WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #4205 from julek-wolfssl/wpas-include-extra-stuff 

Include stuff needed for EAP in hostap
pull/3726/head
David Garske 2021-08-12 11:17:23 -07:00 committed by GitHub
parent d4b0ec0705 e583d0ab76
commit 93a1fe4580
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 27 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
configure.ac
View File

@ -982,7 +982,7 @@ if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xn
then
AM_CFLAGS="-DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB $AM_CFLAGS"
AM_CFLAGS="-DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS $AM_CFLAGS"
AM_CFLAGS="-DHAVE_EXT_CACHE $AM_CFLAGS"
AM_CFLAGS="-DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET $AM_CFLAGS"
fi
if test "$ENABLED_OPENSSLEXTRA" = "x509small"
@ -1045,8 +1045,6 @@ fi
if test "$ENABLED_WPAS" = "small"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WPAS_SMALL"
AM_CFLAGS="$AM_CFLAGS -DKEEP_OUR_CERT"
AM_CFLAGS="$AM_CFLAGS -DKEEP_PEER_CERT"
fi
if test "$ENABLED_WPAS" = "yes"
then
@ -1068,6 +1066,8 @@ then
AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DES_ECB"
AM_CFLAGS="$AM_CFLAGS -DKEEP_OUR_CERT"
AM_CFLAGS="$AM_CFLAGS -DKEEP_PEER_CERT"
fi
if test "$ENABLED_FORTRESS" = "yes"

4
src/internal.c
View File

@ -13196,7 +13196,7 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
ssl->secure_renegotiation->verifySet = 1;
}
#endif
#ifdef OPENSSL_ALL
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
if (ssl->options.side == WOLFSSL_CLIENT_END)
XMEMCPY(ssl->serverFinished,
input + *inOutIdx, TLS_FINISHED_SZ);
@ -18166,7 +18166,7 @@ int SendFinished(WOLFSSL* ssl)
TLS_FINISHED_SZ);
}
#endif
#ifdef OPENSSL_ALL
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
if (ssl->options.side == WOLFSSL_CLIENT_END)
XMEMCPY(ssl->clientFinished,
hashes, TLS_FINISHED_SZ);

22
src/ssl.c
View File

@ -14172,6 +14172,19 @@ static WC_INLINE void RestoreSession(WOLFSSL* ssl, WOLFSSL_SESSION* session,
#endif
}
static int SslSessionCacheOff(const WOLFSSL* ssl, const WOLFSSL_SESSION* session)
{
(void)session;
return ssl->options.sessionCacheOff
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_FORCE_CACHE_ON_TICKET)
&& session->ticketLen == 0
#endif
#ifdef OPENSSL_EXTRA
&& ssl->options.side != WOLFSSL_CLIENT_END
#endif
;
}
WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
byte restoreSessionCerts)
{
@ -14184,7 +14197,7 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
(void) restoreSessionCerts;
if (ssl->options.sessionCacheOff)
if (SslSessionCacheOff(ssl, &ssl->session))
return NULL;
if (ssl->options.haveSessionId == 0)
@ -14388,10 +14401,9 @@ static int GetDeepCopySession(WOLFSSL* ssl, WOLFSSL_SESSION* copyFrom)
return ret;
}
int SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
{
if (ssl == NULL || ssl->options.sessionCacheOff)
if (ssl == NULL || SslSessionCacheOff(ssl, session))
return WOLFSSL_FAILURE;
#ifdef OPENSSL_EXTRA
@ -14456,7 +14468,7 @@ int AddSession(WOLFSSL* ssl)
int cbRet = 0;
#endif
if (ssl->options.sessionCacheOff)
if (SslSessionCacheOff(ssl, &ssl->session))
return 0;
if (ssl->options.haveSessionId == 0)
@ -27365,7 +27377,7 @@ int wolfSSL_i2d_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT *a, unsigned char **pp)
return a->objSz;
}
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count)
{
WOLFSSL_ENTER("SSL_get_finished");

4
tests/api.c
View File

@ -23449,6 +23449,7 @@ static int test_wc_ecc_pointFns (void)
printf(resultFmt, ret == 0 ? passed : failed);
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifdef USE_ECC_B_PARAM
printf(testingFmt, "wc_ecc_point_is_on_curve()");
/* On curve if ret == 0 */
@ -23469,6 +23470,7 @@ static int test_wc_ecc_pointFns (void)
}
printf(resultFmt, ret == 0 ? passed : failed);
#endif /* USE_ECC_B_PARAM */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
/* Free */
wc_ecc_del_point(point);
@ -31063,7 +31065,7 @@ static void test_wolfSSL_Tls13_Key_Logging_test(void)
printf(resultFmt, passed);
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && WOLFSSL_TLS13 */
}
static void test_wolfSSL_X509_NID(void)

2
wolfssl/internal.h
View File

@ -4484,7 +4484,7 @@ struct WOLFSSL {
#ifdef WOLFSSL_STATIC_EPHEMERAL
StaticKeyExchangeInfo_t staticKE;
#endif
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
/* Added in libest port: allow applications to get the 'tls-unique' Channel
* Binding Type (https://tools.ietf.org/html/rfc5929#section-3). This is
* used in the EST protocol to bind an enrollment to a TLS session through

2
wolfssl/ssl.h
View File

@ -4440,7 +4440,7 @@ WOLFSSL_API int wolfSSL_X509_check_email(WOLFSSL_X509 *x, const char *chk,
#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
WOLFSSL_API const unsigned char *SSL_SESSION_get0_id_context(
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length);
WOLFSSL_API size_t wolfSSL_get_finished(const WOLFSSL *ssl, void *buf, size_t count);