WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Enable support for using certificate manager only. Fixes for building without TLS enabled (NO_TLS). ZD 19054. Tested using `./configure --disable-tlsv12 --disable-tls13 CFLAGS="-DNO_TLS" && make check`

pull/8273/head
David Garske 2024-12-10 12:11:22 -08:00
parent 22e95081cd
commit 14e3372826
14 changed files with 226 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
examples/benchmark/tls_bench.c
View File

@ -72,7 +72,8 @@ Or
#endif
/* PTHREAD requires server and client enabled */
#if defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER)
#if !defined(NO_TLS) && \
(defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER))
#if !defined(SINGLE_THREADED)
#ifdef __GNUC__ /* GCC compiler */
#pragma message "PTHREAD requires server and client enabled."
@ -140,7 +141,7 @@ platform supports it"
#define SHOW_VERBOSE 0 /* Default output is tab delimited format */
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
!defined(WOLFCRYPT_ONLY) && defined(USE_WOLFSSL_IO)
!defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && defined(USE_WOLFSSL_IO)
/* shutdown message - nice signal to server, we are done */
static const char* kShutdown = "shutdown";
@ -2337,7 +2338,7 @@ int main(int argc, char** argv)
args.return_code = 0;
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
!defined(WOLFCRYPT_ONLY) && defined(USE_WOLFSSL_IO)
!defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && defined(USE_WOLFSSL_IO)
bench_tls(&args);
#endif

7
examples/client/client.c
View File

@ -56,7 +56,8 @@ static const char *wolfsentry_config_path = NULL;
#include <examples/client/client.h>
#include <wolfssl/error-ssl.h>
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
#ifdef NO_FILESYSTEM
#ifdef NO_RSA
@ -4810,7 +4811,7 @@ exit:
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* !NO_WOLFSSL_CLIENT */
#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */
/* so overall tests can pull in test function */
@ -4836,7 +4837,7 @@ exit:
wolfSSL_Init();
ChangeToWolfRoot();
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, client_test);
#else

6
examples/echoclient/echoclient.c
View File

@ -57,7 +57,7 @@
#include <examples/echoclient/echoclient.h>
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
#ifdef NO_FILESYSTEM
@ -381,7 +381,7 @@ void echoclient_test(void* args)
((func_args*)args)->return_code = 0;
}
#endif /* !NO_WOLFSSL_CLIENT */
#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */
/* so overall tests can pull in test function */
#ifndef NO_MAIN_DRIVER
@ -408,7 +408,7 @@ void echoclient_test(void* args)
#ifndef WOLFSSL_TIRTOS
ChangeToWolfRoot();
#endif
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
echoclient_test(&args);
#endif

6
examples/echoserver/echoserver.c
View File

@ -56,7 +56,7 @@
#include "examples/echoserver/echoserver.h"
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
#ifdef NO_FILESYSTEM
#ifdef NO_RSA
@ -536,7 +536,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* !NO_WOLFSSL_SERVER */
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
/* so overall tests can pull in test function */
@ -562,7 +562,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
wolfSSL_Debugging_ON();
#endif
ChangeToWolfRoot();
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
echoserver_test(&args);
#endif
wolfSSL_Cleanup();

6
examples/server/server.c
View File

@ -75,7 +75,7 @@ static const char *wolfsentry_config_path = NULL;
#include "examples/server/server.h"
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
#if defined(WOLFSSL_TLS13) && ( \
defined(HAVE_ECC) \
@ -3986,7 +3986,7 @@ exit:
WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* !NO_WOLFSSL_SERVER */
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
/* so overall tests can pull in test function */
@ -4017,7 +4017,7 @@ exit:
#endif
ChangeToWolfRoot();
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
#ifdef HAVE_STACK_SIZE
StackSizeCheck(&args, server_test);
#else

10
scripts/crl-revoked.test
View File

@ -217,8 +217,14 @@ else
exit_hash_dir_code=0
fi
# run the test
run_test
# Check that server is enabled
./examples/server/server -? 2>&1 | grep -- 'Create Ready file'
if [ $? -eq 0 ]; then
# run the test
run_test
else
exit_code=0
fi
# If we get to this exit, exit_code will be a 1 signaling failure
echo "exiting with $exit_code certificate was not revoked"

69
src/internal.c
View File

@ -2614,7 +2614,9 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
wolfEventQueue_Free(&ctx->event_queue);
#endif /* HAVE_WOLF_EVENT */
#ifndef NO_TLS /* its a static global see ssl.c "gNoTlsMethod" */
XFREE(ctx->method, heapAtCTXInit, DYNAMIC_TYPE_METHOD);
#endif
ctx->method = NULL;
XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES);
@ -8217,10 +8219,12 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl)
XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA);
Renesas_cmn_Cleanup(ssl);
#endif
#ifndef NO_TLS
if (ssl->buffers.inputBuffer.dynamicFlag)
ShrinkInputBuffer(ssl, FORCED_FREE);
if (ssl->buffers.outputBuffer.dynamicFlag)
ShrinkOutputBuffer(ssl);
#endif
#ifdef WOLFSSL_THREADED_CRYPT
{
int i;
@ -8540,9 +8544,11 @@ void FreeHandshakeResources(WOLFSSL* ssl)
}
#endif
#ifndef NO_TLS
/* input buffer */
if (ssl->buffers.inputBuffer.dynamicFlag)
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
if (!ssl->options.tls1_3)
@ -9993,6 +9999,8 @@ ProtocolVersion MakeDTLSv1_3(void)
*/
#endif /* !NO_ASN_TIME */
#ifndef NO_TLS
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
(defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
@ -11927,6 +11935,8 @@ int CipherRequires(byte first, byte second, int requirement)
{
(void)requirement;
(void)first;
(void)second;
#ifndef WOLFSSL_NO_TLS12
@ -12568,7 +12578,7 @@ int CipherRequires(byte first, byte second, int requirement)
}
#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
#endif /* !NO_TLS */
#ifndef NO_CERTS
@ -13694,7 +13704,6 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
#endif /* HAVE_PK_CALLBACKS */
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
void DoCertFatalAlert(WOLFSSL* ssl, int ret)
{
@ -13737,12 +13746,15 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret)
}
}
#ifndef NO_TLS
/* send fatal alert and mark connection closed */
SendAlert(ssl, alert_fatal, alertWhy); /* try to send */
#else
(void)alertWhy;
#endif
ssl->options.isClosed = 1;
}
int SetupStoreCtxCallback(WOLFSSL_X509_STORE_CTX** store_pt,
WOLFSSL* ssl, WOLFSSL_CERT_MANAGER* cm, ProcPeerCertArgs* args,
int cert_err, void* heap, int* x509Free)
@ -18626,6 +18638,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
#endif /* WOLFSSL_DTLS13 */
#ifndef NO_TLS
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_AEAD
@ -22890,8 +22903,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay,
int epochOrder)
{
#ifndef WOLFSSL_NO_TLS12
int ret;
#if !defined(NO_TLS) && !defined(WOLFSSL_NO_TLS12)
BuildMsgArgs* args;
BuildMsgArgs lcl_args;
#endif
@ -22916,6 +22929,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
return BuildTls13Message(ssl, output, outSz, input, inSz, type,
hashOutput, sizeOnly, asyncOkay);
#else
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3) {
return BuildTls13Message(ssl, output, outSz, input, inSz, type,
@ -22923,6 +22937,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
}
#endif
#ifndef WOLFSSL_NO_TLS12
#ifdef WOLFSSL_ASYNC_CRYPT
ret = WC_NO_PENDING_E;
if (asyncOkay) {
@ -23435,18 +23450,19 @@ exit_buildmsg:
/* Final cleanup */
FreeBuildMsgArgs(ssl, args);
return ret;
#endif /* !WOLFSSL_NO_TLS12 */
#else
#endif /* !WOLFSSL_NO_TLS12 || WOLFSSL_TLS13 */
#endif /* !NO_TLS */
#if defined(NO_TLS) || (defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_TLS13))
(void)outSz;
(void)inSz;
(void)type;
(void)hashOutput;
(void)asyncOkay;
return NOT_COMPILED_IN;
#endif /* NO_TLS */
ret = NOT_COMPILED_IN;
#endif
return ret;
}
#ifndef WOLFSSL_NO_TLS12
@ -23612,6 +23628,7 @@ int SendFinished(WOLFSSL* ssl)
return ret;
}
#endif /* WOLFSSL_NO_TLS12 */
#endif /* !NO_TLS */
#ifndef NO_WOLFSSL_SERVER
#if (!defined(WOLFSSL_NO_TLS12) && \
@ -24802,6 +24819,8 @@ int SendAsyncData(WOLFSSL* ssl)
}
#endif
#ifndef NO_TLS
/**
* ssl_in_handshake():
* Invoked in wolfSSL_read/wolfSSL_write to check if wolfSSL_negotiate() is
@ -25592,8 +25611,11 @@ static int SendAlert_ex(WOLFSSL* ssl, int severity, int type)
return ret;
}
#endif /* !NO_TLS */
int RetrySendAlert(WOLFSSL* ssl)
{
int ret = 0;
int type;
int severity;
WOLFSSL_ENTER("RetrySendAlert");
@ -25611,12 +25633,18 @@ int RetrySendAlert(WOLFSSL* ssl)
ssl->pendingAlert.code = 0;
ssl->pendingAlert.level = alert_none;
return SendAlert_ex(ssl, severity, type);
#ifndef NO_TLS
ret = SendAlert_ex(ssl, severity, type);
#else
(void)type;
#endif
return ret;
}
/* send alert message */
int SendAlert(WOLFSSL* ssl, int severity, int type)
{
int ret = 0;
WOLFSSL_ENTER("SendAlert");
if (ssl == NULL) {
@ -25624,7 +25652,7 @@ int SendAlert(WOLFSSL* ssl, int severity, int type)
}
if (ssl->pendingAlert.level != alert_none) {
int ret = RetrySendAlert(ssl);
ret = RetrySendAlert(ssl);
if (ret != 0) {
if (ssl->pendingAlert.level == alert_none ||
(ssl->pendingAlert.level != alert_fatal &&
@ -25637,10 +25665,13 @@ int SendAlert(WOLFSSL* ssl, int severity, int type)
return ret;
}
}
return SendAlert_ex(ssl, severity, type);
#ifndef NO_TLS
ret = SendAlert_ex(ssl, severity, type);
#endif /* !NO_TLS */
return ret;
}
#ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H
#include <wolfssl/debug-untrace-error-codes.h>
#endif
@ -29879,7 +29910,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
#endif /* !WOLFSSL_NO_TLS12 */
/* client only parts */
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
int HaveUniqueSessionObj(WOLFSSL* ssl)
{
@ -34378,7 +34409,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* HAVE_SESSION_TICKET */
#endif /* NO_WOLFSSL_CLIENT */
#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */
/* end client only parts */
#ifndef NO_CERTS
@ -34557,7 +34590,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return MATCH_SUITE_ERROR;
}
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
#ifndef WOLFSSL_NO_TLS12
@ -41380,7 +41413,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
}
#endif /* HAVE_SNI */
#endif /* NO_WOLFSSL_SERVER */
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
#ifdef WOLFSSL_ASYNC_CRYPT

39
src/ssl.c
View File

@ -1040,6 +1040,10 @@ static WC_THREADSHARED wolfSSL_Mutex inits_count_mutex
static WC_THREADSHARED volatile int inits_count_mutex_valid = 0;
#endif
#ifdef NO_TLS
static const WOLFSSL_METHOD gNoTlsMethod;
#endif
/* Create a new WOLFSSL_CTX struct and return the pointer to created struct.
WOLFSSL_METHOD pointer passed in is given to ctx to manage.
This function frees the passed in WOLFSSL_METHOD struct on failure and on
@ -1062,8 +1066,13 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap)
}
}
#ifndef NO_TLS
if (method == NULL)
return ctx;
#else
/* a blank TLS method */
method = (WOLFSSL_METHOD*)&gNoTlsMethod;
#endif
ctx = (WOLFSSL_CTX*)XMALLOC(sizeof(WOLFSSL_CTX), heap, DYNAMIC_TYPE_CTX);
if (ctx) {
@ -2432,7 +2441,7 @@ int wolfSSL_mcast_set_highwater_ctx(WOLFSSL* ssl, void* ctx)
#endif /* WOLFSSL_LEANPSK */
#ifndef NO_TLS
/* return underlying connect or accept, WOLFSSL_SUCCESS on ok */
int wolfSSL_negotiate(WOLFSSL* ssl)
{
@ -2471,7 +2480,7 @@ int wolfSSL_negotiate(WOLFSSL* ssl)
return err;
}
#endif /* !NO_TLS */
WOLFSSL_ABI
WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl)
@ -2652,7 +2661,7 @@ int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, WOLFSSL_MEM_STATS* mem_stats)
#endif /* WOLFSSL_STATIC_MEMORY */
#ifndef NO_TLS
/* return max record layer size plaintext input size */
int wolfSSL_GetMaxOutputSize(WOLFSSL* ssl)
{
@ -3012,7 +3021,7 @@ int wolfSSL_mcast_read(WOLFSSL* ssl, word16* id, void* data, int sz)
}
#endif /* WOLFSSL_MULTICAST */
#endif /* !NO_TLS */
/* helpers to set the device id, WOLFSSL_SUCCESS on ok */
WOLFSSL_ABI
@ -3059,6 +3068,7 @@ void* wolfSSL_CTX_GetHeap(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
}
#ifndef NO_TLS
#ifdef HAVE_SNI
WOLFSSL_ABI
@ -3124,7 +3134,7 @@ int wolfSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
return BAD_FUNC_ARG;
}
#endif /* NO_WOLFSSL_SERVER */
#endif /* !NO_WOLFSSL_SERVER */
#endif /* HAVE_SNI */
@ -4214,6 +4224,7 @@ int wolfSSL_want_write(WOLFSSL* ssl)
return 0;
}
#endif /* !NO_TLS */
char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data)
{
@ -4749,7 +4760,7 @@ int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX* ctx)
#endif
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
/* connect enough to get peer cert chain */
int wolfSSL_connect_cert(WOLFSSL* ssl)
{
@ -4783,9 +4794,7 @@ int wolfSSL_set_group_messages(WOLFSSL* ssl)
/* make minVersion the internal equivalent SSL version */
static int SetMinVersionHelper(byte* minVersion, int version)
{
#ifdef NO_TLS
(void)minVersion;
#endif
switch (version) {
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
@ -9347,7 +9356,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */
/* client only parts */
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
#if defined(OPENSSL_EXTRA) && !defined(NO_OLD_TLS)
WOLFSSL_METHOD* wolfSSLv2_client_method(void)
@ -9847,11 +9856,11 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS || !WOLFSSL_TLS13 */
}
#endif /* NO_WOLFSSL_CLIENT */
#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */
/* end client only parts */
/* server only parts */
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
#if defined(OPENSSL_EXTRA) && !defined(NO_OLD_TLS)
WOLFSSL_METHOD* wolfSSLv2_server_method(void)
@ -10388,7 +10397,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif /* !WOLFSSL_NO_TLS12 */
}
#endif /* NO_WOLFSSL_SERVER */
#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */
/* end server only parts */
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx)
@ -10632,7 +10643,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#ifndef USE_WINDOWS_API
#ifndef NO_WRITEV
#if !defined(NO_WRITEV) && !defined(NO_TLS)
/* simulate writev semantics, doesn't actually do block at a time though
because of SSL_write behavior and because front adds may be small */

1
src/ssl_certman.c
View File

@ -75,6 +75,7 @@ static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void* heap)
#else
return NULL;
#endif
(void)heap;
}
/* Create a new certificate manager with a heap hint.

7
src/tls.c
View File

@ -13607,7 +13607,8 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
return ret;
#endif /* HAVE_RPK */
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) && \
!defined(WOLFSSL_NO_TLS12)
if (!ssl->options.disallowEncThenMac) {
ret = TLSX_EncryptThenMac_Use(ssl);
if (ret != 0)
@ -15681,7 +15682,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#elif defined(WOLFSSL_ALLOW_TLSV10)
InitSSL_Method(method, MakeTLSv1());
#else
#error No TLS version enabled!
#error No TLS version enabled! Consider using NO_TLS or WOLFCRYPT_ONLY.
#endif
method->downgrade = 1;
@ -16056,7 +16057,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#elif defined(WOLFSSL_ALLOW_TLSV10)
InitSSL_Method(method, MakeTLSv1());
#else
#error No TLS version enabled!
#error No TLS version enabled! Consider using NO_TLS or WOLFCRYPT_ONLY.
#endif
method->downgrade = 1;

189
tests/api.c
View File

@ -288,21 +288,22 @@
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA) && !defined(SINGLE_THREADED) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
#define HAVE_IO_TESTS_DEPENDENCIES
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(WOLFSSL_TIRTOS)
#define HAVE_SSL_MEMIO_TESTS_DEPENDENCIES
#endif
#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
!defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
!defined(WOLFSSL_NO_CLIENT_AUTH))
!defined(NO_CERTS) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
#define HAVE_CERT_CHAIN_VALIDATION
#endif
@ -562,7 +563,7 @@ int tmpDirNameSet = 0;
#define TEST_RSA_BYTES (TEST_RSA_BITS/8)
#endif /* !NO_RSA */
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
(!defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT))
static const char* bogusFile =
#ifdef _WIN32
@ -586,7 +587,8 @@ static int testDevId = INVALID_DEVID;
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
(!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13))
/* This set of memio functions allows for more fine tuned control of the TLS
* connection operations. For new tests, try to use ssl_memio first. */
@ -1128,6 +1130,7 @@ static int test_wolfSSL_Method_Allocators(void)
#define TEST_INVALID_METHOD_ALLOCATOR(a) \
TEST_METHOD_ALLOCATOR(a, ExpectNull)
#ifndef NO_TLS
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
#ifndef NO_WOLFSSL_SERVER
@ -1235,7 +1238,7 @@ static int test_wolfSSL_Method_Allocators(void)
#endif /* WOLFSSL_DTLS13 */
#endif /* WOLFSSL_DTLS */
#endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */
#endif /* !NO_TLS */
return EXPECT_RESULT();
}
@ -1608,7 +1611,7 @@ static int test_dual_alg_support(void)
/*----------------------------------------------------------------------------*
| Context
*----------------------------------------------------------------------------*/
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
static int test_wolfSSL_CTX_new(void)
{
EXPECT_DECLS;
@ -1627,6 +1630,7 @@ static int test_wolfSSL_CTX_new(void)
#endif
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
!defined(NO_TLS) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
static int test_for_double_Free(void)
{
@ -2017,7 +2021,8 @@ static int test_wolfSSL_CTX_use_certificate(void)
static int test_wolfSSL_CTX_use_certificate_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@ -2083,8 +2088,8 @@ static int test_wolfSSL_CTX_use_certificate_ASN1(void)
static int test_wolfSSL_CTX_use_certificate_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
WOLFSSL_CTX* ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@ -2112,8 +2117,8 @@ static int test_wolfSSL_CTX_use_certificate_buffer(void)
static int test_wolfSSL_use_certificate_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
@ -2143,7 +2148,8 @@ static int test_wolfSSL_use_certificate_buffer(void)
static int test_wolfSSL_CTX_use_PrivateKey_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@ -2405,7 +2411,8 @@ static int test_wolfSSL_CTX_trust_peer_cert(void)
static int test_wolfSSL_CTX_load_verify_locations(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = NULL;
#ifndef NO_RSA
WOLFSSL_CERT_MANAGER* cm = NULL;
@ -2632,7 +2639,7 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void)
{
int res = TEST_SKIPPED;
#if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) && \
(!defined(NO_RSA) || defined(HAVE_ECC))
!defined(NO_TLS) && (!defined(NO_RSA) || defined(HAVE_ECC))
WOLFSSL_CTX* ctx;
byte dirValid = 0;
int ret = 0;
@ -2695,7 +2702,7 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void)
return res;
}
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS)
static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz,
int file_type)
{
@ -3011,7 +3018,7 @@ static int test_wolfSSL_CertManagerAPI(void)
static int test_wolfSSL_CertManagerLoadCABuffer(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS)
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
int ret;
@ -3043,7 +3050,7 @@ static int test_wolfSSL_CertManagerLoadCABuffer(void)
static int test_wolfSSL_CertManagerLoadCABuffer_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS)
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
int ret;
@ -3150,7 +3157,7 @@ static int test_wolfSSL_CertManagerGetCerts(void)
static int test_wolfSSL_CertManagerSetVerify(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
WOLFSSL_CERT_MANAGER* cm = NULL;
@ -4866,8 +4873,8 @@ static int test_wolfSSL_CertRsaPss(void)
static int test_wolfSSL_CTX_load_verify_locations_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA)
WOLFSSL_CTX* ctx = NULL;
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
@ -4899,8 +4906,9 @@ static int test_wolfSSL_CTX_load_verify_locations_ex(void)
static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx;
const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der";
byte ca_expired_cert[TWOK_BUF];
@ -4958,7 +4966,6 @@ static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WC_NO_ERR_TRACE(ASN_PARSE_E));
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
return EXPECT_RESULT();
@ -5071,33 +5078,34 @@ static int test_wolfSSL_CTX_add1_chain_cert(void)
static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT) && defined(USE_CERT_BUFFERS_2048)
#if !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) && \
(!defined(NO_FILESYSTEM) || defined(USE_CERT_BUFFERS_2048))
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
#ifndef NO_FILESYSTEM
const char* cert = "./certs/server-cert.pem";
unsigned char* buf = NULL;
size_t len = 0;
ExpectIntEQ(load_file(cert, &buf, &len), 0);
#endif
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
/* Invalid parameters. */
#ifndef NO_FILESYSTEM
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL,
NULL, 0, WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
NULL, 0, WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(ASN_PARSE_E));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, NULL, 0),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, NULL, 0),
WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf, (sword32)len),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf,
(sword32)len), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, NULL, 0),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, NULL, 0),
@ -5105,28 +5113,38 @@ static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void)
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, buf, (sword32)len),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buf,
(sword32)len, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, buf, (sword32)len),
WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER));
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, buf, (sword32)len),
WOLFSSL_SUCCESS);
#endif /* !NO_FILESYSTEM */
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048,
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx,
server_cert_der_2048, sizeof_server_cert_der_2048),
WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER));
ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, server_cert_der_2048,
sizeof_server_cert_der_2048), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#ifndef NO_FILESYSTEM
if (buf != NULL) {
free(buf);
}
#endif
#endif
return EXPECT_RESULT();
}
@ -5134,7 +5152,8 @@ static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void)
static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
const char* server_chain_der = "./certs/server-cert-chain.der";
const char* client_single_pem = "./certs/client-cert.pem";
@ -5163,8 +5182,8 @@ static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
static int test_wolfSSL_use_certificate_chain_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA)
const char* server_chain_der = "./certs/server-cert-chain.der";
const char* client_single_pem = "./certs/client-cert.pem";
WOLFSSL_CTX* ctx = NULL;
@ -5207,7 +5226,8 @@ static int test_wolfSSL_use_certificate_chain_file(void)
static int test_wolfSSL_CTX_SetTmpDH_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX *ctx = NULL;
#if defined(WOLFSSL_WPAS) && !defined(NO_DSA)
@ -5249,7 +5269,7 @@ static int test_wolfSSL_CTX_SetTmpDH_file(void)
static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && \
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX *ctx = NULL;
@ -5291,7 +5311,7 @@ static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && \
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX *ctx;
@ -5380,7 +5400,7 @@ static int test_wolfSSL_CTX_der_load_verify_locations(void)
static int test_wolfSSL_CTX_enable_disable(void)
{
EXPECT_DECLS;
#ifndef NO_CERTS
#if !defined(NO_CERTS) && !defined(NO_TLS)
WOLFSSL_CTX* ctx = NULL;
#ifdef HAVE_CRL
@ -5442,7 +5462,7 @@ static int test_wolfSSL_CTX_enable_disable(void)
#endif
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* NO_CERTS */
#endif /* !NO_CERTS && !NO_CERTS */
return EXPECT_RESULT();
}
@ -5565,8 +5585,9 @@ static int test_wolfSSL_CTX_set_max_proto_version(void)
static int test_server_wolfSSL_new(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_RSA)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx_nocert = NULL;
WOLFSSL *ssl = NULL;
@ -5601,8 +5622,9 @@ static int test_server_wolfSSL_new(void)
static int test_client_wolfSSL_new(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx_nocert = NULL;
WOLFSSL *ssl = NULL;
@ -5634,8 +5656,9 @@ static int test_client_wolfSSL_new(void)
static int test_wolfSSL_SetTmpDH_file(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
!defined(NO_WOLFSSL_SERVER)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_WOLFSSL_SERVER) && !defined(NO_DH)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
const char* dhX942ParamFile = "./certs/x942dh2048.pem";
@ -5697,7 +5720,8 @@ static int test_wolfSSL_SetTmpDH_file(void)
static int test_wolfSSL_SetTmpDH_buffer(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \
!defined(NO_DH)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
@ -5734,7 +5758,8 @@ static int test_wolfSSL_SetTmpDH_buffer(void)
static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \
!defined(NO_DH)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx2 = NULL;
WOLFSSL *ssl = NULL;
@ -5793,7 +5818,7 @@ static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
static int test_wolfSSL_SetMinVersion(void)
{
int res = TEST_SKIPPED;
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
int failFlag = WOLFSSL_SUCCESS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
@ -12592,7 +12617,8 @@ static int test_wolfSSL_set_alpn_protos(void)
static int test_wolfSSL_DisableExtendedMasterSecret(void)
{
EXPECT_DECLS;
#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
@ -12616,7 +12642,8 @@ static int test_wolfSSL_DisableExtendedMasterSecret(void)
static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
{
EXPECT_DECLS;
#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT)
#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
@ -12687,8 +12714,8 @@ static int test_wolfSSL_SCR_Reconnect(void)
return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \
(!defined(NO_RSA) || defined(HAVE_ECC))
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \
!defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
/* Called when writing. */
static int DummySend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
@ -12728,8 +12755,8 @@ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
static int test_tls_ext_duplicate(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \
!defined(NO_FILESYSTEM)
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \
!defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
const unsigned char clientHelloDupTlsExt[] = {
0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00,
0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
@ -13367,7 +13394,8 @@ static int test_wolfSSL_PKCS8(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \
!defined(WOLFCRYPT_ONLY)
!defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && \
(!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13))
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
byte buff[FOURK_BUF];
byte der[FOURK_BUF];
@ -14483,7 +14511,7 @@ static int test_wolfSSL_X509_TLS_version_test_2(void)
static int test_wolfSSL_CTX_SetMinVersion(void)
{
int res = TEST_SKIPPED;
#ifndef NO_WOLFSSL_CLIENT
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
int failFlag = WOLFSSL_SUCCESS;
WOLFSSL_CTX* ctx;
int itr;
@ -63637,8 +63665,9 @@ static int test_generate_cookie(void)
static int test_wolfSSL_set_options(void)
{
EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_FILESYSTEM) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
!defined(NO_RSA)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@ -63758,8 +63787,7 @@ static int test_wolfSSL_set_options(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
#endif
return EXPECT_RESULT();
}
@ -65032,7 +65060,8 @@ static int test_wolfSSL_X509_name_match3(void)
static int test_wolfSSL_X509_max_altnames(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA)
/* Only test if max alt names has not been modified */
#if WOLFSSL_MAX_ALT_NAMES <= 1024
@ -65060,8 +65089,8 @@ static int test_wolfSSL_X509_max_altnames(void)
static int test_wolfSSL_X509_max_name_constraints(void)
{
EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(IGNORE_NAME_CONSTRAINTS)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA) && !defined(IGNORE_NAME_CONSTRAINTS)
/* Only test if max name constraints has not been modified */
#if WOLFSSL_MAX_NAME_CONSTRAINTS == 128
@ -89865,20 +89894,21 @@ static int test_wolfSSL_CTX_LoadCRL(void)
EXPECT_DECLS;
#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CERT_MANAGER* cm = NULL;
const char* issuerCert = "./certs/client-cert.pem";
const char* validFilePath = "./certs/crl/cliCrl.pem";
int pemType = WOLFSSL_FILETYPE_PEM;
#ifndef NO_TLS
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* badPath = "dummypath";
const char* validPath = "./certs/crl";
const char* validFilePath = "./certs/crl/cliCrl.pem";
const char* issuerCert = "./certs/client-cert.pem";
int derType = WOLFSSL_FILETYPE_ASN1;
int pemType = WOLFSSL_FILETYPE_PEM;
#ifdef HAVE_CRL_MONITOR
int monitor = WOLFSSL_CRL_MONITOR;
#else
int monitor = 0;
#endif
WOLFSSL_CERT_MANAGER* cm = NULL;
#define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
WC_NO_ERR_TRACE(BAD_FUNC_ARG))
@ -89929,6 +89959,7 @@ static int test_wolfSSL_CTX_LoadCRL(void)
ssl = NULL;
wolfSSL_CTX_free(ctx);
ctx = NULL;
#endif /* !NO_TLS */
ExpectNotNull(cm = wolfSSL_CertManagerNew());
ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL),
@ -90071,7 +90102,7 @@ static int test_wolfSSL_crl_update_cb(void)
static int test_SetTmpEC_DHE_Sz(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT)
#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
@ -91981,7 +92012,8 @@ static int test_wolfSSL_SSL_in_init(void)
static int test_wolfSSL_CTX_set_timeout(void)
{
EXPECT_DECLS;
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE)
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \
!defined(NO_SESSION_CACHE)
int timeout;
WOLFSSL_CTX* ctx = NULL;
@ -92006,7 +92038,7 @@ static int test_wolfSSL_CTX_set_timeout(void)
#endif
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/
#endif
return EXPECT_RESULT();
}
@ -101199,12 +101231,13 @@ TEST_CASE testCases[] = {
*********************************/
TEST_DECL(test_wolfSSL_Method_Allocators),
#ifndef NO_WOLFSSL_SERVER
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
TEST_DECL(test_wolfSSL_CTX_new),
#endif
TEST_DECL(test_server_wolfSSL_new),
TEST_DECL(test_client_wolfSSL_new),
#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
!defined(NO_TLS) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
TEST_DECL(test_for_double_Free),
#endif

8
tests/suites.c
View File

@ -58,7 +58,7 @@
#include "examples/server/server.h"
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(SINGLE_THREADED)
!defined(NO_TLS) && !defined(SINGLE_THREADED)
static WOLFSSL_CTX* cipherSuiteCtx = NULL;
static char nonblockFlag[] = "-N";
static char noVerifyFlag[] = "-d";
@ -858,8 +858,8 @@ static void test_harness(void* vargs)
int SuiteTest(int argc, char** argv)
{
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
!defined(SINGLE_THREADED)
!defined(NO_TLS) && !defined(SINGLE_THREADED) && \
!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
func_args args;
char argv0[3][80];
char* myArgv[3];
@ -1522,5 +1522,5 @@ exit:
(void)argc;
(void)argv;
return NOT_COMPILED_IN;
#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT && !NO_TLS */
}

1
tests/unit.c
View File

@ -249,6 +249,7 @@ int unit_test(int argc, char** argv)
#if !defined(NO_WOLFSSL_CIPHER_SUITE_TEST) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(NO_TLS) && \
!defined(SINGLE_THREADED)
if ((ret = SuiteTest(argc, argv)) != 0) {
fprintf(stderr, "suite test failed with %d\n", ret);

5
testsuite/testsuite.c
View File

@ -58,7 +58,8 @@
void file_test(const char* file, byte* check);
#endif
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
#ifdef HAVE_STACK_SIZE
static THREAD_RETURN simple_test(func_args *args);
@ -111,6 +112,7 @@ static void *echoclient_test_wrapper(void* args) {
int testsuite_test(int argc, char** argv)
{
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS) && \
(!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC))
func_args server_args;
@ -413,6 +415,7 @@ cleanup:
#endif
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS) && \
(!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC))
/* Perform a basic TLS handshake.
*