Fixes for building without DTLS v1.2 and TLS v1.2. Fixes for explicit cast warnings.

2022-06-15 10:12:51 -07:00 · 2022-06-15 10:12:51 -07:00 · aa8df1af78
parent 3a9176bcc9
commit aa8df1af78
7 changed files with 70 additions and 19 deletions
--- a/examples/benchmark/tls_bench.c
+++ b/examples/benchmark/tls_bench.c
@ -905,9 +905,15 @@ static int bench_tls_client(info_t* info)
 #ifdef WOLFSSL_DTLS
    if (info->doDTLS) {
        if (tls13) {
-            return WOLFSSL_SUCCESS;
+        #ifdef WOLFSSL_DTLS13
+            cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_3_client_method());
+        #endif
+        }
+        else {
+        #ifndef WOLFSSL_NO_TLS12
+            cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
+        #endif
        }
-        cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
    }
    else
 #endif
@ -1348,9 +1354,15 @@ static int bench_tls_server(info_t* info)
 #ifdef WOLFSSL_DTLS
    if (info->doDTLS) {
        if (tls13) {
-            return WOLFSSL_SUCCESS;
+        #ifdef WOLFSSL_DTLS13
+            srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_3_server_method());
+        #endif
+        }
+        else {
+        #ifndef WOLFSSL_NO_TLS12
+            srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
+        #endif
        }
-        srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
    }
    else
 #endif
--- a/examples/echoclient/echoclient.c
+++ b/examples/echoclient/echoclient.c
@ -138,7 +138,11 @@ void echoclient_test(void* args)
 #endif

 #if defined(CYASSL_DTLS)
+    #ifdef WOLFSSL_DTLS13
+    method = wolfDTLSv1_3_client_method();
+    #elif !defined(WOLFSSL_NO_TLS12)
    method  = DTLSv1_2_client_method();
+    #endif
 #elif !defined(NO_TLS)
    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
    method = CyaTLSv1_2_client_method();
--- a/examples/echoserver/echoserver.c
+++ b/examples/echoserver/echoserver.c
@ -145,7 +145,11 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
    tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);

 #if defined(CYASSL_DTLS)
+    #ifdef WOLFSSL_DTLS13
+    method = wolfDTLSv1_3_server_method();
+    #elif !defined(WOLFSSL_NO_TLS12)
    method  = CyaDTLSv1_2_server_method();
+    #endif
 #elif !defined(NO_TLS)
    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
    method = CyaTLSv1_2_server_method();
--- a/src/dtls13.c
+++ b/src/dtls13.c
@ -372,7 +372,7 @@ static int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
        if (ret != 0)
            break;

-        Dtls13MsgWasProcessed(ssl, msg->type);
+        Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);

        ssl->dtls_rx_msg_list = msg->next;
        DtlsMsgDelete(msg, ssl->heap);
@ -814,7 +814,8 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
    byte* output;
    int ret;

-    isEncrypted = Dtls13TypeIsEncrypted(ssl->dtls13FragHandshakeType);
+    isEncrypted = Dtls13TypeIsEncrypted(
+        (enum HandShakeType)ssl->dtls13FragHandshakeType);
    rlHeaderLength = Dtls13GetRlHeaderLength(isEncrypted);
    maxFragment = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);

@ -840,8 +841,8 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
            ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length;

        ret = Dtls13HandshakeAddHeaderFrag(ssl, output + rlHeaderLength,
-            ssl->dtls13FragHandshakeType, ssl->dtls13FragOffset, fragLength,
-            ssl->dtls13MessageLength);
+            (enum HandShakeType)ssl->dtls13FragHandshakeType,
+            ssl->dtls13FragOffset, fragLength, ssl->dtls13MessageLength);
        if (ret != 0) {
            Dtls13FreeFragmentsBuffer(ssl);
            return ret;
@ -851,7 +852,8 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
            ssl->dtls13FragmentsBuffer.buffer + ssl->dtls13FragOffset,
            fragLength);

-        ret = Dtls13SendOneFragmentRtx(ssl, ssl->dtls13FragHandshakeType,
+        ret = Dtls13SendOneFragmentRtx(ssl,
+            (enum HandShakeType)ssl->dtls13FragHandshakeType,
            recordLength + MAX_MSG_EXTRA, output, recordLength, 0);
        if (ret == WANT_WRITE) {
            ssl->dtls13FragOffset += fragLength;
@ -1321,7 +1323,8 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
        seq = ssl->dtls13EncryptEpoch->nextSeqNumber;

        ret = Dtls13SendFragment(ssl, output, sendSz, r->length + headerLength,
-            r->handshakeType, 0, isLast || !ssl->options.groupMessages);
+            (enum HandShakeType)r->handshakeType, 0,
+            isLast || !ssl->options.groupMessages);
        if (ret != 0 && ret != WANT_WRITE)
            return ret;

@ -1385,7 +1388,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
    if (frag_off + frag_length > message_length)
        return BUFFER_ERROR;

-    ret = Dtls13RtxMsgRecvd(ssl, handshake_type, frag_off);
+    ret = Dtls13RtxMsgRecvd(ssl, (enum HandShakeType)handshake_type, frag_off);
    if (ret != 0)
        return ret;

@ -1430,7 +1433,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
    if (ret != 0)
        return ret;

-    Dtls13MsgWasProcessed(ssl, handshake_type);
+    Dtls13MsgWasProcessed(ssl, (enum HandShakeType)handshake_type);

    *processedSize = idx;

--- a/src/internal.c
+++ b/src/internal.c
@ -541,6 +541,7 @@ int IsDtlsNotSctpMode(WOLFSSL* ssl)
 #endif
 }

+#ifndef WOLFSSL_NO_TLS12
 /* Secure Real-time Transport Protocol */
 /* If SRTP is not enabled returns the state of the dtls option.
 * If SRTP is enabled returns dtls && !dtlsSrtpProfiles. */
@ -552,6 +553,7 @@ static WC_INLINE int IsDtlsNotSrtpMode(WOLFSSL* ssl)
    return ssl->options.dtls;
 #endif
 }
+#endif /* !WOLFSSL_NO_TLS12 */
 #endif /* WOLFSSL_DTLS */


@ -2907,6 +2909,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
    int    dtls   = 0;
    int    haveRSAsig = 1;

+#ifdef WOLFSSL_DTLS
+    /* If DTLS v1.2 or later than set tls1_2 flag */
+    if (pv.major == DTLS_MAJOR && pv.minor <= DTLSv1_2_MINOR) {
+        tls1_2 = 1;
+    }
+#endif
+
    (void)tls;  /* shut up compiler */
    (void)tls1_2;
    (void)dtls;
@ -15382,8 +15391,15 @@ int DtlsMsgDrain(WOLFSSL* ssl)
            item->fragSz == item->sz &&
            ret == 0) {
        word32 idx = 0;
-        if ((ret = DoHandShakeMsgType(ssl, item->msg, &idx, item->type,
-                                      item->sz, item->sz)) == 0) {
+
+    #ifdef WOLFSSL_NO_TLS12
+        ret = DoTls13HandShakeMsgType(ssl, item->msg, &idx, item->type,
+                                      item->sz, item->sz);
+    #else
+        ret = DoHandShakeMsgType(ssl, item->msg, &idx, item->type,
+                                      item->sz, item->sz);
+    #endif
+        if (ret == 0) {
            DtlsTxMsgListClean(ssl);
        }
    #ifdef WOLFSSL_ASYNC_CRYPT
@ -15520,8 +15536,13 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                *inOutIdx = totalSz;
            }
            else {
+            #ifdef WOLFSSL_NO_TLS12
+                ret = DoTls13HandShakeMsgType(ssl, input, inOutIdx, type, size,
+                    totalSz);
+            #else
                ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size,
                    totalSz);
+            #endif
            }
        }
    }
@ -15623,7 +15644,12 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
 #endif
        ret = DtlsMsgDrain(ssl);
 #else
+    #ifdef WOLFSSL_NO_TLS12
+        ret = DoTls13HandShakeMsgType(ssl, input, inOutIdx, type, size,
+                                      totalSz);
+    #else
        ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
+    #endif
        if (ret == 0) {
            DtlsTxMsgListClean(ssl);
            if (ssl->dtls_rx_msg_list != NULL) {
@ -15636,7 +15662,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
    WOLFSSL_LEAVE("DoDtlsHandShakeMsg()", ret);
    return ret;
 }
-#endif
+#endif /* WOLFSSL_DTLS13 */

 #ifndef WOLFSSL_NO_TLS12

--- a/src/tls.c
+++ b/src/tls.c
@ -12510,7 +12510,9 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
        (void)heap;
        WOLFSSL_ENTER("DTLS_client_method_ex");
        if (method) {
-        #if !defined(WOLFSSL_NO_TLS12)
+        #if defined(WOLFSSL_DTLS13)
+            InitSSL_Method(method, MakeDTLSv1_3());
+        #elif !defined(WOLFSSL_NO_TLS12)
            InitSSL_Method(method, MakeDTLSv1_2());
        #elif !defined(NO_OLD_TLS)
            InitSSL_Method(method, MakeDTLSv1());
--- a/src/tls13.c
+++ b/src/tls13.c
@ -1653,7 +1653,7 @@ static void AddTls13HandShakeHeader(byte* output, word32 length,
       when computing the hash transcript, we can avoid to use the DTLS
       handshake header. */
    if (ssl->options.dtls && type != message_hash) {
-        Dtls13HandshakeAddHeader(ssl, output, type, length);
+        Dtls13HandshakeAddHeader(ssl, output, (enum HandShakeType)type, length);
        return;
    }
 #endif /* WOLFSSL_DTLS13 */
@ -1680,7 +1680,7 @@ static void AddTls13Headers(byte* output, word32 length, byte type,

 #ifdef WOLFSSL_DTLS13
    if (ssl->options.dtls) {
-        Dtls13AddHeaders(output, length, type, ssl);
+        Dtls13AddHeaders(output, length, (enum HandShakeType)type, ssl);
        return;
    }
 #endif /* WOLFSSL_DTLS13 */
@ -1711,7 +1711,7 @@ static void AddTls13FragHeaders(byte* output, word32 fragSz, word32 fragOffset,
    /* we ignore fragmentation fields here because fragmentation logic for
       DTLS1.3 is inside dtls13_handshake_send(). */
    if (ssl->options.dtls) {
-        Dtls13AddHeaders(output, length, type, ssl);
+        Dtls13AddHeaders(output, length, (enum HandShakeType)type, ssl);
        return;
    }
 #endif /* WOLFSSL_DTLS13 */