From f941b992c48ada467efc859218ab418a5a1243c9 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Tue, 2 Apr 2019 09:14:20 -0700
Subject: [PATCH 1/3] Embedded example fixups. Add support for user_settings.h.
 Add build-time checks for required features.

---
 embedded/tls-client-server.c  |  17 ++++++++++++++++-
 embedded/tls-server-size.c    |  19 ++++++++++++++++++-
 embedded/tls-sock-client-ca.c |  19 ++++++++++++++++++-
 embedded/tls-sock-client.c    |  18 +++++++++++++++++-
 embedded/tls-sock-server-ca.c |  18 +++++++++++++++++-
 embedded/tls-sock-server.c    |  18 +++++++++++++++++-
 embedded/tls-sock-threaded.c  |  10 ++++++----
 embedded/tls-threaded.c       |  11 ++++++++---
 tls/client-tls-cacb           | Bin 0 -> 10080 bytes
 9 files changed, 117 insertions(+), 13 deletions(-)
 create mode 100755 tls/client-tls-cacb

diff --git a/embedded/tls-client-server.c b/embedded/tls-client-server.c
index 548b079d..b16bae45 100644
--- a/embedded/tls-client-server.c
+++ b/embedded/tls-client-server.c
@@ -19,11 +19,15 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
 #include "certs.h"
 
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
 
 /* I/O buffer size - wolfSSL buffers messages internally as well. */
 #define BUFFER_SIZE           2048
@@ -478,3 +482,14 @@ int main(int argc, char* argv[])
     return (ret == 0) ? 0 : 1;
 }
 
+#else
+
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    printf("Must build wolfSSL with client and server enabled for this example\n");
+    return 0;
+}
+
+#endif
diff --git a/embedded/tls-server-size.c b/embedded/tls-server-size.c
index 58295db4..b7d53ddb 100644
--- a/embedded/tls-server-size.c
+++ b/embedded/tls-server-size.c
@@ -21,11 +21,16 @@
 
 #include <stdio.h>
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
 #include "certs.h"
 
+#if !defined(NO_WOLFSSL_SERVER) && !defined(WOLFSSL_NO_TLS12)
+
 /* I/O buffer size - wolfSSL buffers messages internally as well. */
 #define BUFFER_SIZE           2048
 /* Size of static buffer for dynamic memory allocation. */
@@ -296,3 +301,15 @@ int main(int argc, char* argv[])
     return (ret == 0) ? 0 : 1;
 }
 
+
+#else
+
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    printf("Must build wolfSSL with TLS v1.2 and server enabled for this example\n");
+    return 0;
+}
+
+#endif
diff --git a/embedded/tls-sock-client-ca.c b/embedded/tls-sock-client-ca.c
index 1af1f212..07201020 100644
--- a/embedded/tls-sock-client-ca.c
+++ b/embedded/tls-sock-client-ca.c
@@ -19,7 +19,10 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/error-ssl.h>
 
@@ -27,6 +30,8 @@
 #include "tls-info.h"
 #include "certs.h"
 
+#if !defined(NO_WOLFSSL_CLIENT)
+
 /* Application data to send. */
 static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n";
 
@@ -264,3 +269,15 @@ int main(int argc, char* argv[])
     return (ret == 0) ? 0 : 1;
 }
 
+
+#else
+
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    printf("Must build wolfSSL with client enabled for this example\n");
+    return 0;
+}
+
+#endif
diff --git a/embedded/tls-sock-client.c b/embedded/tls-sock-client.c
index 5b9c7ca2..eebb8b43 100644
--- a/embedded/tls-sock-client.c
+++ b/embedded/tls-sock-client.c
@@ -19,7 +19,10 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/error-ssl.h>
 
@@ -27,6 +30,8 @@
 #include "tls-info.h"
 #include "certs.h"
 
+#if !defined(NO_WOLFSSL_CLIENT)
+
 /* Application data to send. */
 static const char msgHTTPGet[] = "GET /index.html HTTP/1.0\r\n\r\n";
 
@@ -244,3 +249,14 @@ int main(int argc, char* argv[])
     return (ret == 0) ? 0 : 1;
 }
 
+#else
+
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    printf("Must build wolfSSL with client enabled for this example\n");
+    return 0;
+}
+
+#endif
diff --git a/embedded/tls-sock-server-ca.c b/embedded/tls-sock-server-ca.c
index 0b6e96d5..15762a80 100644
--- a/embedded/tls-sock-server-ca.c
+++ b/embedded/tls-sock-server-ca.c
@@ -19,13 +19,18 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
 #include "sockets.h"
 #include "tls-info.h"
 #include "certs.h"
 
+#if !defined(NO_WOLFSSL_SERVER)
+
 /* Application data to send. */
 static const char msgHTTPIndex[] =
     "HTTP/1.1 200 OK\n"
@@ -296,3 +301,14 @@ int main(int argc, char* argv[])
     return (ret == 0) ? 0 : 1;
 }
 
+#else
+
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    printf("Must build wolfSSL with server enabled for this example\n");
+    return 0;
+}
+
+#endif
diff --git a/embedded/tls-sock-server.c b/embedded/tls-sock-server.c
index 3358d26e..7c737dd6 100644
--- a/embedded/tls-sock-server.c
+++ b/embedded/tls-sock-server.c
@@ -19,13 +19,18 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
 #include "sockets.h"
 #include "tls-info.h"
 #include "certs.h"
 
+#if !defined(NO_WOLFSSL_SERVER)
+
 /* Application data to send. */
 static const char msgHTTPIndex[] =
     "HTTP/1.1 200 OK\n"
@@ -282,3 +287,14 @@ int main(int argc, char* argv[])
     return (ret == 0) ? 0 : 1;
 }
 
+#else
+
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    printf("Must build wolfSSL with server enabled for this example\n");
+    return 0;
+}
+
+#endif
diff --git a/embedded/tls-sock-threaded.c b/embedded/tls-sock-threaded.c
index 1f4aaa55..90c79c83 100644
--- a/embedded/tls-sock-threaded.c
+++ b/embedded/tls-sock-threaded.c
@@ -19,10 +19,13 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
-#ifndef SINGLE_THREADED
+#if !defined(SINGLE_THREADED) && !defined(NO_WOLFSSL_CLIENT)
 
 #include "sockets.h"
 #include "threading.h"
@@ -460,9 +463,8 @@ int main(int argc, char* argv[])
 
 int main(int argc, char* argv[])
 {
-    printf("Threading required - compile wolfSSL without SINGLE_THREAED\n");
+    printf("Threading and TLS client required - compile wolfSSL without SINGLE_THREAED\n");
     return 0;
 }
 
 #endif
-
diff --git a/embedded/tls-threaded.c b/embedded/tls-threaded.c
index 00c3c19a..7ea63369 100644
--- a/embedded/tls-threaded.c
+++ b/embedded/tls-threaded.c
@@ -19,10 +19,13 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  */
 
-#include <wolfssl/options.h>
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
-#ifndef SINGLE_THREADED
+#if !defined(SINGLE_THREADED) && !defined(NO_WOLFSSL_CLIENT)
 
 #include "threading.h"
 #include "certs.h"
@@ -487,7 +490,9 @@ int main(int argc, char* argv[])
 
 int main(int argc, char* argv[])
 {
-    printf("Requires threading - compile wolfssl without SINGLE_THREADED\n");
+    (void)argc;
+    (void)argv;
+    printf("Threading and TLS client required - compile wolfSSL without SINGLE_THREAED\n");
     return 0;
 }
 
diff --git a/tls/client-tls-cacb b/tls/client-tls-cacb
new file mode 100755
index 0000000000000000000000000000000000000000..3258865c8eba986528f4b5795adb5d0737b66155
GIT binary patch
literal 10080
zcmeHNeQXrR6`wQE0D%A@A@n0;6V(w(%Nf&>1_zMOA8;-vaWDypmMrJHJ>QA*o!Q&N
zHc}%J*HRA0;o7EFLfZ&6s3ISVP)e#OZK<13;E$@MsA>^ZiX)}fo=p0oN+yaDUw^;Z
z+4J7w@L&IFZ=`we{oc&HnRzq&Zf|CP|Ir6iHwY1!CB(rRA;e<j!W<!nga%27&mxDB
zb-g3Bxpi0Twuh*#Oo2)`Bch#)sHp4PTX$}+tRma9V{cLzV-pyT%q-S*%jmZ#ImvJD
z$UIC2MU$Ki5^+VEEe?9Iu4k=WSGKJ3+bb+^>=jfE7rPDSDtn(%3df$FFjBpS37y}b
zw$QOB2Z?fGHB`sKHRFqBEi;+!F59p4pLUaD?@6@?#IsdhvI^V4x}Hn-CDSoInT}^9
zuC#Y-kz>zYB4WP{+I17x^(ncoEurlpR|}5ylS6XX)yKK6*mLEv>Uuh*X9s$^GAX^+
zGBM7X?YU-XpY7d5|1Wm|xUP3+Jlo_NdyCPY<8$p1`|W+M!d@zJz42+v-k54b?6t@F
zexbr%EMi5b75@2-D|>TQ6=JWw>6VT({hYS9J-DT{rOjPH&9@G~OnW#WBr>^95(#k^
z;=pRknh@-JE;yfmH+5)`upv57ai=3nzn=iU6Sz<-#CaIJ5poAI6YVqeIp#Wj9{JPK
z*cXNP>I{Y0)<Q$Z<0$HKS+g#c?5c|mq+-BKw8{0~xAwi!O~dP=BVTWPqdC5+8|DOD
zC&a?}GT-ZB>X24qzHB$j0ecerxgVKjn68+;=6yU?f$6@{f9F8fGJ1kdL5w5Wg-S?l
z*NE)46Ji<AGSw~<jiltrQNJ&fif6N_VEsC8`@2z_<2??4(*O4;O#fC>)dN)z{J(hM
zk#PR6p&g+|JHt<0VH9r5Plku*d=mjQJS@Wb*75MjFUQ|4l}<5U*r#itAKB1_AXPtR
zUm_Zw^EFv{aXTvhLse|gm+TWLB|jti)%N^U{%!jP{JMmr7pZ@Zt=C=5)rUvkU=MGx
zhxYtc`_CvC8tV_DqYdonvZ{a{6DXRvuYQu%jzP}<8kLH$IkD7H9(I*ipsXLu|IS_u
z&CmI}fRPU2w}I1opmjXAIDawx#A#0X8==QS`tEn^f1_5}9UY<klwF6m_AZcc{;a)B
z@^`{Rm#u7gWbLaonSa;*0IkBqYd?bN`U_OpPz-(;$n7AQgGO!nvs;Hs)?=7-OMcRx
zLOJKp_ta4SOlWW_kh>AyvG+}tN>H%uZ5l=MQE>Z3kcl;z=rVX?Vg))I;XFn*1mzs<
zPL?kK{u8jh1t@e1M6~4p86G@6S51#IL!HNEo883~s8OD5c<{>dw)|CiD2guB!Vi{e
za&hUoUttnLnykNI{|hok**Y}Y|LCF}W8slU{<!F#rjO4weNq!Y+cfp1?zZ8+xw3_Q
z5><!B9^Vum$(?_TKQ}E{w(m)0e~9ukm~s8(iH9(*T^##ilufL+V_?Ipq3lD)SarVP
zPTXs6b=BX7dg3N~gNqAJwJpHzO8)@n+?8I4l^#63++Ak=c9v=np+c$lX-S`vv>@qs
zC4E-XQAwYZ^oXQCl=KBjk4pMuNsmeT6G@Lt`m&_2O8T0lCnSAc(vy<@Owu<&+edDH
z50eOWmTLb1UPxe!qWHH`sg%H*u_*q9(h5o!DBVZt9HmxDrzmZsbdpk((#w?gQ94TL
zTa-pA4O4oW(({y_q{M|P_EY*Tr8K2UN-;_|VXG8(QM#K_2c-unZKA~8S6ojiL1_&o
z{!J*Zq{IzeTtVp-O1Dtr<}S{s#7CegAO(YUQNy&db<xNw3c+5ZM{G5+*+{pc#WSXs
zHO&2n*)UJ+Fq4*{8K#*r8?;u3)h6eQZAK*KsDqX2Xwukk#2U1Dwb}VXHqcU;NDTjV
zwAyS?>qr@qtf55{Ms%-cCD2<kWd!GoO%d>zW@WUfX++RvHWS@zSQW<G()%N+WK0Xi
zVkX8~QP!MEr;VsJ!;qRoS~P<Gv`8!lDV6GqME5pmF~jUUpl#4<V_(*+fnGz3c$<`o
zZ*iTS?RwhiQx;W$Vk~RkzVlPdb97{b1}~?QM%r3sMSC@EeOm{|z@cx19jt}???A30
zGik`!k0KJ772tndzN<2ShYt}FWo%!(kIuroC|hDd10wLTBRW)SuTNI1|Emp(w<!Lg
z;yV@ZQaq*je#H+een|0W6@NkT<BGqo_%9ScqxgBnFDd@M;(u5CL&a;<|KJ6RFH_w8
ze|-H}R!gfMsCuC4fvN|p9;kYt>Vc{Usvf9%pz49D2dW<U-}b<gyR<#LJ6zJJ^XeK0
z9(pvfSMSb6%$RuCTwHMUIF;!Yg+^Yu$qRG63wOx4;66BxGa{J+1?ebLla{&;7-mKk
zgt<~ec`8J>+SgAUhdI>W4}H`*m?3NgjCUJWmLLp}OdA&Ng)?a?I-uyqowyYz+DVji
zs_ud890#!^L1dXJL$>O@xlwmdYj`5lX;{sn<}Oz3_Z7uW!=V0Pz*oTYDILdM$@qYt
z!eyS7%%tTQpYqqlc@QlWD)czfO6TB5VLs>8x22O7l}Eiwk2j8c_3qeCc$ILKUiR^u
z-V!yAF|Q8CW-<16&a2GAL|m%Rd)0kB)nnz0u6BES=l*(qjqV&+={<&($grJC0Uh_e
zbM&5sZuA?`oMqr!hzPgJ#%6iKwHdy(L{lfqV0u7o?ujJRqMc`p;$fa>%@RkJg1mGq
z$mne#<99-PWa;6WOM#{0H#oWCvF9M}Yk7#p7K<Rb-+k~<miQ$c(6O9*dr^Q#+zwtv
zjPtT_s963LVhFtdC0>UNPEn>NP%q|DwioaA;a(p;;KPGHe8`8t@54Xx;TL`Q6(9bo
zgXtET&VgdQWqiqpKk;Gu)?5D$A716d8-2LlhjkxL`S1ZBKIFsC`|wEzgF1=d6Yv`b
z-j!ns<^4O31O>kr;9lU$FG0Q;c`5QO$hRW%R{l0*-qUlB@LLalL%?q|Zb#;k{vF5~
zGEyV9jNqB?f4@K7`<x(3spmwW;gQniQ=`i#2;tiax)7XDP!Z5&psmn2AzrFvbT7wW
z6?r`|*NwJLoOL6t8(U|LsufBZvnn(*2hxfvj9k+S6*|ib88ges4VGm^WslS0v0S0T
dx(tZrA{7bC*a?9W&K&!$`Bl`LBluyF=|2W}bA$i@

literal 0
HcmV?d00001


From 204f165750c56abe81ca12c4b10454c973b897ab Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 5 Apr 2019 10:02:14 -0700
Subject: [PATCH 2/3] Add ignore for tls/client-tls-cacb

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index c0290918..cce5f5aa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -60,6 +60,7 @@ android/wolfssljni-ndk-sample/proguard-project.txt
 
 /tls/client-tcp
 /tls/client-tls
+/tls/client-tls-cacb
 /tls/client-tls-callback
 /tls/client-tls-ecdhe
 /tls/client-tls-nonblocking

From 5ed24bc5590ac97af6340367670a1b365324a719 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Mon, 8 Apr 2019 06:48:28 -0700
Subject: [PATCH 3/3] Fix to make sure server is also enabled for embedded tls
 examples.

---
 embedded/tls-sock-threaded.c | 5 +++--
 embedded/tls-threaded.c      | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/embedded/tls-sock-threaded.c b/embedded/tls-sock-threaded.c
index 90c79c83..716ce78c 100644
--- a/embedded/tls-sock-threaded.c
+++ b/embedded/tls-sock-threaded.c
@@ -25,7 +25,8 @@
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
-#if !defined(SINGLE_THREADED) && !defined(NO_WOLFSSL_CLIENT)
+#if !defined(SINGLE_THREADED) && !defined(NO_WOLFSSL_CLIENT) && \
+    !defined(NO_WOLFSSL_SERVER)
 
 #include "sockets.h"
 #include "threading.h"
@@ -463,7 +464,7 @@ int main(int argc, char* argv[])
 
 int main(int argc, char* argv[])
 {
-    printf("Threading and TLS client required - compile wolfSSL without SINGLE_THREAED\n");
+    printf("Threading and TLS client and server required - compile wolfSSL without SINGLE_THREAED\n");
     return 0;
 }
 
diff --git a/embedded/tls-threaded.c b/embedded/tls-threaded.c
index 7ea63369..1307a729 100644
--- a/embedded/tls-threaded.c
+++ b/embedded/tls-threaded.c
@@ -25,7 +25,8 @@
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
-#if !defined(SINGLE_THREADED) && !defined(NO_WOLFSSL_CLIENT)
+#if !defined(SINGLE_THREADED) && !defined(NO_WOLFSSL_CLIENT) && \
+    !defined(NO_WOLFSSL_SERVER)
 
 #include "threading.h"
 #include "certs.h"
@@ -492,7 +493,7 @@ int main(int argc, char* argv[])
 {
     (void)argc;
     (void)argv;
-    printf("Threading and TLS client required - compile wolfSSL without SINGLE_THREAED\n");
+    printf("Threading and TLS client and server required - compile wolfSSL without SINGLE_THREAED\n");
     return 0;
 }