSL_DES_key_schedule* ks3, + WOLFSSL_DES_cblock* ivec, int enc); WOLFSSL_API void wolfSSL_DES_ncbc_encrypt(const unsigned char* input, unsigned char* output, long length, WOLFSSL_DES_key_schedule* schedule, @@ -76,27 +82,12 @@ typedef WOLFSSL_const_DES_cblock const_DES_cblock; typedef WOLFSSL_DES_key_schedule DES_key_schedule; #define DES_set_key_unchecked wolfSSL_DES_set_key_unchecked -#define DES_key_sched wolfSSL_DES_key_sched -#define DES_cbc_encrypt wolfSSL_DES_cbc_encrypt -#define DES_ncbc_encrypt wolfSSL_DES_ncbc_encrypt -#define DES_set_odd_parity wolfSSL_DES_set_odd_parity -#define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt -#define DES_ede3_cbc_encrypt(input, output, sz, ks1, ks2, ks3, ivec, enc) \ -do { \ - Des3 des; \ - byte key[24];/* EDE uses 24 size key */ \ - memcpy(key, (ks1), DES_BLOCK_SIZE); \ - memcpy(&key[DES_BLOCK_SIZE], (ks2), DES_BLOCK_SIZE); \ - memcpy(&key[DES_BLOCK_SIZE * 2], (ks3), DES_BLOCK_SIZE); \ - if (enc) { \ - wc_Des3_SetKey(&des, key, (const byte*)(ivec), DES_ENCRYPTION); \ - wc_Des3_CbcEncrypt(&des, (output), (input), (sz)); \ - } \ - else { \ - wc_Des3_SetKey(&des, key, (const byte*)(ivec), DES_ENCRYPTION); \ - wc_Des3_CbcDecrypt(&des, (output), (input), (sz)); \ - } \ -} while(0) +#define DES_key_sched wolfSSL_DES_key_sched +#define DES_cbc_encrypt wolfSSL_DES_cbc_encrypt +#define DES_ncbc_encrypt wolfSSL_DES_ncbc_encrypt +#define DES_set_odd_parity wolfSSL_DES_set_odd_parity +#define DES_ecb_encrypt wolfSSL_DES_ecb_encrypt +#define DES_ede3_cbc_encrypt wolfSSL_DES_ede3_cbc_encrypt #ifdef __cplusplus } /* extern "C" */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 67902a679..ce6865909 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -104,7 +104,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; #define SSL_get_verify_depth wolfSSL_get_verify_depth #define SSL_CTX_get_verify_mode wolfSSL_CTX_get_verify_mode #define SSL_CTX_get_verify_depth wolfSSL_CTX_get_verify_depth -#define SSL_get_certificate(ctx) 0 /* used to pass to get_privatekey */ +#define SSL_get_certificate wolfSSL_get_certificate #define SSLv3_server_method wolfSSLv3_server_method #define SSLv3_client_method wolfSSLv3_client_method @@ -409,7 +409,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; /* Lighthttp compatibility */ -#ifdef HAVE_LIGHTY +#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define SSL_CB_HANDSHAKE_START 0x10 @@ -428,14 +428,20 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define X509_NAME_entry_count wolfSSL_X509_NAME_entry_count #define X509_NAME_ENTRY_get_object wolfSSL_X509_NAME_ENTRY_get_object #define X509_NAME_get_entry wolfSSL_X509_NAME_get_entry +#define ASN1_STRING_data wolfSSL_ASN1_STRING_data +#define ASN1_STRING_length wolfSSL_ASN1_STRING_length +#define X509_NAME_get_index_by_NID wolfSSL_X509_NAME_get_index_by_NID +#define X509_NAME_ENTRY_get_data wolfSSL_X509_NAME_ENTRY_get_data #define sk_X509_NAME_pop_free wolfSSL_sk_X509_NAME_pop_free #define SHA1 wolfSSL_SHA1 #define X509_check_private_key wolfSSL_X509_check_private_key #define SSL_dup_CA_list wolfSSL_dup_CA_list +#define NID_commonName 0x03 /* matchs ASN_COMMON_NAME in asn.h */ #endif -#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) +#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) #define OBJ_nid2ln wolf_OBJ_nid2ln #define OBJ_txt2nid wolf_OBJ_txt2nid @@ -445,7 +451,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY; #define BIO_new_file wolfSSL_BIO_new_file -#endif /* HAVE_STUNNEL || HAVE_LIGHTY */ +#endif /* HAVE_STUNNEL || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE */ #ifdef HAVE_STUNNEL #include diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 34fd8536a..2c20f4238 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -70,6 +70,7 @@ typedef struct WOLFSSL_CTX WOLFSSL_CTX; typedef struct WOLFSSL_X509 WOLFSSL_X509; typedef struct WOLFSSL_X509_NAME WOLFSSL_X509_NAME; +typedef struct WOLFSSL_X509_NAME_ENTRY WOLFSSL_X509_NAME_ENTRY; typedef struct WOLFSSL_X509_CHAIN WOLFSSL_X509_CHAIN; typedef struct WOLFSSL_CERT_MANAGER WOLFSSL_CERT_MANAGER; @@ -474,6 +475,11 @@ WOLFSSL_API unsigned char* wolfSSL_X509_get_subjectKeyID( WOLFSSL_API int wolfSSL_X509_NAME_entry_count(WOLFSSL_X509_NAME*); WOLFSSL_API int wolfSSL_X509_NAME_get_text_by_NID( WOLFSSL_X509_NAME*, int, char*, int); +WOLFSSL_API int wolfSSL_X509_NAME_get_index_by_NID( + WOLFSSL_X509_NAME*, int, int); +WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_X509_NAME_ENTRY_get_data(WOLFSSL_X509_NAME_ENTRY*); +WOLFSSL_API char* wolfSSL_ASN1_STRING_data(WOLFSSL_ASN1_STRING*); +WOLFSSL_API int wolfSSL_ASN1_STRING_length(WOLFSSL_ASN1_STRING*); WOLFSSL_API int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX*); WOLFSSL_API const char* wolfSSL_X509_verify_cert_error_string(long); WOLFSSL_API int wolfSSL_X509_get_signature_type(WOLFSSL_X509*); @@ -1004,6 +1010,10 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len, WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*, const unsigned char*, long); WOLFSSL_API int wolfSSL_UnloadCertsKeys(WOLFSSL*); + + #ifdef OPENSSL_EXTRA + WOLFSSL_API WOLFSSL_X509* wolfSSL_get_certificate(WOLFSSL* ssl); + #endif #endif WOLFSSL_API int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*); @@ -1635,7 +1645,6 @@ WOLFSSL_API int wolfSSL_accept_ex(WOLFSSL*, HandShakeCallBack, TimeoutCallBack, #ifdef OPENSSL_EXTRA /*lighttp compatibility */ -#ifdef HAVE_LIGHTY typedef struct WOLFSSL_X509_NAME_ENTRY { WOLFSSL_ASN1_OBJECT* object; @@ -1644,10 +1653,7 @@ typedef struct WOLFSSL_X509_NAME_ENTRY { int size; } WOLFSSL_X509_NAME_ENTRY; - -#include -#include - +#if defined(HAVE_LIGHTY) || defined(WOLFSSL_MYSQL_COMPATIBLE) WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME *name); WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x); WOLFSSL_API int wolfSSL_CTX_use_PrivateKey(WOLFSSL_CTX *ctx, WOLFSSL_EVP_PKEY *pkey); @@ -1672,7 +1678,8 @@ WOLFSSL_API STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list( STACK_OF(WOLFSSL_X #endif #endif -#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) +#if defined(HAVE_STUNNEL) || defined(HAVE_LIGHTY) \ + || defined(WOLFSSL_MYSQL_COMPATIBLE) WOLFSSL_API char * wolf_OBJ_nid2ln(int n); WOLFSSL_API int wolf_OBJ_txt2nid(const char *sn);