WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Support for WebRTC (ref m79): 

* Fixed `set1_curves_list` API's to use `const char*` for names.
* Fixed `ossl_typ.h` to include `ssl.h` compatibility.
* Added `SSL_CTX_up_ref`.
* Added `wolfSSL_set1_curves_list`
* Added `TLS_method` and `DTLS_method`
* Added `SSL_CIPHER_standard_name`.
* Added `X509_STORE_CTX_get0_cert`
* Added `SSL_CTX_set_cert_verify_callback`.
* Enabled "either" side support when `--enable-opensslall` is used.
* Changed `SSL_CIPHER_get_rfc_name` to use `wolfSSL_CIPHER_get_name` instead of stub.
pull/2585/head
David Garske 2019-11-13 12:34:33 -08:00
parent 99292158e4
commit af142b307b
7 changed files with 194 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
configure.ac
View File

@ -540,7 +540,7 @@ fi
if test "$ENABLED_OPENSSLALL" = "yes"
then
AM_CFLAGS="-DOPENSSL_ALL $AM_CFLAGS"
AM_CFLAGS="-DOPENSSL_ALL -DWOLFSSL_EITHER_SIDE $AM_CFLAGS"
fi
# OPENSSL Extra Compatibility

89
src/internal.c
View File

@ -1921,11 +1921,10 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
void FreeSSL_Ctx(WOLFSSL_CTX* ctx)
{
int doFree = 0;
if (wc_LockMutex(&ctx->countMutex) != 0) {
WOLFSSL_MSG("Couldn't lock count mutex");
int refCount;
/* decrement CTX reference count */
if ((refCount = SSL_CTX_RefCount(ctx, -1)) < 0) {
/* check error state, if mutex error code then mutex init failed but
* CTX was still malloc'd */
if (ctx->err == CTX_INIT_MUTEX_E) {
@ -1934,12 +1933,8 @@ void FreeSSL_Ctx(WOLFSSL_CTX* ctx)
}
return;
}
ctx->refCount--;
if (ctx->refCount == 0)
doFree = 1;
wc_UnLockMutex(&ctx->countMutex);
if (doFree) {
if (refCount == 0) {
void* heap = ctx->heap;
WOLFSSL_MSG("CTX ref count down to 0, doing full free");
SSL_CtxResourceFree(ctx);
@ -4857,6 +4852,32 @@ int InitSSL_Suites(WOLFSSL* ssl)
return WOLFSSL_SUCCESS;
}
/* returns new reference count. Arg incr positive=up or negative=down */
int SSL_CTX_RefCount(WOLFSSL_CTX* ctx, int incr)
{
int refCount;
if (ctx == NULL) {
return BAD_FUNC_ARG;
}
if (wc_LockMutex(&ctx->countMutex) != 0) {
WOLFSSL_MSG("Couldn't lock CTX count mutex");
return BAD_MUTEX_E;
}
ctx->refCount += incr;
/* make sure refCount is never negative */
if (ctx->refCount < 0) {
ctx->refCount = 0;
}
refCount = ctx->refCount;
wc_UnLockMutex(&ctx->countMutex);
return refCount;
}
/* This function inherits a WOLFSSL_CTX's fields into an SSL object.
It is used during initialization and to switch an ssl's CTX with
wolfSSL_Set_SSL_CTX. Requires ssl->suites alloc and ssl-arrays with PSK
@ -4869,7 +4890,7 @@ int InitSSL_Suites(WOLFSSL* ssl)
WOLFSSL_SUCCESS return value on success */
int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
{
int ret = WOLFSSL_SUCCESS;
int ret;
byte newSSL;
if (!ssl || !ctx)
@ -4896,12 +4917,11 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
}
/* increment CTX reference count */
if (wc_LockMutex(&ctx->countMutex) != 0) {
WOLFSSL_MSG("Couldn't lock CTX count mutex");
return BAD_MUTEX_E;
if ((ret = SSL_CTX_RefCount(ctx, 1)) < 0) {
return ret;
}
ctx->refCount++;
wc_UnLockMutex(&ctx->countMutex);
ret = WOLFSSL_SUCCESS; /* set default ret */
ssl->ctx = ctx; /* only for passing to calls, options could change */
ssl->version = ctx->method->version;
@ -9445,7 +9465,12 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
}
#endif
/* if verify callback has been set */
if (use_cb && ssl->verifyCallback) {
if (use_cb && (ssl->verifyCallback
#ifdef OPENSSL_ALL
|| ssl->ctx->verifyCertCb
#endif
)) {
int verifyFail = 0;
#ifdef WOLFSSL_SMALL_STACK
WOLFSSL_X509_STORE_CTX* store;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@ -9563,14 +9588,36 @@ static int DoVerifyCallback(WOLFSSL* ssl, int ret, ProcPeerCertArgs* args)
#ifdef SESSION_CERTS
store->sesChain = &ssl->session.chain;
#endif
#ifdef OPENSSL_ALL
/* non-zero return code indicates failure override */
if (ssl->verifyCallback(verify_ok, store)) {
if (ret != 0) {
WOLFSSL_MSG("Verify callback overriding error!");
ret = 0;
if (ssl->ctx->verifyCertCb) {
if (ssl->ctx->verifyCertCb(store, ssl->ctx->verifyCertCbArg)) {
if (ret != 0) {
WOLFSSL_MSG("Verify Cert callback overriding error!");
ret = 0;
}
}
else {
verifyFail = 1;
}
}
else {
#endif
/* non-zero return code indicates failure override */
if (ssl->verifyCallback) {
if (ssl->verifyCallback(verify_ok, store)) {
if (ret != 0) {
WOLFSSL_MSG("Verify callback overriding error!");
ret = 0;
}
}
else {
verifyFail = 1;
}
}
if (verifyFail) {
/* induce error if one not present */
if (ret == 0) {
ret = VERIFY_CERT_ERROR;

70
src/ssl.c
View File

@ -385,6 +385,14 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
#endif
}
#ifdef OPENSSL_EXTRA
/* increases CTX reference count to track proper time to "free" */
int wolfSSL_CTX_up_ref(WOLFSSL_CTX* ctx)
{
int refCount = SSL_CTX_RefCount(ctx, 1);
return ((refCount > 1) ? 1 : 0);
}
#endif
WOLFSSL_ABI
void wolfSSL_CTX_free(WOLFSSL_CTX* ctx)
@ -9736,6 +9744,19 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode, VerifyCallback vc)
ctx->verifyCallback = vc;
}
#ifdef OPENSSL_ALL
void wolfSSL_CTX_set_cert_verify_callback(WOLFSSL_CTX* ctx,
CertVerifyCallback cb, void* arg)
{
WOLFSSL_ENTER("SSL_CTX_set_cert_verify_callback");
if (ctx == NULL)
return;
ctx->verifyCertCb = cb;
ctx->verifyCertCbArg = arg;
}
#endif
void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback vc)
{
@ -14513,10 +14534,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return bio;
}
WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len)
WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(const void* buf, int len)
{
WOLFSSL_BIO* bio = NULL;
@ -19634,20 +19652,6 @@ const char* wolfSSL_CIPHER_get_version(const WOLFSSL_CIPHER* cipher)
return wolfSSL_get_version(cipher->ssl);
}
#ifndef NO_WOLFSSL_STUB
char* wolfSSL_CIPHER_get_rfc_name(const WOLFSSL_CIPHER* cipher)
{
char* rfcName = NULL;
WOLFSSL_STUB("SSL_CIPHER_get_rfc_name");
if (cipher == NULL || cipher->ssl == NULL) {
return NULL;
}
return rfcName;
}
#endif
const char* wolfSSL_SESSION_CIPHER_get_name(WOLFSSL_SESSION* session)
{
if (session == NULL) {
@ -23174,6 +23178,14 @@ WOLFSSL_X509_STORE* wolfSSL_X509_STORE_CTX_get0_store(
return ctx->store;
}
WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_cert(WOLFSSL_X509_STORE_CTX* ctx)
{
if (ctx == NULL)
return NULL;
return ctx->current_cert;
}
void wolfSSL_X509_STORE_CTX_set_time(WOLFSSL_X509_STORE_CTX* ctx,
unsigned long flags,
time_t t)
@ -36793,6 +36805,14 @@ err:
return WOLFSSL_SUCCESS;
}
int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509)
{
/* TODO: Add X509 certificate to CertificateManager... */
(void)ctx;
(void)x509;
return 0;
}
#ifndef NO_WOLFSSL_STUB
int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name) {
#ifndef NO_FILESYSTEM
@ -41074,14 +41094,14 @@ void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **
#endif /* WOLFSSL_NGINX / WOLFSSL_HAPROXY */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, char* names)
int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
{
int idx, start = 0, len;
int curve;
char name[MAX_CURVE_NAME_SZ];
/* Disable all curves so that only the ones the user wants are enabled. */
ctx->disabledCurves = (word32)-1;
ctx->disabledCurves = 0xFFFFFFFFUL;
for (idx = 1; names[idx-1] != '\0'; idx++) {
if (names[idx] != ':' && names[idx] != '\0')
continue;
@ -41118,7 +41138,15 @@ WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, char* names)
return WOLFSSL_SUCCESS;
}
#endif
int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names)
{
if (ssl == NULL) {
return WOLFSSL_FAILURE;
}
return wolfSSL_CTX_set1_curves_list(ssl->ctx, names);
}
#endif /* OPENSSL_EXTRA && HAVE_ECC */
#ifdef OPENSSL_EXTRA
#ifndef NO_WOLFSSL_STUB

17
wolfssl/internal.h
View File

@ -2661,6 +2661,10 @@ struct WOLFSSL_CTX {
#endif
#endif /* WOLFSSL_DTLS */
VerifyCallback verifyCallback; /* cert verification callback */
#ifdef OPENSSL_ALL
CertVerifyCallback verifyCertCb;
void* verifyCertCbArg;
#endif /* OPENSSL_ALL */
word32 timeout; /* session timeout */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
word32 ecdhCurveOID; /* curve Ecc_Sum */
@ -4082,14 +4086,11 @@ struct WOLFSSL {
};
WOLFSSL_LOCAL
int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*, int);
WOLFSSL_LOCAL
int InitSSL(WOLFSSL*, WOLFSSL_CTX*, int);
WOLFSSL_LOCAL
void FreeSSL(WOLFSSL*, void* heap);
WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
WOLFSSL_LOCAL int SSL_CTX_RefCount(WOLFSSL_CTX* ctx, int incr);
WOLFSSL_LOCAL int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*, int);
WOLFSSL_LOCAL int InitSSL(WOLFSSL*, WOLFSSL_CTX*, int);
WOLFSSL_LOCAL void FreeSSL(WOLFSSL*, void* heap);
WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
#ifndef NO_CERTS

32
wolfssl/openssl/ossl_typ.h
View File

@ -1,2 +1,32 @@
/* ossl_typ.h for openssl */
/* ossl_typ.h
*
* Copyright (C) 2006-2019 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/*!
\file wolfssl/openssl/ossl_typ.h
*/
#ifndef WOLFSSL_OSSL_TYP_H_
#define WOLFSSL_OSSL_TYP_H_
#include <wolfssl/openssl/ssl.h>
#endif /* !WOLFSSL_OSSL_TYP_H_ */

19
wolfssl/openssl/ssl.h
View File

@ -192,6 +192,7 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
#define TLSv1_3_method wolfTLSv1_3_method
#define TLSv1_3_server_method wolfTLSv1_3_server_method
#define TLSv1_3_client_method wolfTLSv1_3_client_method
#define TLS_method wolfSSLv23_method
#define X509_FILETYPE_ASN1 SSL_FILETYPE_ASN1
@ -202,6 +203,7 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
#define DTLSv1_server_method wolfDTLSv1_server_method
#define DTLSv1_2_client_method wolfDTLSv1_2_client_method
#define DTLSv1_2_server_method wolfDTLSv1_2_server_method
#define DTLS_method wolfDTLS_method
#endif
@ -219,6 +221,9 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
#endif
#define SSL_CTX_new(method) wolfSSL_CTX_new((WOLFSSL_METHOD*)(method))
#ifdef OPENSSL_EXTRA
#define SSL_CTX_up_ref wolfSSL_CTX_up_ref
#endif
#define SSL_new wolfSSL_new
#define SSL_set_fd wolfSSL_set_fd
#define SSL_get_fd wolfSSL_get_fd
@ -245,6 +250,7 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
#define SSL_CTX_get_session_cache_mode(ctx) 0
#define SSL_CTX_set_verify wolfSSL_CTX_set_verify
#define SSL_CTX_set_cert_verify_callback wolfSSL_CTX_set_cert_verify_callback
#define SSL_set_verify wolfSSL_set_verify
#define SSL_set_verify_result wolfSSL_set_verify_result
#define SSL_pending wolfSSL_pending
@ -280,7 +286,8 @@ typedef WOLFSSL_X509_VERIFY_PARAM X509_VERIFY_PARAM;
#define SSL_CIPHER_get_name wolfSSL_CIPHER_get_name
#define SSL_CIPHER_get_version wolfSSL_CIPHER_get_version
#define SSL_CIPHER_get_id wolfSSL_CIPHER_get_id
#define SSL_CIPHER_get_rfc_name wolfSSL_CIPHER_get_rfc_name
#define SSL_CIPHER_get_rfc_name wolfSSL_CIPHER_get_name
#define SSL_CIPHER_standard_name wolfSSL_CIPHER_get_name
#define SSL_get_cipher_by_value wolfSSL_get_cipher_by_value
#define SSL_get1_session wolfSSL_get1_session
@ -472,6 +479,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#define X509_STORE_CTX_get0_current_issuer \
wolfSSL_X509_STORE_CTX_get0_current_issuer
#define X509_STORE_CTX_get0_store wolfSSL_X509_STORE_CTX_get0_store
#define X509_STORE_CTX_get0_cert wolfSSL_X509_STORE_CTX_get0_cert
#define X509_STORE_new wolfSSL_X509_STORE_new
#define X509_STORE_free wolfSSL_X509_STORE_free
@ -803,6 +811,7 @@ typedef WOLFSSL_X509_NAME_ENTRY X509_NAME_ENTRY;
#endif
#define SSL_CTX_use_certificate wolfSSL_CTX_use_certificate
#define SSL_CTX_add1_chain_cert wolfSSL_CTX_add1_chain_cert
#define SSL_CTX_use_PrivateKey wolfSSL_CTX_use_PrivateKey
#define BIO_read_filename wolfSSL_BIO_read_filename
#define SSL_CTX_set_verify_depth wolfSSL_CTX_set_verify_depth
@ -870,7 +879,7 @@ enum {
#define SSL_CTX_get_app_data(ctx) wolfSSL_CTX_get_ex_data(ctx,0)
#define SSL_CTX_set_app_data(ctx,arg) wolfSSL_CTX_set_ex_data(ctx,0, \
(char *)(arg))
#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
#endif /* OPENSSL_ALL || WOLFSSL_ASIO || WOLFSSL_HAPROXY */
#define SSL_CTX_set_tmp_dh wolfSSL_CTX_set_tmp_dh
@ -1101,11 +1110,15 @@ enum {
#define SSL_set_alpn_protos wolfSSL_set_alpn_protos
#define SSL_get0_next_proto_negotiated wolfSSL_get0_next_proto_negotiated
#define SSL_is_server wolfSSL_is_server
#define SSL_CTX_set1_curves_list wolfSSL_CTX_set1_curves_list
#endif /* WOLFSSL_NGINX || WOLFSSL_HAPROXY || WOLFSSL_MYSQL_COMPATIBLE ||
OPENSSL_ALL || HAVE_LIGHTY */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#define SSL_CTX_set1_curves_list wolfSSL_CTX_set1_curves_list
#define SSL_set1_curves_list wolfSSL_set1_curves_list
#endif
#ifdef OPENSSL_EXTRA
#define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA
#define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password

25
wolfssl/ssl.h
View File

@ -806,6 +806,9 @@ WOLFSSL_API int wolfSSL_use_RSAPrivateKey_file(WOLFSSL*, const char*, int);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_CTX_up_ref(WOLFSSL_CTX*);
#endif
WOLFSSL_ABI WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(WOLFSSL* ssl);
WOLFSSL_API WOLFSSL_X509_VERIFY_PARAM* wolfSSL_get0_param(WOLFSSL* ssl);
@ -922,6 +925,13 @@ WOLFSSL_API int wolfSSL_get_ex_new_index(long argValue, void* arg,
WOLFSSL_API void wolfSSL_CTX_set_verify(WOLFSSL_CTX*, int,
VerifyCallback verify_callback);
#ifdef OPENSSL_ALL
typedef int (*CertVerifyCallback)(WOLFSSL_X509_STORE_CTX* store, void* arg);
WOLFSSL_API void wolfSSL_CTX_set_cert_verify_callback(WOLFSSL_CTX* ctx,
CertVerifyCallback cb, void* arg);
#endif
WOLFSSL_API void wolfSSL_set_verify(WOLFSSL*, int, VerifyCallback verify_callback);
WOLFSSL_API void wolfSSL_set_verify_result(WOLFSSL*, long);
WOLFSSL_API void wolfSSL_SetCertCbCtx(WOLFSSL*, void*);
@ -1109,7 +1119,6 @@ WOLFSSL_API char* wolfSSL_CIPHER_description(const WOLFSSL_CIPHER*, char*, int);
WOLFSSL_API const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
WOLFSSL_API const char* wolfSSL_CIPHER_get_version(const WOLFSSL_CIPHER* cipher);
WOLFSSL_API word32 wolfSSL_CIPHER_get_id(const WOLFSSL_CIPHER* cipher);
WOLFSSL_API char* wolfSSL_CIPHER_get_rfc_name(const WOLFSSL_CIPHER* cipher);
WOLFSSL_API const WOLFSSL_CIPHER* wolfSSL_get_cipher_by_value(word16 value);
WOLFSSL_API const char* wolfSSL_SESSION_CIPHER_get_name(WOLFSSL_SESSION* session);
WOLFSSL_API const char* wolfSSL_get_cipher(WOLFSSL*);
@ -1179,7 +1188,7 @@ WOLFSSL_API int wolfSSL_BIO_meth_set_gets(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_
WOLFSSL_API int wolfSSL_BIO_meth_set_ctrl(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_ctrl_get_cb);
WOLFSSL_API int wolfSSL_BIO_meth_set_create(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_create_cb);
WOLFSSL_API int wolfSSL_BIO_meth_set_destroy(WOLFSSL_BIO_METHOD*, wolfSSL_BIO_meth_destroy_cb);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(const void* buf, int len);
WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag);
#ifndef NO_FILESYSTEM
@ -1429,6 +1438,8 @@ WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_current_issuer(
WOLFSSL_X509_STORE_CTX* ctx);
WOLFSSL_API WOLFSSL_X509_STORE* wolfSSL_X509_STORE_CTX_get0_store(
WOLFSSL_X509_STORE_CTX* ctx);
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_cert(
WOLFSSL_X509_STORE_CTX*);
WOLFSSL_API int wolfSSL_get_ex_data_X509_STORE_CTX_idx(void);
WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_error(
WOLFSSL_X509_STORE_CTX* ctx, int er);
@ -3243,7 +3254,8 @@ struct WOLFSSL_ASN1_BIT_STRING {
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX *ctx, WOLFSSL_X509 *x);
WOLFSSL_API char wolfSSL_CTX_use_certificate(WOLFSSL_CTX*, WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX*, WOLFSSL_X509*);
WOLFSSL_API int wolfSSL_BIO_read_filename(WOLFSSL_BIO *b, const char *name);
/* These are to be merged shortly */
WOLFSSL_API void wolfSSL_set_verify_depth(WOLFSSL *ssl,int depth);
@ -3464,6 +3476,11 @@ WOLFSSL_API void wolfSSL_X509_OBJECT_free(WOLFSSL_X509_OBJECT *a);
WOLFSSL_API void wolfSSL_sk_X509_pop_free(WOLF_STACK_OF(WOLFSSL_X509)* sk, void (*f) (WOLFSSL_X509*));
#endif /* OPENSSL_ALL || HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY || HAVE_LIGHTY */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names);
WOLFSSL_API int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names);
#endif /* OPENSSL_EXTRA && HAVE_ECC */
#if defined(OPENSSL_ALL) || \
defined(HAVE_STUNNEL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
@ -3485,8 +3502,6 @@ WOLFSSL_API int wolfSSL_CTX_AsyncPoll(WOLFSSL_CTX* ctx, WOLF_EVENT** events, int
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, char* names);
typedef void (*SSL_Msg_Cb)(int write_p, int version, int content_type,
const void *buf, size_t len, WOLFSSL *ssl, void *arg);