Adressing Todd's comments

Check for HAVE_GETADDRINFO beside WOLF_C99
Move STR_SIZEOF to wolfssl/wolfcrypt/types.h and rename to XSTR_SIZEOF to prevent collision in client projects
Remove wolfssl/openssl/ssl.h and wolfssl/internal.h from crypto layer

src/ssl.c

@@ -151,28 +151,28 @@ static WOLFSSL_BIGNUM* bn_one = NULL;
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
 const WOLF_EC_NIST_NAME kNistCurves[] = {
-    {STR_SIZEOF("P-192"),   "P-192",   NID_X9_62_prime192v1},
+    {XSTR_SIZEOF("P-192"),   "P-192",   NID_X9_62_prime192v1},
-    {STR_SIZEOF("P-256"),   "P-256",   NID_X9_62_prime256v1},
+    {XSTR_SIZEOF("P-256"),   "P-256",   NID_X9_62_prime256v1},
-    {STR_SIZEOF("P-112"),   "P-112",   NID_secp112r1},
+    {XSTR_SIZEOF("P-112"),   "P-112",   NID_secp112r1},
-    {STR_SIZEOF("P-112-2"), "P-112-2", NID_secp112r2},
+    {XSTR_SIZEOF("P-112-2"), "P-112-2", NID_secp112r2},
-    {STR_SIZEOF("P-128"),   "P-128",   NID_secp128r1},
+    {XSTR_SIZEOF("P-128"),   "P-128",   NID_secp128r1},
-    {STR_SIZEOF("P-128-2"), "P-128-2", NID_secp128r2},
+    {XSTR_SIZEOF("P-128-2"), "P-128-2", NID_secp128r2},
-    {STR_SIZEOF("P-160"),   "P-160",   NID_secp160r1},
+    {XSTR_SIZEOF("P-160"),   "P-160",   NID_secp160r1},
-    {STR_SIZEOF("P-160-2"), "P-160-2", NID_secp160r2},
+    {XSTR_SIZEOF("P-160-2"), "P-160-2", NID_secp160r2},
-    {STR_SIZEOF("P-224"),   "P-224",   NID_secp224r1},
+    {XSTR_SIZEOF("P-224"),   "P-224",   NID_secp224r1},
-    {STR_SIZEOF("P-384"),   "P-384",   NID_secp384r1},
+    {XSTR_SIZEOF("P-384"),   "P-384",   NID_secp384r1},
-    {STR_SIZEOF("P-521"),   "P-521",   NID_secp521r1},
+    {XSTR_SIZEOF("P-521"),   "P-521",   NID_secp521r1},
-    {STR_SIZEOF("K-160"),   "K-160",   NID_secp160k1},
+    {XSTR_SIZEOF("K-160"),   "K-160",   NID_secp160k1},
-    {STR_SIZEOF("K-192"),   "K-192",   NID_secp192k1},
+    {XSTR_SIZEOF("K-192"),   "K-192",   NID_secp192k1},
-    {STR_SIZEOF("K-224"),   "K-224",   NID_secp224k1},
+    {XSTR_SIZEOF("K-224"),   "K-224",   NID_secp224k1},
-    {STR_SIZEOF("K-256"),   "K-256",   NID_secp256k1},
+    {XSTR_SIZEOF("K-256"),   "K-256",   NID_secp256k1},
-    {STR_SIZEOF("B-160"),   "B-160",   NID_brainpoolP160r1},
+    {XSTR_SIZEOF("B-160"),   "B-160",   NID_brainpoolP160r1},
-    {STR_SIZEOF("B-192"),   "B-192",   NID_brainpoolP192r1},
+    {XSTR_SIZEOF("B-192"),   "B-192",   NID_brainpoolP192r1},
-    {STR_SIZEOF("B-224"),   "B-224",   NID_brainpoolP224r1},
+    {XSTR_SIZEOF("B-224"),   "B-224",   NID_brainpoolP224r1},
-    {STR_SIZEOF("B-256"),   "B-256",   NID_brainpoolP256r1},
+    {XSTR_SIZEOF("B-256"),   "B-256",   NID_brainpoolP256r1},
-    {STR_SIZEOF("B-320"),   "B-320",   NID_brainpoolP320r1},
+    {XSTR_SIZEOF("B-320"),   "B-320",   NID_brainpoolP320r1},
-    {STR_SIZEOF("B-384"),   "B-384",   NID_brainpoolP384r1},
+    {XSTR_SIZEOF("B-384"),   "B-384",   NID_brainpoolP384r1},
-    {STR_SIZEOF("B-512"),   "B-512",   NID_brainpoolP512r1},
+    {XSTR_SIZEOF("B-512"),   "B-512",   NID_brainpoolP512r1},
     {0,                     NULL,      0},
 };
 #endif

src/wolfio.c

@@ -770,7 +770,8 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
     int ret = 0;
     SOCKADDR_S addr;
     int sockaddr_len = sizeof(SOCKADDR_IN);
-#ifndef WOLF_C99
+    /* use gethostbyname for c99 */
+#if defined(HAVE_GETADDRINFO) && !defined(WOLF_C99)
     ADDRINFO hints;
     ADDRINFO* answer = NULL;
     char strPort[6];
@@ -786,7 +787,7 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
 #endif
 
     /* use gethostbyname for c99 */
-#ifndef WOLF_C99
+#if defined(HAVE_GETADDRINFO) && !defined(WOLF_C99)
     XMEMSET(&hints, 0, sizeof(hints));
     hints.ai_family = AF_UNSPEC;
     hints.ai_socktype = SOCK_STREAM;

wolfcrypt/src/asn.c

@@ -69,10 +69,6 @@ ASN Options:
 #include <wolfssl/wolfcrypt/wc_encrypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
-#ifdef OPENSSL_EXTRA
-#include <wolfssl/openssl/ssl.h>
-#endif
-
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/hash.h>
 #ifdef NO_INLINE
@@ -128,7 +124,6 @@ extern int wc_InitRsaHw(RsaKey* key);
 
 #define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
 
-#include <wolfssl/internal.h>
 #if defined(HAVE_SELFTEST) || !defined(NO_SKID)
     #ifndef WOLFSSL_AES_KEY_SIZE_ENUM
     #define WOLFSSL_AES_KEY_SIZE_ENUM
@@ -8787,6 +8782,18 @@ int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
     return ret;
 }
 
+/* from SSL proper, for locking can't do find here anymore */
+#ifdef __cplusplus
+    extern "C" {
+#endif
+    Signer* GetCA(void* signers, byte* hash);
+    #ifndef NO_SKID
+        Signer* GetCAByName(void* signers, byte* hash);
+    #endif
+#ifdef __cplusplus
+    }
+#endif
+
 #if defined(WOLFCRYPT_ONLY) || defined(NO_CERTS)
 
 /* dummy functions, not using wolfSSL so don't need actual ones */
@@ -10297,16 +10304,16 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
         /* see if there is a -----BEGIN * PRIVATE KEY----- header */
         headerEnd = XSTRNSTR((char*)buff, PRIV_KEY_SUFFIX, sz);
         if (headerEnd) {
-            beginEnd = headerEnd + STR_SIZEOF(PRIV_KEY_SUFFIX);
+            beginEnd = headerEnd + XSTR_SIZEOF(PRIV_KEY_SUFFIX);
             /* back up to BEGIN_PRIV_KEY_PREFIX */
-            headerEnd -= STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX);
+            headerEnd -= XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX);
             while (headerEnd > (char*)buff &&
                     XSTRNCMP(headerEnd, BEGIN_PRIV_KEY_PREFIX,
-                            STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX)) != 0) {
+                            XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX)) != 0) {
                 headerEnd--;
             }
             if (XSTRNCMP(headerEnd, BEGIN_PRIV_KEY_PREFIX,
-                    STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX)) != 0 ||
+                    XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX)) != 0 ||
                     beginEnd - headerEnd > PEM_LINE_LEN) {
                 WOLFSSL_MSG("Couldn't find PEM header");
                 return ASN_NO_PEM_HEADER;
@@ -10316,16 +10323,16 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
             beginBuf[beginEnd - headerEnd] = '\0';
             /* look for matching footer */
             footer = XSTRNSTR(beginEnd,
-                            beginBuf + STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX),
+                            beginBuf + XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX),
                             (unsigned int)((char*)buff + sz - beginEnd));
             if (!footer) {
                 WOLFSSL_MSG("Couldn't find PEM footer");
                 return ASN_NO_PEM_HEADER;
             }
-            footer -= STR_SIZEOF(END_PRIV_KEY_PREFIX);
+            footer -= XSTR_SIZEOF(END_PRIV_KEY_PREFIX);
             endLen = (unsigned int)(beginEnd - headerEnd -
-                        (STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX) -
+                        (XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX) -
-                                STR_SIZEOF(END_PRIV_KEY_PREFIX)));
+                                XSTR_SIZEOF(END_PRIV_KEY_PREFIX)));
             XMEMCPY(endBuf, footer, endLen);
             endBuf[endLen] = '\0';
 

wolfssl/internal.h

@@ -4241,8 +4241,6 @@ static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 };
 static const byte tls_client[FINISHED_LABEL_SZ + 1] = "client finished";
 static const byte tls_server[FINISHED_LABEL_SZ + 1] = "server finished";
 
-#define STR_SIZEOF(x) (sizeof(x) - 1) /* -1 to not count the null char */
-
 #ifdef OPENSSL_EXTRA
 typedef struct {
     int name_len;

wolfssl/wolfcrypt/types.h

@@ -248,6 +248,7 @@
         #define USE_WINDOWS_API
     #endif
 
+    #define XSTR_SIZEOF(x) (sizeof(x) - 1) /* -1 to not count the null char */
 
     /* idea to add global alloc override by Moises Guimaraes  */
     /* default to libc stuff */

wolfssl/wolfio.h

@@ -328,7 +328,7 @@
     #endif /* HAVE_SOCKADDR */
 
     /* use gethostbyname for c99 */
-    #ifndef WOLF_C99
+    #if defined(HAVE_GETADDRINFO) && !defined(WOLF_C99)
         typedef struct addrinfo         ADDRINFO;
     #endif
 #endif /* WOLFSSL_NO_SOCK */