- Applied David's patch to get access to the missing sni callback (arg)

- removed tlsext callback (since it's a compatibility one) - updated testing examples and wrapper
2024-06-04 18:26:01 +02:00 · 2024-06-04 18:26:01 +02:00 · 983610ed68
parent 5d0b7e0d18
commit 983610ed68
4 changed files with 31 additions and 48 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@ -20156,16 +20156,9 @@ VerifyCallback wolfSSL_CTX_get_verify_callback(WOLFSSL_CTX* ctx)
    return NULL;
 }

-
 #ifdef HAVE_SNI
-
-void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx, CallbackSniRecv cb)
-{
-    WOLFSSL_ENTER("wolfSSL_CTX_set_servername_callback");
-    if (ctx)
-        ctx->sniRecvCb = cb;
-}
-
+/* this is a compatibily function, consider using
+ * wolfSSL_CTX_set_servername_callback */
 int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX* ctx,
                                               CallbackSniRecv cb)
 {
@ -20177,19 +20170,8 @@ int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX* ctx,
    return WOLFSSL_FAILURE;
 }

-int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg)
-{
-    WOLFSSL_ENTER("wolfSSL_CTX_set_servername_arg");
-    if (ctx) {
-        ctx->sniRecvCbArg = arg;
-        return WOLFSSL_SUCCESS;
-    }
-    return WOLFSSL_FAILURE;
-}
-
 #endif /* HAVE_SNI */

-
 #ifndef NO_BIO
 void wolfSSL_ERR_load_BIO_strings(void) {
    WOLFSSL_ENTER("wolfSSL_ERR_load_BIO_strings");
@ -20224,6 +20206,27 @@ void wolfSSL_THREADID_set_numeric(void* id, unsigned long val)
        * HAVE_LIGHTY || WOLFSSL_HAPROXY || WOLFSSL_OPENSSH ||
        * HAVE_SBLIM_SFCB)) */

+#ifdef HAVE_SNI
+
+void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx, CallbackSniRecv cb)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_set_servername_callback");
+    if (ctx)
+        ctx->sniRecvCb = cb;
+}
+
+
+int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg)
+{
+    WOLFSSL_ENTER("wolfSSL_CTX_set_servername_arg");
+    if (ctx) {
+        ctx->sniRecvCbArg = arg;
+        return WOLFSSL_SUCCESS;
+    }
+    return WOLFSSL_FAILURE;
+}
+
+#endif /* HAVE_SNI */

 #if defined(OPENSSL_EXTRA)

--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@ -4872,14 +4872,17 @@ typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg);

 WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx,
        CallbackSniRecv cb);
-WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX* ctx,
-        CallbackSniRecv cb);

 WOLFSSL_API int  wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg);
 #endif

-#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) \
-    || defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
+#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
+    defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY)
+
+#ifdef HAVE_SNI
+WOLFSSL_API int wolfSSL_CTX_set_tlsext_servername_callback(WOLFSSL_CTX* ctx,
+        CallbackSniRecv cb);
+#endif

 WOLFSSL_API void wolfSSL_ERR_remove_thread_state(void* pid);

--- a/wrapper/CSharp/wolfSSL-TLS-Server/wolfSSL-TLS-Server.cs
+++ b/wrapper/CSharp/wolfSSL-TLS-Server/wolfSSL-TLS-Server.cs
@ -77,7 +77,7 @@ public class wolfSSL_TLS_CSHarp
        /* Trivial callback just for testing */
        Console.WriteLine("my sni server callback");

-        return wolfssl.SUCCESS;
+        return 0;
    }

    public static void Main(string[] args)
@ -167,12 +167,6 @@ public class wolfSSL_TLS_CSHarp
           // Setting SNI delegate
           wolfssl.sni_delegate sni_cb  = new wolfssl.sni_delegate(my_sni_server_cb);
           wolfssl.CTX_set_servername_callback(ctx, sni_cb);
-
-           if (wolfssl.CTX_set_tlsext_servername_callback(ssl, sni_cb) == wolfssl.FAILURE) {
-               Console.WriteLine("wolfssl.CTX_set_tlsext_servername_callback failed");
-               wolfssl.CTX_free(ctx);
-               return;
-           }
        }

        Console.WriteLine("Connection made wolfSSL_accept ");
--- a/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
+++ b/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
@ -325,8 +325,6 @@ namespace wolfSSL.CSharp {
        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
        private extern static void wolfSSL_CTX_set_servername_callback(IntPtr ctx, sni_delegate sni_cb);
        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
-        private extern static int wolfSSL_CTX_set_tlsext_servername_callback(IntPtr ctx, sni_delegate sni_cb);
-        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
        private extern static int wolfSSL_CTX_set_servername_arg(IntPtr ctx, IntPtr arg);
        [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)]
        private extern static int wolfSSL_CTX_UseSNI(IntPtr ctx, byte type, IntPtr data, ushort size);
@ -1141,21 +1139,6 @@ namespace wolfSSL.CSharp {
            }
        }

-        public static int CTX_set_tlsext_servername_callback(IntPtr ctx, sni_delegate sni_cb) 
-        {
-            try {
-                GCHandle gch = GCHandle.FromIntPtr(ctx);
-                ctx_handle handles = (ctx_handle)gch.Target;
-
-                handles.set_sni(GCHandle.Alloc(sni_cb));
-
-                return wolfSSL_CTX_set_tlsext_servername_callback(handles.get_ctx(), sni_cb);
-            } catch (Exception e) {
-                log(ERROR_LOG, "wolfssl tlsext servername callback error: " + e.ToString());
-                return FAILURE;
-            }
-        }
-
        public static int CTX_set_servername_arg(IntPtr ctx, IntPtr arg) 
        {
            try {