diff --git a/src/ssl.c b/src/ssl.c index 73abe8f5c..698b0c9c0 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -26438,14 +26438,15 @@ void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p, unsigned int p_len) { - wolfSSL_OPENSSL_free((void *)ctx->alpn_cli_protos); + if((void *)ctx->alpn_cli_protos != NULL) + wolfSSL_OPENSSL_free((void *)ctx->alpn_cli_protos); ctx->alpn_cli_protos = wolfSSL_OPENSSL_memdup(p, p_len, NULL, 0); if (ctx->alpn_cli_protos == NULL) { - return 1; + return SSL_FAILURE; } ctx->alpn_cli_protos_len = p_len; - return 0; + return SSL_SUCCESS; } #endif diff --git a/tests/api.c b/tests/api.c index a7e5f1127..ccedaebc5 100644 --- a/tests/api.c +++ b/tests/api.c @@ -10345,6 +10345,20 @@ static void test_wolfSSL_BN(void) #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */ } +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ + !defined(NO_FILESYSTEM) && !defined(NO_RSA) +#define TEST_ARG 0x1234 +static void msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) +{ + (void)write_p; + (void)version; + (void)content_type; + (void)buf; + (void)len; + (void)ssl; + AssertTrue(arg == (void*)TEST_ARG); +} +#endif static void test_wolfSSL_set_options(void) { @@ -10353,6 +10367,14 @@ static void test_wolfSSL_set_options(void) SSL* ssl; SSL_CTX* ctx; + unsigned char protos[] = { + 7, 't', 'l', 's', '/', '1', '.', '2', + 8, 'h', 't', 't', 'p', '/', '1', '.', '1' + }; + unsigned int len = sizeof(protos); + + void *arg = (void *)TEST_ARG; + printf(testingFmt, "wolfSSL_set_options()"); AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method())); @@ -10372,6 +10394,11 @@ static void test_wolfSSL_set_options(void) AssertTrue((SSL_set_options(ssl, SSL_OP_NO_COMPRESSION) & SSL_OP_NO_COMPRESSION) == SSL_OP_NO_COMPRESSION); + AssertTrue(SSL_set_msg_callback(ssl, msg_cb) == SSL_SUCCESS); + AssertTrue(SSL_set_msg_callback_arg(ssl, arg) == SSL_SUCCESS); + + AssertTrue(SSL_CTX_set_alpn_protos(ctx, protos, len) == SSL_SUCCESS); + SSL_free(ssl); SSL_CTX_free(ctx); @@ -10379,6 +10406,27 @@ static void test_wolfSSL_set_options(void) #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ } + #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) +static int verify_cb(int ok, X509_STORE_CTX *ctx) +{ + (void) ok; + (void) ctx; + printf("ENTER verify_cb\n"); + return SSL_SUCCESS; +} +#endif + +static void test_wolfSSL_X509_STORE_CTX(void) +{ + #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + X509_STORE_CTX *ctx = NULL ; + + printf(testingFmt, "test_wolfSSL_X509_STORE_CTX(()"); + AssertNotNull(ctx = X509_STORE_CTX_new()); + X509_STORE_CTX_set_verify_cb(ctx, verify_cb); + printf(resultFmt, passed); + #endif +} /* Testing wolfSSL_set_tlsext_status_type funciton. * PRE: OPENSSL and HAVE_CERTIFICATE_STATUS_REQUEST defined. @@ -11307,6 +11355,7 @@ void ApiTest(void) test_wolfSSL_X509_STORE_CTX_set_time(); test_wolfSSL_BN(); test_wolfSSL_set_options(); + test_wolfSSL_X509_STORE_CTX(); test_wolfSSL_PEM_read_bio(); test_wolfSSL_BIO(); test_wolfSSL_DES_ecb_encrypt(); diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index ad70f7153..fc702ded2 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -361,7 +361,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX; #define SSL_CTX_set_timeout(ctx, to) wolfSSL_CTX_set_timeout(ctx, (unsigned int) to) #define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback - +#define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos #define ERR_peek_error wolfSSL_ERR_peek_error #define ERR_peek_last_error_line wolfSSL_ERR_peek_last_error_line #define ERR_peek_errors_fp wolfSSL_ERR_peek_errors_fp @@ -734,7 +734,7 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING; #if defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \ - defined(WOLFSSL_MYSQL_COMPATIBLE) + defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA) #include