From ed2549cfbe203669871d3830dd4b3b3a3a5ff72a Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 19 Dec 2023 10:35:55 -0800 Subject: [PATCH] Support building TLS examples with `--disable-oldnames`. --- tls/client-tls-cacb.c | 12 ++++++------ tls/client-tls-cryptocb.c | 4 ++-- tls/client-tls-ecdhe.c | 18 +++++++++--------- tls/client-tls-uart.c | 2 +- tls/client-tls.c | 6 +++--- tls/memory-tls.c | 14 +++++++------- tls/server-tls-callback.c | 12 ++++++------ tls/server-tls-cryptocb.c | 4 ++-- tls/server-tls-ecdhe.c | 4 ++-- tls/server-tls-nonblocking.c | 18 +++++++++--------- tls/server-tls-threaded.c | 14 +++++++------- tls/server-tls-uart.c | 6 +++--- tls/server-tls.c | 4 ++-- 13 files changed, 59 insertions(+), 59 deletions(-) diff --git a/tls/client-tls-cacb.c b/tls/client-tls-cacb.c index f17015a1..5ecbd70b 100644 --- a/tls/client-tls-cacb.c +++ b/tls/client-tls-cacb.c @@ -97,7 +97,7 @@ static void CaCb(unsigned char* der, int sz, int type) } ret = wolfSSL_X509_get_serial_number(x509, serial, &sz); - if (ret == SSL_SUCCESS) { + if (ret == WOLFSSL_SUCCESS) { int i; int strLen; char serialMsg[80]; @@ -134,7 +134,7 @@ int Security(int sock) /* create and initialize WOLFSSL_CTX structure */ if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) { printf("SSL_CTX_new error.\n"); - ret = EXIT_FAILURE; + ret = EXIT_FAILURE; goto exit; } @@ -142,20 +142,20 @@ int Security(int sock) wolfSSL_CTX_SetCACb(ctx, CaCb); /* load CA certificates into wolfSSL_CTX. which will verify the server */ - if ((ret = wolfSSL_CTX_load_verify_locations(ctx, cert, 0)) + if ((ret = wolfSSL_CTX_load_verify_locations(ctx, cert, 0)) != WOLFSSL_SUCCESS) { printf("Error loading %s. Please check the file.\n", cert); goto exit; } if ((ssl = wolfSSL_new(ctx)) == NULL) { printf("wolfSSL_new error.\n"); - ret = EXIT_FAILURE; + ret = EXIT_FAILURE; goto exit; } wolfSSL_set_fd(ssl, sock); ret = wolfSSL_connect(ssl); - if (ret == SSL_SUCCESS) { + if (ret == WOLFSSL_SUCCESS) { ret = ClientGreet(sock, ssl); } @@ -190,7 +190,7 @@ int main(int argc, char** argv) if (sockfd < 0) { printf("Failed to create socket. Error: %i\n", errno); - ret = EXIT_FAILURE; + ret = EXIT_FAILURE; goto exit; } diff --git a/tls/client-tls-cryptocb.c b/tls/client-tls-cryptocb.c index 7c479ebc..5c8c13b7 100644 --- a/tls/client-tls-cryptocb.c +++ b/tls/client-tls-cryptocb.c @@ -541,7 +541,7 @@ int main(int argc, char** argv) /* Load client certificates into WOLFSSL_CTX */ if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL)) - != SSL_SUCCESS) { + != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CA_FILE); goto exit; @@ -561,7 +561,7 @@ int main(int argc, char** argv) } /* Connect to wolfSSL on the server side */ - if ((ret = wolfSSL_connect(ssl)) != SSL_SUCCESS) { + if ((ret = wolfSSL_connect(ssl)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to connect to wolfSSL\n"); goto exit; } diff --git a/tls/client-tls-ecdhe.c b/tls/client-tls-ecdhe.c index 3773ae58..e8073623 100644 --- a/tls/client-tls-ecdhe.c +++ b/tls/client-tls-ecdhe.c @@ -46,7 +46,7 @@ int main(int argc, char** argv) { - int ret; + int ret; int sockfd = SOCKET_INVALID; struct sockaddr_in servAddr; char buff[256]; @@ -76,7 +76,7 @@ int main(int argc, char** argv) * 0 means choose the default protocol. */ if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { fprintf(stderr, "ERROR: failed to create the socket\n"); - ret = -1; + ret = -1; goto exit; } @@ -85,7 +85,7 @@ int main(int argc, char** argv) /* Create and initialize WOLFSSL_CTX */ if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) { fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n"); - ret = -1; + ret = -1; goto exit; } @@ -98,7 +98,7 @@ int main(int argc, char** argv) } /* Load client ecc certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_chain_file(ctx, ECC_FILE)) != + if ((ret = wolfSSL_CTX_use_certificate_chain_file(ctx, ECC_FILE)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", ECC_FILE); @@ -106,7 +106,7 @@ int main(int argc, char** argv) } /* Load client ecc key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); @@ -132,7 +132,7 @@ int main(int argc, char** argv) /* Get the server IPv4 address from the command line call */ if (inet_pton(AF_INET, argv[1], &servAddr.sin_addr) != 1) { fprintf(stderr, "ERROR: invalid address\n"); - ret = -1; + ret = -1; goto exit; } @@ -142,7 +142,7 @@ int main(int argc, char** argv) if (connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr)) == -1) { fprintf(stderr, "ERROR: failed to connect\n"); - ret = -1; + ret = -1; goto exit; } @@ -151,7 +151,7 @@ int main(int argc, char** argv) /* Create a WOLFSSL object */ if ((ssl = wolfSSL_new(ctx)) == NULL) { fprintf(stderr, "ERROR: failed to create WOLFSSL object\n"); - ret = -1; + ret = -1; goto exit; } @@ -171,7 +171,7 @@ int main(int argc, char** argv) memset(buff, 0, sizeof(buff)); if (fgets(buff, sizeof(buff), stdin) == NULL) { fprintf(stderr, "ERROR: failed to get message for server\n"); - ret = -1; + ret = -1; goto exit; } len = strnlen(buff, sizeof(buff)); diff --git a/tls/client-tls-uart.c b/tls/client-tls-uart.c index c67618b8..8e58eacf 100644 --- a/tls/client-tls-uart.c +++ b/tls/client-tls-uart.c @@ -206,7 +206,7 @@ int main(int argc, char** argv) wolfSSL_CTX_SetIORecv(ctx, uartIORx); /* For testing disable peer cert verification */ - wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); + wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL); ssl = wolfSSL_new(ctx); if (ssl == NULL) { diff --git a/tls/client-tls.c b/tls/client-tls.c index d1e06be6..b3a6a421 100644 --- a/tls/client-tls.c +++ b/tls/client-tls.c @@ -108,7 +108,7 @@ int main(int argc, char** argv) /* Load client certificates into WOLFSSL_CTX */ if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CERT_FILE, NULL)) - != SSL_SUCCESS) { + != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); goto ctx_cleanup; @@ -128,7 +128,7 @@ int main(int argc, char** argv) } /* Connect to wolfSSL on the server side */ - if ((ret = wolfSSL_connect(ssl)) != SSL_SUCCESS) { + if ((ret = wolfSSL_connect(ssl)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to connect to wolfSSL\n"); goto cleanup; } @@ -161,7 +161,7 @@ int main(int argc, char** argv) printf("Server: %s\n", buff); /* Bidirectional shutdown */ - while (wolfSSL_shutdown(ssl) == SSL_SHUTDOWN_NOT_DONE) { + while (wolfSSL_shutdown(ssl) == WOLFSSL_SHUTDOWN_NOT_DONE) { printf("Shutdown not complete\n"); } diff --git a/tls/memory-tls.c b/tls/memory-tls.c index b50457fd..663ac855 100644 --- a/tls/memory-tls.c +++ b/tls/memory-tls.c @@ -147,7 +147,7 @@ static void* client_thread(void* args) if (cli_ctx == NULL) err_sys("bad client ctx new"); int ret = wolfSSL_CTX_load_verify_locations(cli_ctx, cacert, NULL); - if (ret != SSL_SUCCESS) err_sys("bad ca load"); + if (ret != WOLFSSL_SUCCESS) err_sys("bad ca load"); wolfSSL_SetIOSend(cli_ctx, ClientSend); wolfSSL_SetIORecv(cli_ctx, ClientRecv); @@ -156,7 +156,7 @@ static void* client_thread(void* args) if (cli_ctx == NULL) err_sys("bad client new"); ret = wolfSSL_connect(cli_ssl); - if (ret != SSL_SUCCESS) err_sys("bad client tls connect"); + if (ret != WOLFSSL_SUCCESS) err_sys("bad client tls connect"); printf("wolfSSL client success!\n"); ret = wolfSSL_write(cli_ssl, "hello memory wolfSSL!", 21); @@ -175,11 +175,11 @@ int main() WOLFSSL_CTX* srv_ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()); if (srv_ctx == NULL) err_sys("bad server ctx new"); - int ret = wolfSSL_CTX_use_PrivateKey_file(srv_ctx, key, SSL_FILETYPE_PEM); - if (ret != SSL_SUCCESS) err_sys("bad server key file load"); + int ret = wolfSSL_CTX_use_PrivateKey_file(srv_ctx, key, WOLFSSL_FILETYPE_PEM); + if (ret != WOLFSSL_SUCCESS) err_sys("bad server key file load"); - ret = wolfSSL_CTX_use_certificate_file(srv_ctx, cert, SSL_FILETYPE_PEM); - if (ret != SSL_SUCCESS) err_sys("bad server cert file load"); + ret = wolfSSL_CTX_use_certificate_file(srv_ctx, cert, WOLFSSL_FILETYPE_PEM); + if (ret != WOLFSSL_SUCCESS) err_sys("bad server cert file load"); wolfSSL_SetIOSend(srv_ctx, ServerSend); wolfSSL_SetIORecv(srv_ctx, ServerRecv); @@ -193,7 +193,7 @@ int main() /* accept tls connection without tcp sockets */ ret = wolfSSL_accept(srv_ssl); - if (ret != SSL_SUCCESS) err_sys("bad server tls accept"); + if (ret != WOLFSSL_SUCCESS) err_sys("bad server tls accept"); printf("wolfSSL accept success!\n"); /* read msg post handshake from client */ diff --git a/tls/server-tls-callback.c b/tls/server-tls-callback.c index c3d9bd73..a53d1235 100644 --- a/tls/server-tls-callback.c +++ b/tls/server-tls-callback.c @@ -170,7 +170,7 @@ int main() * 0 means choose the default protocol. */ if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { fprintf(stderr, "ERROR: failed to create the socket\n"); - ret = -1; + ret = -1; goto exit; } @@ -184,7 +184,7 @@ int main() } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); @@ -192,7 +192,7 @@ int main() } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); @@ -220,7 +220,7 @@ int main() /* Bind the server socket to our port */ if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) { fprintf(stderr, "ERROR: failed to bind\n"); - ret = -1; + ret = -1; goto exit; } @@ -248,7 +248,7 @@ int main() /* Create a WOLFSSL object */ if ((ssl = wolfSSL_new(ctx)) == NULL) { fprintf(stderr, "ERROR: failed to create WOLFSSL object\n"); - ret = -1; + ret = -1; goto exit; } @@ -308,7 +308,7 @@ int main() } ret = 0; - + exit: /* Cleanup and return */ if (ssl) diff --git a/tls/server-tls-cryptocb.c b/tls/server-tls-cryptocb.c index cc052e97..599f0c68 100644 --- a/tls/server-tls-cryptocb.c +++ b/tls/server-tls-cryptocb.c @@ -490,7 +490,7 @@ int main(int argc, char** argv) } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); @@ -498,7 +498,7 @@ int main(int argc, char** argv) } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); diff --git a/tls/server-tls-ecdhe.c b/tls/server-tls-ecdhe.c index d870466c..679ea15d 100644 --- a/tls/server-tls-ecdhe.c +++ b/tls/server-tls-ecdhe.c @@ -86,7 +86,7 @@ int main() } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); @@ -94,7 +94,7 @@ int main() } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); diff --git a/tls/server-tls-nonblocking.c b/tls/server-tls-nonblocking.c index 7201186e..c863a0cd 100644 --- a/tls/server-tls-nonblocking.c +++ b/tls/server-tls-nonblocking.c @@ -125,7 +125,7 @@ int main() if (fcntl(sockfd, F_SETFL, O_NONBLOCK) == -1) { fprintf(stderr, "ERROR: failed to set socket options\n"); ret = -1; - goto exit; + goto exit; } @@ -138,7 +138,7 @@ int main() } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); @@ -146,12 +146,12 @@ int main() } /* Load server key into WOLFSSL_CTX */ - if (wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM) + if (wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); ret = -1; - goto exit; + goto exit; } @@ -191,7 +191,7 @@ int main() /* non-blocking, wait for read activity on socket */ tcp_select(sockfd, SELECT_WAIT_SEC, 1); continue; - } + } else if (errno == EINPROGRESS || errno == EALREADY) { break; } @@ -212,10 +212,10 @@ int main() fprintf(stderr, "ERROR: Failed to set the file descriptor\n"); goto exit; } - + /* Establish TLS connection */ printf("wolfSSL_accepting\n"); - + do { ret = wolfSSL_accept(ssl); err = wolfSSL_get_error(ssl, ret); @@ -234,7 +234,7 @@ int main() do { ret = wolfSSL_read(ssl, buff, sizeof(buff)-1); err = wolfSSL_get_error(ssl, ret); - + if (err == WOLFSSL_ERROR_WANT_READ) tcp_select(sockfd, SELECT_WAIT_SEC, 1); } @@ -302,6 +302,6 @@ exit: if (ctx) wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */ wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */ - + return ret; } diff --git a/tls/server-tls-threaded.c b/tls/server-tls-threaded.c index 94ea9ccd..810746e7 100644 --- a/tls/server-tls-threaded.c +++ b/tls/server-tls-threaded.c @@ -86,7 +86,7 @@ void* ClientHandler(void* args) ret = wolfSSL_accept(ssl); } while(wolfSSL_want_read(ssl)); - if (ret != SSL_SUCCESS) { + if (ret != WOLFSSL_SUCCESS) { printf("ret = %d\n", ret); fprintf(stderr, "wolfSSL_accept error = %d\n", wolfSSL_get_error(ssl, ret)); @@ -159,7 +159,7 @@ void* ClientHandler(void* args) int main() { - int ret; + int ret; int sockfd = SOCKET_INVALID; int connd; struct sockaddr_in servAddr; @@ -186,7 +186,7 @@ int main() * 0 means choose the default protocol. */ if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { fprintf(stderr, "ERROR: failed to create the socket\n"); - ret = -1; + ret = -1; goto exit; } @@ -207,7 +207,7 @@ int main() } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); @@ -215,7 +215,7 @@ int main() } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); @@ -237,14 +237,14 @@ int main() /* Bind the server socket to our port */ if (bind(sockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) { fprintf(stderr, "ERROR: failed to bind\n"); - ret = -1; + ret = -1; goto exit; } /* Listen for a new connection, allow 5 pending connections */ if (listen(sockfd, 5) == -1) { fprintf(stderr, "ERROR: failed to listen\n"); - ret = -1; + ret = -1; goto exit; } diff --git a/tls/server-tls-uart.c b/tls/server-tls-uart.c index b52f9841..bacf99f1 100644 --- a/tls/server-tls-uart.c +++ b/tls/server-tls-uart.c @@ -207,16 +207,16 @@ int main(int argc, char** argv) wolfSSL_CTX_SetIORecv(ctx, uartIORx); /* For testing disable peer cert verification */ - wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); + wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL); /* Set server key and certificate (required) */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); goto done; } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE); goto done; } diff --git a/tls/server-tls.c b/tls/server-tls.c index e8488289..09cd0ea0 100644 --- a/tls/server-tls.c +++ b/tls/server-tls.c @@ -87,7 +87,7 @@ int main() } /* Load server certificates into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", CERT_FILE); @@ -95,7 +95,7 @@ int main() } /* Load server key into WOLFSSL_CTX */ - if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, SSL_FILETYPE_PEM)) + if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) { fprintf(stderr, "ERROR: failed to load %s, please check the file.\n", KEY_FILE);