diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index e969e155a..5f2241179 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -72,7 +72,8 @@ Or #endif /* PTHREAD requires server and client enabled */ -#if defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER) +#if !defined(NO_TLS) && \ + (defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER)) #if !defined(SINGLE_THREADED) #ifdef __GNUC__ /* GCC compiler */ #pragma message "PTHREAD requires server and client enabled." @@ -140,7 +141,7 @@ platform supports it" #define SHOW_VERBOSE 0 /* Default output is tab delimited format */ #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ - !defined(WOLFCRYPT_ONLY) && defined(USE_WOLFSSL_IO) + !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && defined(USE_WOLFSSL_IO) /* shutdown message - nice signal to server, we are done */ static const char* kShutdown = "shutdown"; @@ -2337,7 +2338,7 @@ int main(int argc, char** argv) args.return_code = 0; #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ - !defined(WOLFCRYPT_ONLY) && defined(USE_WOLFSSL_IO) + !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && defined(USE_WOLFSSL_IO) bench_tls(&args); #endif diff --git a/examples/client/client.c b/examples/client/client.c index be226c7ea..3b64a32b9 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -56,7 +56,8 @@ static const char *wolfsentry_config_path = NULL; #include #include -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) + #ifdef NO_FILESYSTEM #ifdef NO_RSA @@ -4810,7 +4811,7 @@ exit: WOLFSSL_RETURN_FROM_THREAD(0); } -#endif /* !NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ /* so overall tests can pull in test function */ @@ -4836,7 +4837,7 @@ exit: wolfSSL_Init(); ChangeToWolfRoot(); -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, client_test); #else diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index 7173963cf..d677b10c8 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -57,7 +57,7 @@ #include -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) #ifdef NO_FILESYSTEM @@ -381,7 +381,7 @@ void echoclient_test(void* args) ((func_args*)args)->return_code = 0; } -#endif /* !NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ /* so overall tests can pull in test function */ #ifndef NO_MAIN_DRIVER @@ -408,7 +408,7 @@ void echoclient_test(void* args) #ifndef WOLFSSL_TIRTOS ChangeToWolfRoot(); #endif -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) echoclient_test(&args); #endif diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index bf649ab52..1ff80c071 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -56,7 +56,7 @@ #include "examples/echoserver/echoserver.h" -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #ifdef NO_FILESYSTEM #ifdef NO_RSA @@ -536,7 +536,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args) WOLFSSL_RETURN_FROM_THREAD(0); } -#endif /* !NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ /* so overall tests can pull in test function */ @@ -562,7 +562,7 @@ THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args) wolfSSL_Debugging_ON(); #endif ChangeToWolfRoot(); -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) echoserver_test(&args); #endif wolfSSL_Cleanup(); diff --git a/examples/server/server.c b/examples/server/server.c index f3e9d3e1b..ec6edbe0e 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -75,7 +75,7 @@ static const char *wolfsentry_config_path = NULL; #include "examples/server/server.h" -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #if defined(WOLFSSL_TLS13) && ( \ defined(HAVE_ECC) \ @@ -3986,7 +3986,7 @@ exit: WOLFSSL_RETURN_FROM_THREAD(0); } -#endif /* !NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ /* so overall tests can pull in test function */ @@ -4017,7 +4017,7 @@ exit: #endif ChangeToWolfRoot(); -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #ifdef HAVE_STACK_SIZE StackSizeCheck(&args, server_test); #else diff --git a/scripts/crl-revoked.test b/scripts/crl-revoked.test index fc193d369..17c26d15a 100755 --- a/scripts/crl-revoked.test +++ b/scripts/crl-revoked.test @@ -217,8 +217,14 @@ else exit_hash_dir_code=0 fi -# run the test -run_test +# Check that server is enabled +./examples/server/server -? 2>&1 | grep -- 'Create Ready file' +if [ $? -eq 0 ]; then + # run the test + run_test +else + exit_code=0 +fi # If we get to this exit, exit_code will be a 1 signaling failure echo "exiting with $exit_code certificate was not revoked" diff --git a/src/internal.c b/src/internal.c index 046a88678..23b89788c 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2614,7 +2614,9 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx) wolfEventQueue_Free(&ctx->event_queue); #endif /* HAVE_WOLF_EVENT */ +#ifndef NO_TLS /* its a static global see ssl.c "gNoTlsMethod" */ XFREE(ctx->method, heapAtCTXInit, DYNAMIC_TYPE_METHOD); +#endif ctx->method = NULL; XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES); @@ -8217,10 +8219,12 @@ void wolfSSL_ResourceFree(WOLFSSL* ssl) XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA); Renesas_cmn_Cleanup(ssl); #endif +#ifndef NO_TLS if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, FORCED_FREE); if (ssl->buffers.outputBuffer.dynamicFlag) ShrinkOutputBuffer(ssl); +#endif #ifdef WOLFSSL_THREADED_CRYPT { int i; @@ -8540,9 +8544,11 @@ void FreeHandshakeResources(WOLFSSL* ssl) } #endif +#ifndef NO_TLS /* input buffer */ if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, NO_FORCED_FREE); +#endif #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) if (!ssl->options.tls1_3) @@ -9993,6 +9999,8 @@ ProtocolVersion MakeDTLSv1_3(void) */ #endif /* !NO_ASN_TIME */ + +#ifndef NO_TLS #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \ @@ -11927,6 +11935,8 @@ int CipherRequires(byte first, byte second, int requirement) { (void)requirement; + (void)first; + (void)second; #ifndef WOLFSSL_NO_TLS12 @@ -12568,7 +12578,7 @@ int CipherRequires(byte first, byte second, int requirement) } #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ - +#endif /* !NO_TLS */ #ifndef NO_CERTS @@ -13694,7 +13704,6 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx) #endif /* HAVE_PK_CALLBACKS */ - #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH) void DoCertFatalAlert(WOLFSSL* ssl, int ret) { @@ -13737,12 +13746,15 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret) } } +#ifndef NO_TLS /* send fatal alert and mark connection closed */ SendAlert(ssl, alert_fatal, alertWhy); /* try to send */ +#else + (void)alertWhy; +#endif ssl->options.isClosed = 1; } - int SetupStoreCtxCallback(WOLFSSL_X509_STORE_CTX** store_pt, WOLFSSL* ssl, WOLFSSL_CERT_MANAGER* cm, ProcPeerCertArgs* args, int cert_err, void* heap, int* x509Free) @@ -18626,6 +18638,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, } #endif /* WOLFSSL_DTLS13 */ +#ifndef NO_TLS #ifndef WOLFSSL_NO_TLS12 #ifdef HAVE_AEAD @@ -22890,8 +22903,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay, int epochOrder) { -#ifndef WOLFSSL_NO_TLS12 int ret; +#if !defined(NO_TLS) && !defined(WOLFSSL_NO_TLS12) BuildMsgArgs* args; BuildMsgArgs lcl_args; #endif @@ -22916,6 +22929,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, return BuildTls13Message(ssl, output, outSz, input, inSz, type, hashOutput, sizeOnly, asyncOkay); #else + #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) { return BuildTls13Message(ssl, output, outSz, input, inSz, type, @@ -22923,6 +22937,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, } #endif +#ifndef WOLFSSL_NO_TLS12 #ifdef WOLFSSL_ASYNC_CRYPT ret = WC_NO_PENDING_E; if (asyncOkay) { @@ -23435,18 +23450,19 @@ exit_buildmsg: /* Final cleanup */ FreeBuildMsgArgs(ssl, args); - - return ret; #endif /* !WOLFSSL_NO_TLS12 */ -#else +#endif /* !WOLFSSL_NO_TLS12 || WOLFSSL_TLS13 */ +#endif /* !NO_TLS */ + +#if defined(NO_TLS) || (defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_TLS13)) (void)outSz; (void)inSz; (void)type; (void)hashOutput; (void)asyncOkay; - return NOT_COMPILED_IN; -#endif /* NO_TLS */ - + ret = NOT_COMPILED_IN; +#endif + return ret; } #ifndef WOLFSSL_NO_TLS12 @@ -23612,6 +23628,7 @@ int SendFinished(WOLFSSL* ssl) return ret; } #endif /* WOLFSSL_NO_TLS12 */ +#endif /* !NO_TLS */ #ifndef NO_WOLFSSL_SERVER #if (!defined(WOLFSSL_NO_TLS12) && \ @@ -24802,6 +24819,8 @@ int SendAsyncData(WOLFSSL* ssl) } #endif +#ifndef NO_TLS + /** * ssl_in_handshake(): * Invoked in wolfSSL_read/wolfSSL_write to check if wolfSSL_negotiate() is @@ -25592,8 +25611,11 @@ static int SendAlert_ex(WOLFSSL* ssl, int severity, int type) return ret; } +#endif /* !NO_TLS */ + int RetrySendAlert(WOLFSSL* ssl) { + int ret = 0; int type; int severity; WOLFSSL_ENTER("RetrySendAlert"); @@ -25611,12 +25633,18 @@ int RetrySendAlert(WOLFSSL* ssl) ssl->pendingAlert.code = 0; ssl->pendingAlert.level = alert_none; - return SendAlert_ex(ssl, severity, type); +#ifndef NO_TLS + ret = SendAlert_ex(ssl, severity, type); +#else + (void)type; +#endif + return ret; } /* send alert message */ int SendAlert(WOLFSSL* ssl, int severity, int type) { + int ret = 0; WOLFSSL_ENTER("SendAlert"); if (ssl == NULL) { @@ -25624,7 +25652,7 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) } if (ssl->pendingAlert.level != alert_none) { - int ret = RetrySendAlert(ssl); + ret = RetrySendAlert(ssl); if (ret != 0) { if (ssl->pendingAlert.level == alert_none || (ssl->pendingAlert.level != alert_fatal && @@ -25637,10 +25665,13 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) return ret; } } - - return SendAlert_ex(ssl, severity, type); +#ifndef NO_TLS + ret = SendAlert_ex(ssl, severity, type); +#endif /* !NO_TLS */ + return ret; } + #ifdef WOLFSSL_DEBUG_TRACE_ERROR_CODES_H #include #endif @@ -29879,7 +29910,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, #endif /* !WOLFSSL_NO_TLS12 */ /* client only parts */ -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) int HaveUniqueSessionObj(WOLFSSL* ssl) { @@ -34378,7 +34409,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* HAVE_SESSION_TICKET */ -#endif /* NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ +/* end client only parts */ + #ifndef NO_CERTS @@ -34557,7 +34590,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return MATCH_SUITE_ERROR; } -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #ifndef WOLFSSL_NO_TLS12 @@ -41380,7 +41413,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], } #endif /* HAVE_SNI */ -#endif /* NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ #ifdef WOLFSSL_ASYNC_CRYPT diff --git a/src/ssl.c b/src/ssl.c index 567b25ddb..34ba79b5e 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1040,6 +1040,10 @@ static WC_THREADSHARED wolfSSL_Mutex inits_count_mutex static WC_THREADSHARED volatile int inits_count_mutex_valid = 0; #endif +#ifdef NO_TLS +static const WOLFSSL_METHOD gNoTlsMethod; +#endif + /* Create a new WOLFSSL_CTX struct and return the pointer to created struct. WOLFSSL_METHOD pointer passed in is given to ctx to manage. This function frees the passed in WOLFSSL_METHOD struct on failure and on @@ -1062,8 +1066,13 @@ WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap) } } +#ifndef NO_TLS if (method == NULL) return ctx; +#else + /* a blank TLS method */ + method = (WOLFSSL_METHOD*)&gNoTlsMethod; +#endif ctx = (WOLFSSL_CTX*)XMALLOC(sizeof(WOLFSSL_CTX), heap, DYNAMIC_TYPE_CTX); if (ctx) { @@ -2432,7 +2441,7 @@ int wolfSSL_mcast_set_highwater_ctx(WOLFSSL* ssl, void* ctx) #endif /* WOLFSSL_LEANPSK */ - +#ifndef NO_TLS /* return underlying connect or accept, WOLFSSL_SUCCESS on ok */ int wolfSSL_negotiate(WOLFSSL* ssl) { @@ -2471,7 +2480,7 @@ int wolfSSL_negotiate(WOLFSSL* ssl) return err; } - +#endif /* !NO_TLS */ WOLFSSL_ABI WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl) @@ -2652,7 +2661,7 @@ int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, WOLFSSL_MEM_STATS* mem_stats) #endif /* WOLFSSL_STATIC_MEMORY */ - +#ifndef NO_TLS /* return max record layer size plaintext input size */ int wolfSSL_GetMaxOutputSize(WOLFSSL* ssl) { @@ -3012,7 +3021,7 @@ int wolfSSL_mcast_read(WOLFSSL* ssl, word16* id, void* data, int sz) } #endif /* WOLFSSL_MULTICAST */ - +#endif /* !NO_TLS */ /* helpers to set the device id, WOLFSSL_SUCCESS on ok */ WOLFSSL_ABI @@ -3059,6 +3068,7 @@ void* wolfSSL_CTX_GetHeap(WOLFSSL_CTX* ctx, WOLFSSL* ssl) } +#ifndef NO_TLS #ifdef HAVE_SNI WOLFSSL_ABI @@ -3124,7 +3134,7 @@ int wolfSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, return BAD_FUNC_ARG; } -#endif /* NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER */ #endif /* HAVE_SNI */ @@ -4214,6 +4224,7 @@ int wolfSSL_want_write(WOLFSSL* ssl) return 0; } +#endif /* !NO_TLS */ char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data) { @@ -4749,7 +4760,7 @@ int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX* ctx) #endif -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) /* connect enough to get peer cert chain */ int wolfSSL_connect_cert(WOLFSSL* ssl) { @@ -4783,9 +4794,7 @@ int wolfSSL_set_group_messages(WOLFSSL* ssl) /* make minVersion the internal equivalent SSL version */ static int SetMinVersionHelper(byte* minVersion, int version) { -#ifdef NO_TLS (void)minVersion; -#endif switch (version) { #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) @@ -9347,7 +9356,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ /* client only parts */ -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) #if defined(OPENSSL_EXTRA) && !defined(NO_OLD_TLS) WOLFSSL_METHOD* wolfSSLv2_client_method(void) @@ -9847,11 +9856,11 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS || !WOLFSSL_TLS13 */ } -#endif /* NO_WOLFSSL_CLIENT */ - +#endif /* !NO_WOLFSSL_CLIENT && !NO_TLS */ +/* end client only parts */ /* server only parts */ -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) #if defined(OPENSSL_EXTRA) && !defined(NO_OLD_TLS) WOLFSSL_METHOD* wolfSSLv2_server_method(void) @@ -10388,7 +10397,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif /* !WOLFSSL_NO_TLS12 */ } -#endif /* NO_WOLFSSL_SERVER */ +#endif /* !NO_WOLFSSL_SERVER && !NO_TLS */ +/* end server only parts */ + #if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER) int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx) @@ -10632,7 +10643,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) #ifndef USE_WINDOWS_API - #ifndef NO_WRITEV + #if !defined(NO_WRITEV) && !defined(NO_TLS) /* simulate writev semantics, doesn't actually do block at a time though because of SSL_write behavior and because front adds may be small */ diff --git a/src/ssl_certman.c b/src/ssl_certman.c index 55f3c7be4..77a341132 100644 --- a/src/ssl_certman.c +++ b/src/ssl_certman.c @@ -75,6 +75,7 @@ static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void* heap) #else return NULL; #endif + (void)heap; } /* Create a new certificate manager with a heap hint. diff --git a/src/tls.c b/src/tls.c index 7618c696b..2bc19532b 100644 --- a/src/tls.c +++ b/src/tls.c @@ -13607,7 +13607,8 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) return ret; #endif /* HAVE_RPK */ -#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) +#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) && \ + !defined(WOLFSSL_NO_TLS12) if (!ssl->options.disallowEncThenMac) { ret = TLSX_EncryptThenMac_Use(ssl); if (ret != 0) @@ -15681,7 +15682,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, #elif defined(WOLFSSL_ALLOW_TLSV10) InitSSL_Method(method, MakeTLSv1()); #else - #error No TLS version enabled! + #error No TLS version enabled! Consider using NO_TLS or WOLFCRYPT_ONLY. #endif method->downgrade = 1; @@ -16056,7 +16057,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, #elif defined(WOLFSSL_ALLOW_TLSV10) InitSSL_Method(method, MakeTLSv1()); #else - #error No TLS version enabled! + #error No TLS version enabled! Consider using NO_TLS or WOLFCRYPT_ONLY. #endif method->downgrade = 1; diff --git a/tests/api.c b/tests/api.c index dfbf95339..496bd6bf3 100644 --- a/tests/api.c +++ b/tests/api.c @@ -288,21 +288,22 @@ -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_RSA) && !defined(SINGLE_THREADED) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) #define HAVE_IO_TESTS_DEPENDENCIES #endif -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && \ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ !defined(WOLFSSL_TIRTOS) #define HAVE_SSL_MEMIO_TESTS_DEPENDENCIES #endif #if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ - !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \ - !defined(WOLFSSL_NO_CLIENT_AUTH)) + !defined(NO_CERTS) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) #define HAVE_CERT_CHAIN_VALIDATION #endif @@ -562,7 +563,7 @@ int tmpDirNameSet = 0; #define TEST_RSA_BYTES (TEST_RSA_BITS/8) #endif /* !NO_RSA */ -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ (!defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)) static const char* bogusFile = #ifdef _WIN32 @@ -586,7 +587,8 @@ static int testDevId = INVALID_DEVID; #endif #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) + !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)) /* This set of memio functions allows for more fine tuned control of the TLS * connection operations. For new tests, try to use ssl_memio first. */ @@ -1128,6 +1130,7 @@ static int test_wolfSSL_Method_Allocators(void) #define TEST_INVALID_METHOD_ALLOCATOR(a) \ TEST_METHOD_ALLOCATOR(a, ExpectNull) +#ifndef NO_TLS #ifndef NO_OLD_TLS #ifdef WOLFSSL_ALLOW_SSLV3 #ifndef NO_WOLFSSL_SERVER @@ -1235,7 +1238,7 @@ static int test_wolfSSL_Method_Allocators(void) #endif /* WOLFSSL_DTLS13 */ #endif /* WOLFSSL_DTLS */ #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ - +#endif /* !NO_TLS */ return EXPECT_RESULT(); } @@ -1608,7 +1611,7 @@ static int test_dual_alg_support(void) /*----------------------------------------------------------------------------* | Context *----------------------------------------------------------------------------*/ -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) static int test_wolfSSL_CTX_new(void) { EXPECT_DECLS; @@ -1627,6 +1630,7 @@ static int test_wolfSSL_CTX_new(void) #endif #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ + !defined(NO_TLS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) static int test_for_double_Free(void) { @@ -2017,7 +2021,8 @@ static int test_wolfSSL_CTX_use_certificate(void) static int test_wolfSSL_CTX_use_certificate_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2083,8 +2088,8 @@ static int test_wolfSSL_CTX_use_certificate_ASN1(void) static int test_wolfSSL_CTX_use_certificate_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \ - !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \ + defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) WOLFSSL_CTX* ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2112,8 +2117,8 @@ static int test_wolfSSL_CTX_use_certificate_buffer(void) static int test_wolfSSL_use_certificate_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \ - !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_CLIENT) && \ + defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -2143,7 +2148,8 @@ static int test_wolfSSL_use_certificate_buffer(void) static int test_wolfSSL_CTX_use_PrivateKey_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) WOLFSSL_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())); @@ -2405,7 +2411,8 @@ static int test_wolfSSL_CTX_trust_peer_cert(void) static int test_wolfSSL_CTX_load_verify_locations(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) WOLFSSL_CTX *ctx = NULL; #ifndef NO_RSA WOLFSSL_CERT_MANAGER* cm = NULL; @@ -2632,7 +2639,7 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void) { int res = TEST_SKIPPED; #if defined(WOLFSSL_SYS_CA_CERTS) && !defined(NO_WOLFSSL_CLIENT) && \ - (!defined(NO_RSA) || defined(HAVE_ECC)) + !defined(NO_TLS) && (!defined(NO_RSA) || defined(HAVE_ECC)) WOLFSSL_CTX* ctx; byte dirValid = 0; int ret = 0; @@ -2695,7 +2702,7 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void) return res; } -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz, int file_type) { @@ -3011,7 +3018,7 @@ static int test_wolfSSL_CertManagerAPI(void) static int test_wolfSSL_CertManagerLoadCABuffer(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; int ret; @@ -3043,7 +3050,7 @@ static int test_wolfSSL_CertManagerLoadCABuffer(void) static int test_wolfSSL_CertManagerLoadCABuffer_ex(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; int ret; @@ -3150,7 +3157,7 @@ static int test_wolfSSL_CertManagerGetCerts(void) static int test_wolfSSL_CertManagerSetVerify(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)) WOLFSSL_CERT_MANAGER* cm = NULL; @@ -4866,8 +4873,8 @@ static int test_wolfSSL_CertRsaPss(void) static int test_wolfSSL_CTX_load_verify_locations_ex(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) WOLFSSL_CTX* ctx = NULL; const char* ca_cert = "./certs/ca-cert.pem"; const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem"; @@ -4899,8 +4906,9 @@ static int test_wolfSSL_CTX_load_verify_locations_ex(void) static int test_wolfSSL_CTX_load_verify_buffer_ex(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX* ctx; const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der"; byte ca_expired_cert[TWOK_BUF]; @@ -4958,7 +4966,6 @@ static int test_wolfSSL_CTX_load_verify_buffer_ex(void) WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WC_NO_ERR_TRACE(ASN_PARSE_E)); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ #endif return EXPECT_RESULT(); @@ -5071,33 +5078,34 @@ static int test_wolfSSL_CTX_add1_chain_cert(void) static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) && defined(USE_CERT_BUFFERS_2048) +#if !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) && \ + (!defined(NO_FILESYSTEM) || defined(USE_CERT_BUFFERS_2048)) WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; +#ifndef NO_FILESYSTEM const char* cert = "./certs/server-cert.pem"; unsigned char* buf = NULL; size_t len = 0; ExpectIntEQ(load_file(cert, &buf, &len), 0); +#endif ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); ExpectNotNull(ssl = wolfSSL_new(ctx)); /* Invalid parameters. */ +#ifndef NO_FILESYSTEM ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL, NULL, 0, WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, NULL, 0, WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(ASN_PARSE_E)); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL, - server_cert_der_2048, sizeof_server_cert_der_2048, - WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, NULL, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, NULL, 0), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf, (sword32)len), - WC_NO_ERR_TRACE(BAD_FUNC_ARG)); + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(NULL, buf, + (sword32)len), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, NULL, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, NULL, 0), @@ -5105,28 +5113,38 @@ static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void) ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(NULL, buf, (sword32)len), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, - server_cert_der_2048, sizeof_server_cert_der_2048, - WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, buf, (sword32)len, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, buf, (sword32)len), WOLFSSL_SUCCESS); - ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, - server_cert_der_2048, sizeof_server_cert_der_2048), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, buf, (sword32)len), WOLFSSL_SUCCESS); +#endif /* !NO_FILESYSTEM */ + + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(NULL, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1), WC_NO_ERR_TRACE(BAD_FUNC_ARG)); + + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, + server_cert_der_2048, sizeof_server_cert_der_2048, + WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); + + ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_buffer(ctx, + server_cert_der_2048, sizeof_server_cert_der_2048), + WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); + ExpectIntEQ(wolfSSL_use_certificate_chain_buffer(ssl, server_cert_der_2048, sizeof_server_cert_der_2048), WC_NO_ERR_TRACE(ASN_NO_PEM_HEADER)); wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); +#ifndef NO_FILESYSTEM if (buf != NULL) { free(buf); } +#endif #endif return EXPECT_RESULT(); } @@ -5134,7 +5152,8 @@ static int test_wolfSSL_CTX_use_certificate_chain_buffer_format(void) static int test_wolfSSL_CTX_use_certificate_chain_file_format(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) const char* server_chain_der = "./certs/server-cert-chain.der"; const char* client_single_pem = "./certs/client-cert.pem"; @@ -5163,8 +5182,8 @@ static int test_wolfSSL_CTX_use_certificate_chain_file_format(void) static int test_wolfSSL_use_certificate_chain_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) const char* server_chain_der = "./certs/server-cert-chain.der"; const char* client_single_pem = "./certs/client-cert.pem"; WOLFSSL_CTX* ctx = NULL; @@ -5207,7 +5226,8 @@ static int test_wolfSSL_use_certificate_chain_file(void) static int test_wolfSSL_CTX_SetTmpDH_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \ +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; #if defined(WOLFSSL_WPAS) && !defined(NO_DSA) @@ -5249,7 +5269,7 @@ static int test_wolfSSL_CTX_SetTmpDH_file(void) static int test_wolfSSL_CTX_SetTmpDH_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && \ +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx = NULL; @@ -5291,7 +5311,7 @@ static int test_wolfSSL_CTX_SetTmpDH_buffer(void) static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && \ +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_DH) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) WOLFSSL_CTX *ctx; @@ -5380,7 +5400,7 @@ static int test_wolfSSL_CTX_der_load_verify_locations(void) static int test_wolfSSL_CTX_enable_disable(void) { EXPECT_DECLS; -#ifndef NO_CERTS +#if !defined(NO_CERTS) && !defined(NO_TLS) WOLFSSL_CTX* ctx = NULL; #ifdef HAVE_CRL @@ -5442,7 +5462,7 @@ static int test_wolfSSL_CTX_enable_disable(void) #endif wolfSSL_CTX_free(ctx); #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ -#endif /* NO_CERTS */ +#endif /* !NO_CERTS && !NO_CERTS */ return EXPECT_RESULT(); } @@ -5565,8 +5585,9 @@ static int test_wolfSSL_CTX_set_max_proto_version(void) static int test_server_wolfSSL_new(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) && !defined(NO_RSA) + WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx_nocert = NULL; WOLFSSL *ssl = NULL; @@ -5601,8 +5622,9 @@ static int test_server_wolfSSL_new(void) static int test_client_wolfSSL_new(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA) + WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx_nocert = NULL; WOLFSSL *ssl = NULL; @@ -5634,8 +5656,9 @@ static int test_client_wolfSSL_new(void) static int test_wolfSSL_SetTmpDH_file(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \ - !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_SERVER) && !defined(NO_DH) + WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; const char* dhX942ParamFile = "./certs/x942dh2048.pem"; @@ -5697,7 +5720,8 @@ static int test_wolfSSL_SetTmpDH_file(void) static int test_wolfSSL_SetTmpDH_buffer(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_DH) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; @@ -5734,7 +5758,8 @@ static int test_wolfSSL_SetTmpDH_buffer(void) static int test_wolfSSL_SetMinMaxDhKey_Sz(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_DH) WOLFSSL_CTX *ctx = NULL; WOLFSSL_CTX *ctx2 = NULL; WOLFSSL *ssl = NULL; @@ -5793,7 +5818,7 @@ static int test_wolfSSL_SetMinMaxDhKey_Sz(void) static int test_wolfSSL_SetMinVersion(void) { int res = TEST_SKIPPED; -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) int failFlag = WOLFSSL_SUCCESS; WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; @@ -12592,7 +12617,8 @@ static int test_wolfSSL_set_alpn_protos(void) static int test_wolfSSL_DisableExtendedMasterSecret(void) { EXPECT_DECLS; -#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) +#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); @@ -12616,7 +12642,8 @@ static int test_wolfSSL_DisableExtendedMasterSecret(void) static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void) { EXPECT_DECLS; -#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT) +#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); WOLFSSL *ssl = wolfSSL_new(ctx); @@ -12687,8 +12714,8 @@ static int test_wolfSSL_SCR_Reconnect(void) return EXPECT_RESULT(); } -#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \ - (!defined(NO_RSA) || defined(HAVE_ECC)) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \ + !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC)) /* Called when writing. */ static int DummySend(WOLFSSL* ssl, char* buf, int sz, void* ctx) { @@ -12728,8 +12755,8 @@ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx) static int test_tls_ext_duplicate(void) { EXPECT_DECLS; -#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \ - !defined(NO_FILESYSTEM) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \ + !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC)) const unsigned char clientHelloDupTlsExt[] = { 0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00, 0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe, @@ -13367,7 +13394,8 @@ static int test_wolfSSL_PKCS8(void) { EXPECT_DECLS; #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \ - !defined(WOLFCRYPT_ONLY) + !defined(WOLFCRYPT_ONLY) && !defined(NO_TLS) && \ + (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)) #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) byte buff[FOURK_BUF]; byte der[FOURK_BUF]; @@ -14483,7 +14511,7 @@ static int test_wolfSSL_X509_TLS_version_test_2(void) static int test_wolfSSL_CTX_SetMinVersion(void) { int res = TEST_SKIPPED; -#ifndef NO_WOLFSSL_CLIENT +#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) int failFlag = WOLFSSL_SUCCESS; WOLFSSL_CTX* ctx; int itr; @@ -63637,8 +63665,9 @@ static int test_generate_cookie(void) static int test_wolfSSL_set_options(void) { EXPECT_DECLS; -#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) -#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER) +#if !defined(NO_CERTS) && !defined(NO_TLS) && !defined(NO_FILESYSTEM) && \ + (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ + !defined(NO_RSA) WOLFSSL* ssl = NULL; WOLFSSL_CTX* ctx = NULL; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -63758,8 +63787,7 @@ static int test_wolfSSL_set_options(void) wolfSSL_free(ssl); wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */ -#endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ +#endif return EXPECT_RESULT(); } @@ -65032,7 +65060,8 @@ static int test_wolfSSL_X509_name_match3(void) static int test_wolfSSL_X509_max_altnames(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) /* Only test if max alt names has not been modified */ #if WOLFSSL_MAX_ALT_NAMES <= 1024 @@ -65060,8 +65089,8 @@ static int test_wolfSSL_X509_max_altnames(void) static int test_wolfSSL_X509_max_name_constraints(void) { EXPECT_DECLS; -#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \ - !defined(IGNORE_NAME_CONSTRAINTS) +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ + !defined(NO_RSA) && !defined(IGNORE_NAME_CONSTRAINTS) /* Only test if max name constraints has not been modified */ #if WOLFSSL_MAX_NAME_CONSTRAINTS == 128 @@ -89865,20 +89894,21 @@ static int test_wolfSSL_CTX_LoadCRL(void) EXPECT_DECLS; #if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) + WOLFSSL_CERT_MANAGER* cm = NULL; + const char* issuerCert = "./certs/client-cert.pem"; + const char* validFilePath = "./certs/crl/cliCrl.pem"; + int pemType = WOLFSSL_FILETYPE_PEM; +#ifndef NO_TLS WOLFSSL_CTX* ctx = NULL; WOLFSSL* ssl = NULL; const char* badPath = "dummypath"; const char* validPath = "./certs/crl"; - const char* validFilePath = "./certs/crl/cliCrl.pem"; - const char* issuerCert = "./certs/client-cert.pem"; int derType = WOLFSSL_FILETYPE_ASN1; - int pemType = WOLFSSL_FILETYPE_PEM; #ifdef HAVE_CRL_MONITOR int monitor = WOLFSSL_CRL_MONITOR; #else int monitor = 0; #endif - WOLFSSL_CERT_MANAGER* cm = NULL; #define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \ WC_NO_ERR_TRACE(BAD_FUNC_ARG)) @@ -89929,6 +89959,7 @@ static int test_wolfSSL_CTX_LoadCRL(void) ssl = NULL; wolfSSL_CTX_free(ctx); ctx = NULL; +#endif /* !NO_TLS */ ExpectNotNull(cm = wolfSSL_CertManagerNew()); ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL), @@ -90071,7 +90102,7 @@ static int test_wolfSSL_crl_update_cb(void) static int test_SetTmpEC_DHE_Sz(void) { EXPECT_DECLS; -#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT) +#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT) && !defined(NO_TLS) WOLFSSL_CTX *ctx = NULL; WOLFSSL *ssl = NULL; @@ -91981,7 +92012,8 @@ static int test_wolfSSL_SSL_in_init(void) static int test_wolfSSL_CTX_set_timeout(void) { EXPECT_DECLS; -#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) && \ + !defined(NO_SESSION_CACHE) int timeout; WOLFSSL_CTX* ctx = NULL; @@ -92006,7 +92038,7 @@ static int test_wolfSSL_CTX_set_timeout(void) #endif wolfSSL_CTX_free(ctx); -#endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/ +#endif return EXPECT_RESULT(); } @@ -101199,12 +101231,13 @@ TEST_CASE testCases[] = { *********************************/ TEST_DECL(test_wolfSSL_Method_Allocators), -#ifndef NO_WOLFSSL_SERVER +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS) TEST_DECL(test_wolfSSL_CTX_new), #endif TEST_DECL(test_server_wolfSSL_new), TEST_DECL(test_client_wolfSSL_new), #if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \ + !defined(NO_TLS) && \ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM) TEST_DECL(test_for_double_Free), #endif diff --git a/tests/suites.c b/tests/suites.c index 9155cc555..657e80e55 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -58,7 +58,7 @@ #include "examples/server/server.h" #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ - !defined(SINGLE_THREADED) + !defined(NO_TLS) && !defined(SINGLE_THREADED) static WOLFSSL_CTX* cipherSuiteCtx = NULL; static char nonblockFlag[] = "-N"; static char noVerifyFlag[] = "-d"; @@ -858,8 +858,8 @@ static void test_harness(void* vargs) int SuiteTest(int argc, char** argv) { #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ - !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \ - !defined(SINGLE_THREADED) + !defined(NO_TLS) && !defined(SINGLE_THREADED) && \ + !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) func_args args; char argv0[3][80]; char* myArgv[3]; @@ -1522,5 +1522,5 @@ exit: (void)argc; (void)argv; return NOT_COMPILED_IN; -#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */ +#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT && !NO_TLS */ } diff --git a/tests/unit.c b/tests/unit.c index 2028768d5..40566e80f 100644 --- a/tests/unit.c +++ b/tests/unit.c @@ -249,6 +249,7 @@ int unit_test(int argc, char** argv) #if !defined(NO_WOLFSSL_CIPHER_SUITE_TEST) && \ !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \ + !defined(NO_TLS) && \ !defined(SINGLE_THREADED) if ((ret = SuiteTest(argc, argv)) != 0) { fprintf(stderr, "suite test failed with %d\n", ret); diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index b85ddf66d..fea9327d9 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -58,7 +58,8 @@ void file_test(const char* file, byte* check); #endif -#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) #ifdef HAVE_STACK_SIZE static THREAD_RETURN simple_test(func_args *args); @@ -111,6 +112,7 @@ static void *echoclient_test_wrapper(void* args) { int testsuite_test(int argc, char** argv) { #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) && \ (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)) func_args server_args; @@ -413,6 +415,7 @@ cleanup: #endif #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \ + !defined(NO_TLS) && \ (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)) /* Perform a basic TLS handshake. *