len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-08-19 17:48:33 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update WolfSSL library to the latest version.

Browse source
This commit is contained in:
Richard Barry 2015-08-28 13:46:22 +00:00
parent 8af1ad9bac
commit 5a6242fbd0
443 changed files with 70230 additions and 45414 deletions
Download patch file Download diff file Expand all files Collapse all files

295
FreeRTOS-Plus/Source/WolfSSL/src/crl.c
View file

@ -1,15 +1,15 @@
/* crl.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of CyaSSL.
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* CyaSSL is free software; you can redistribute it and/or modify
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
@ -19,16 +19,18 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* Name change compatibility layer no longer needs included here */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <wolfssl/wolfcrypt/settings.h>
#ifdef HAVE_CRL
#include <cyassl/internal.h>
#include <cyassl/error-ssl.h>
#include <wolfssl/internal.h>
#include <wolfssl/error-ssl.h>
#include <dirent.h>
#include <sys/stat.h>
@ -40,9 +42,9 @@
/* Initialze CRL members */
int InitCRL(CYASSL_CRL* crl, CYASSL_CERT_MANAGER* cm)
int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm)
{
CYASSL_ENTER("InitCRL");
WOLFSSL_ENTER("InitCRL");
crl->cm = cm;
crl->crlList = NULL;
@ -62,10 +64,10 @@ int InitCRL(CYASSL_CRL* crl, CYASSL_CERT_MANAGER* cm)
/* Initialze CRL Entry */
static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl)
{
CYASSL_ENTER("InitCRL_Entry");
WOLFSSL_ENTER("InitCRL_Entry");
XMEMCPY(crle->issuerHash, dcrl->issuerHash, SHA_DIGEST_SIZE);
/* XMEMCPY(crle->crlHash, dcrl->crlHash, SHA_DIGEST_SIZE);
XMEMCPY(crle->issuerHash, dcrl->issuerHash, CRL_DIGEST_SIZE);
/* XMEMCPY(crle->crlHash, dcrl->crlHash, CRL_DIGEST_SIZE);
* copy the hash here if needed for optimized comparisons */
XMEMCPY(crle->lastDate, dcrl->lastDate, MAX_DATE_SIZE);
XMEMCPY(crle->nextDate, dcrl->nextDate, MAX_DATE_SIZE);
@ -85,7 +87,7 @@ static void FreeCRL_Entry(CRL_Entry* crle)
{
RevokedCert* tmp = crle->certs;
CYASSL_ENTER("FreeCRL_Entry");
WOLFSSL_ENTER("FreeCRL_Entry");
while(tmp) {
RevokedCert* next = tmp->next;
@ -97,11 +99,11 @@ static void FreeCRL_Entry(CRL_Entry* crle)
/* Free all CRL resources */
void FreeCRL(CYASSL_CRL* crl, int dynamic)
void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
{
CRL_Entry* tmp = crl->crlList;
CYASSL_ENTER("FreeCRL");
WOLFSSL_ENTER("FreeCRL");
if (crl->monitors[0].path)
XFREE(crl->monitors[0].path, NULL, DYNAMIC_TYPE_CRL_MONITOR);
@ -118,11 +120,11 @@ void FreeCRL(CYASSL_CRL* crl, int dynamic)
#ifdef HAVE_CRL_MONITOR
if (crl->tid != 0) {
CYASSL_MSG("stopping monitor thread");
WOLFSSL_MSG("stopping monitor thread");
if (StopMonitor(crl->mfd) == 0)
pthread_join(crl->tid, NULL);
else {
CYASSL_MSG("stop monitor failed, cancel instead");
WOLFSSL_MSG("stop monitor failed, cancel instead");
pthread_cancel(crl->tid);
}
}
@ -134,28 +136,28 @@ void FreeCRL(CYASSL_CRL* crl, int dynamic)
/* Is the cert ok with CRL, return 0 on success */
int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert)
int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
{
CRL_Entry* crle;
int foundEntry = 0;
int ret = 0;
CYASSL_ENTER("CheckCertCRL");
WOLFSSL_ENTER("CheckCertCRL");
if (LockMutex(&crl->crlLock) != 0) {
CYASSL_MSG("LockMutex failed");
WOLFSSL_MSG("LockMutex failed");
return BAD_MUTEX_E;
}
crle = crl->crlList;
while (crle) {
if (XMEMCMP(crle->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE) == 0) {
CYASSL_MSG("Found CRL Entry on list");
CYASSL_MSG("Checking next date validity");
if (XMEMCMP(crle->issuerHash, cert->issuerHash, CRL_DIGEST_SIZE) == 0) {
WOLFSSL_MSG("Found CRL Entry on list");
WOLFSSL_MSG("Checking next date validity");
if (!ValidateDate(crle->nextDate, crle->nextDateFormat, AFTER)) {
CYASSL_MSG("CRL next date is no longer valid");
WOLFSSL_MSG("CRL next date is no longer valid");
ret = ASN_AFTER_DATE_E;
}
else
@ -170,7 +172,7 @@ int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert)
while (rc) {
if (XMEMCMP(rc->serialNumber, cert->serial, rc->serialSz) == 0) {
CYASSL_MSG("Cert revoked");
WOLFSSL_MSG("Cert revoked");
ret = CRL_CERT_REVOKED;
break;
}
@ -181,19 +183,19 @@ int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert)
UnLockMutex(&crl->crlLock);
if (foundEntry == 0) {
CYASSL_MSG("Couldn't find CRL for status check");
WOLFSSL_MSG("Couldn't find CRL for status check");
ret = CRL_MISSING;
if (crl->cm->cbMissingCRL) {
char url[256];
CYASSL_MSG("Issuing missing CRL callback");
WOLFSSL_MSG("Issuing missing CRL callback");
url[0] = '\0';
if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
url[cert->extCrlInfoSz] = '\0';
}
else {
CYASSL_MSG("CRL url too long");
WOLFSSL_MSG("CRL url too long");
}
crl->cm->cbMissingCRL(url);
}
@ -205,26 +207,26 @@ int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert)
/* Add Decoded CRL, 0 on success */
static int AddCRL(CYASSL_CRL* crl, DecodedCRL* dcrl)
static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl)
{
CRL_Entry* crle;
CYASSL_ENTER("AddCRL");
WOLFSSL_ENTER("AddCRL");
crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), NULL, DYNAMIC_TYPE_CRL_ENTRY);
if (crle == NULL) {
CYASSL_MSG("alloc CRL Entry failed");
WOLFSSL_MSG("alloc CRL Entry failed");
return -1;
}
if (InitCRL_Entry(crle, dcrl) < 0) {
CYASSL_MSG("Init CRL Entry failed");
WOLFSSL_MSG("Init CRL Entry failed");
XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY);
return -1;
}
if (LockMutex(&crl->crlLock) != 0) {
CYASSL_MSG("LockMutex failed");
WOLFSSL_MSG("LockMutex failed");
FreeCRL_Entry(crle);
XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY);
return BAD_MUTEX_E;
@ -238,16 +240,20 @@ static int AddCRL(CYASSL_CRL* crl, DecodedCRL* dcrl)
/* Load CRL File of type, SSL_SUCCESS on ok */
int BufferLoadCRL(CYASSL_CRL* crl, const byte* buff, long sz, int type)
int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type)
{
int ret = SSL_SUCCESS;
const byte* myBuffer = buff; /* if DER ok, otherwise switch */
buffer der;
DecodedCRL dcrl;
#ifdef WOLFSSL_SMALL_STACK
DecodedCRL* dcrl;
#else
DecodedCRL dcrl[1];
#endif
der.buffer = NULL;
CYASSL_ENTER("BufferLoadCRL");
WOLFSSL_ENTER("BufferLoadCRL");
if (crl == NULL || buff == NULL || sz == 0)
return BAD_FUNC_ARG;
@ -263,30 +269,43 @@ int BufferLoadCRL(CYASSL_CRL* crl, const byte* buff, long sz, int type)
sz = der.length;
}
else {
CYASSL_MSG("Pem to Der failed");
WOLFSSL_MSG("Pem to Der failed");
return -1;
}
}
InitDecodedCRL(&dcrl);
ret = ParseCRL(&dcrl, myBuffer, (word32)sz, crl->cm);
#ifdef WOLFSSL_SMALL_STACK
dcrl = (DecodedCRL*)XMALLOC(sizeof(DecodedCRL), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (dcrl == NULL) {
if (der.buffer)
XFREE(der.buffer, NULL, DYNAMIC_TYPE_CRL);
return MEMORY_E;
}
#endif
InitDecodedCRL(dcrl);
ret = ParseCRL(dcrl, myBuffer, (word32)sz, crl->cm);
if (ret != 0) {
CYASSL_MSG("ParseCRL error");
WOLFSSL_MSG("ParseCRL error");
}
else {
ret = AddCRL(crl, &dcrl);
ret = AddCRL(crl, dcrl);
if (ret != 0) {
CYASSL_MSG("AddCRL error");
WOLFSSL_MSG("AddCRL error");
}
}
FreeDecodedCRL(&dcrl);
FreeDecodedCRL(dcrl);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (der.buffer)
XFREE(der.buffer, NULL, DYNAMIC_TYPE_CRL);
if (ret == 0)
return SSL_SUCCESS; /* convert */
return ret;
return ret ? ret : SSL_SUCCESS; /* convert 0 to SSL_SUCCESS */
}
@ -294,50 +313,76 @@ int BufferLoadCRL(CYASSL_CRL* crl, const byte* buff, long sz, int type)
/* read in new CRL entries and save new list */
static int SwapLists(CYASSL_CRL* crl)
static int SwapLists(WOLFSSL_CRL* crl)
{
int ret;
CYASSL_CRL tmp;
CRL_Entry* newList;
#ifdef WOLFSSL_SMALL_STACK
WOLFSSL_CRL* tmp;
#else
WOLFSSL_CRL tmp[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
tmp = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL)
return MEMORY_E;
#endif
if (InitCRL(&tmp, crl->cm) < 0) {
CYASSL_MSG("Init tmp CRL failed");
if (InitCRL(tmp, crl->cm) < 0) {
WOLFSSL_MSG("Init tmp CRL failed");
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
}
if (crl->monitors[0].path) {
ret = LoadCRL(&tmp, crl->monitors[0].path, SSL_FILETYPE_PEM, 0);
ret = LoadCRL(tmp, crl->monitors[0].path, SSL_FILETYPE_PEM, 0);
if (ret != SSL_SUCCESS) {
CYASSL_MSG("PEM LoadCRL on dir change failed");
FreeCRL(&tmp, 0);
WOLFSSL_MSG("PEM LoadCRL on dir change failed");
FreeCRL(tmp, 0);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
}
}
if (crl->monitors[1].path) {
ret = LoadCRL(&tmp, crl->monitors[1].path, SSL_FILETYPE_ASN1, 0);
ret = LoadCRL(tmp, crl->monitors[1].path, SSL_FILETYPE_ASN1, 0);
if (ret != SSL_SUCCESS) {
CYASSL_MSG("DER LoadCRL on dir change failed");
FreeCRL(&tmp, 0);
WOLFSSL_MSG("DER LoadCRL on dir change failed");
FreeCRL(tmp, 0);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
}
}
if (LockMutex(&crl->crlLock) != 0) {
CYASSL_MSG("LockMutex failed");
FreeCRL(&tmp, 0);
WOLFSSL_MSG("LockMutex failed");
FreeCRL(tmp, 0);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return -1;
}
newList = tmp.crlList;
newList = tmp->crlList;
/* swap lists */
tmp.crlList = crl->crlList;
tmp->crlList = crl->crlList;
crl->crlList = newList;
UnLockMutex(&crl->crlLock);
FreeCRL(&tmp, 0);
FreeCRL(tmp, 0);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
@ -373,7 +418,7 @@ static int StopMonitor(int mfd)
/* trigger custom shutdown */
EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, 0, NOTE_TRIGGER, 0, NULL);
if (kevent(mfd, &change, 1, NULL, 0, NULL) < 0) {
CYASSL_MSG("kevent trigger customer event failed");
WOLFSSL_MSG("kevent trigger customer event failed");
return -1;
}
@ -387,20 +432,20 @@ static void* DoMonitor(void* arg)
int fPEM, fDER;
struct kevent change;
CYASSL_CRL* crl = (CYASSL_CRL*)arg;
WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
CYASSL_ENTER("DoMonitor");
WOLFSSL_ENTER("DoMonitor");
crl->mfd = kqueue();
if (crl->mfd == -1) {
CYASSL_MSG("kqueue failed");
WOLFSSL_MSG("kqueue failed");
return NULL;
}
/* listen for custom shutdown event */
EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, EV_ADD, 0, 0, NULL);
if (kevent(crl->mfd, &change, 1, NULL, 0, NULL) < 0) {
CYASSL_MSG("kevent monitor customer event failed");
WOLFSSL_MSG("kevent monitor customer event failed");
close(crl->mfd);
return NULL;
}
@ -411,7 +456,7 @@ static void* DoMonitor(void* arg)
if (crl->monitors[0].path) {
fPEM = open(crl->monitors[0].path, XEVENT_MODE);
if (fPEM == -1) {
CYASSL_MSG("PEM event dir open failed");
WOLFSSL_MSG("PEM event dir open failed");
close(crl->mfd);
return NULL;
}
@ -420,7 +465,7 @@ static void* DoMonitor(void* arg)
if (crl->monitors[1].path) {
fDER = open(crl->monitors[1].path, XEVENT_MODE);
if (fDER == -1) {
CYASSL_MSG("DER event dir open failed");
WOLFSSL_MSG("DER event dir open failed");
close(crl->mfd);
return NULL;
}
@ -438,20 +483,20 @@ static void* DoMonitor(void* arg)
struct kevent event;
int numEvents = kevent(crl->mfd, &change, 1, &event, 1, NULL);
CYASSL_MSG("Got kevent");
WOLFSSL_MSG("Got kevent");
if (numEvents == -1) {
CYASSL_MSG("kevent problem, continue");
WOLFSSL_MSG("kevent problem, continue");
continue;
}
if (event.filter == EVFILT_USER) {
CYASSL_MSG("Got user shutdown event, breaking out");
WOLFSSL_MSG("Got user shutdown event, breaking out");
break;
}
if (SwapLists(crl) < 0) {
CYASSL_MSG("SwapLists problem, continue");
WOLFSSL_MSG("SwapLists problem, continue");
}
}
@ -489,7 +534,7 @@ static int StopMonitor(int mfd)
/* write to our custom event */
if (write(mfd, &w64, sizeof(w64)) < 0) {
CYASSL_MSG("StopMonitor write failed");
WOLFSSL_MSG("StopMonitor write failed");
return -1;
}
@ -502,19 +547,24 @@ static void* DoMonitor(void* arg)
{
int notifyFd;
int wd = -1;
CYASSL_CRL* crl = (CYASSL_CRL*)arg;
WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
#ifdef WOLFSSL_SMALL_STACK
char* buff;
#else
char buff[8192];
#endif
CYASSL_ENTER("DoMonitor");
WOLFSSL_ENTER("DoMonitor");
crl->mfd = eventfd(0, 0); /* our custom shutdown event */
if (crl->mfd < 0) {
CYASSL_MSG("eventfd failed");
WOLFSSL_MSG("eventfd failed");
return NULL;
}
notifyFd = inotify_init();
if (notifyFd < 0) {
CYASSL_MSG("inotify failed");
WOLFSSL_MSG("inotify failed");
close(crl->mfd);
return NULL;
}
@ -523,7 +573,7 @@ static void* DoMonitor(void* arg)
wd = inotify_add_watch(notifyFd, crl->monitors[0].path, IN_CLOSE_WRITE |
IN_DELETE);
if (wd < 0) {
CYASSL_MSG("PEM notify add watch failed");
WOLFSSL_MSG("PEM notify add watch failed");
close(crl->mfd);
close(notifyFd);
return NULL;
@ -534,17 +584,23 @@ static void* DoMonitor(void* arg)
wd = inotify_add_watch(notifyFd, crl->monitors[1].path, IN_CLOSE_WRITE |
IN_DELETE);
if (wd < 0) {
CYASSL_MSG("DER notify add watch failed");
WOLFSSL_MSG("DER notify add watch failed");
close(crl->mfd);
close(notifyFd);
return NULL;
}
}
#ifdef WOLFSSL_SMALL_STACK
buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buff == NULL)
return NULL;
#endif
for (;;) {
fd_set readfds;
char buff[8192];
int result, length;
fd_set readfds;
int result;
int length;
FD_ZERO(&readfds);
FD_SET(notifyFd, &readfds);
@ -552,29 +608,33 @@ static void* DoMonitor(void* arg)
result = select(max(notifyFd, crl->mfd) + 1, &readfds, NULL, NULL,NULL);
CYASSL_MSG("Got notify event");
WOLFSSL_MSG("Got notify event");
if (result < 0) {
CYASSL_MSG("select problem, continue");
WOLFSSL_MSG("select problem, continue");
continue;
}
if (FD_ISSET(crl->mfd, &readfds)) {
CYASSL_MSG("got custom shutdown event, breaking out");
WOLFSSL_MSG("got custom shutdown event, breaking out");
break;
}
length = read(notifyFd, buff, sizeof(buff));
length = read(notifyFd, buff, 8192);
if (length < 0) {
CYASSL_MSG("notify read problem, continue");
WOLFSSL_MSG("notify read problem, continue");
continue;
}
if (SwapLists(crl) < 0) {
CYASSL_MSG("SwapLists problem, continue");
WOLFSSL_MSG("SwapLists problem, continue");
}
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (wd > 0)
inotify_rm_watch(notifyFd, wd);
close(crl->mfd);
@ -592,24 +652,24 @@ static void* DoMonitor(void* arg)
/* Start Monitoring the CRL path(s) in a thread */
static int StartMonitorCRL(CYASSL_CRL* crl)
static int StartMonitorCRL(WOLFSSL_CRL* crl)
{
pthread_attr_t attr;
CYASSL_ENTER("StartMonitorCRL");
WOLFSSL_ENTER("StartMonitorCRL");
if (crl == NULL)
return BAD_FUNC_ARG;
if (crl->tid != 0) {
CYASSL_MSG("Monitor thread already running");
WOLFSSL_MSG("Monitor thread already running");
return MONITOR_RUNNING_E;
}
pthread_attr_init(&attr);
if (pthread_create(&crl->tid, &attr, DoMonitor, crl) != 0) {
CYASSL_MSG("Thread creation error");
WOLFSSL_MSG("Thread creation error");
return THREAD_CREATE_E;
}
@ -619,12 +679,12 @@ static int StartMonitorCRL(CYASSL_CRL* crl)
#else /* HAVE_CRL_MONITOR */
static int StartMonitorCRL(CYASSL_CRL* crl)
static int StartMonitorCRL(WOLFSSL_CRL* crl)
{
(void)crl;
CYASSL_ENTER("StartMonitorCRL");
CYASSL_MSG("Not compiled in");
WOLFSSL_ENTER("StartMonitorCRL");
WOLFSSL_MSG("Not compiled in");
return NOT_COMPILED_IN;
}
@ -633,39 +693,50 @@ static int StartMonitorCRL(CYASSL_CRL* crl)
/* Load CRL path files of type, SSL_SUCCESS on ok */
int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor)
int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
{
struct dirent* entry;
DIR* dir;
int ret = SSL_SUCCESS;
DIR* dir;
int ret = SSL_SUCCESS;
#ifdef WOLFSSL_SMALL_STACK
char* name;
#else
char name[MAX_FILENAME_SZ];
#endif
CYASSL_ENTER("LoadCRL");
WOLFSSL_ENTER("LoadCRL");
if (crl == NULL)
return BAD_FUNC_ARG;
dir = opendir(path);
if (dir == NULL) {
CYASSL_MSG("opendir path crl load failed");
WOLFSSL_MSG("opendir path crl load failed");
return BAD_PATH_ERROR;
}
#ifdef WOLFSSL_SMALL_STACK
name = (char*)XMALLOC(MAX_FILENAME_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (name == NULL)
return MEMORY_E;
#endif
while ( (entry = readdir(dir)) != NULL) {
char name[MAX_FILENAME_SZ];
struct stat s;
XMEMSET(name, 0, sizeof(name));
XMEMSET(name, 0, MAX_FILENAME_SZ);
XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
XSTRNCAT(name, "/", 1);
XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
if (stat(name, &s) != 0) {
CYASSL_MSG("stat on name failed");
WOLFSSL_MSG("stat on name failed");
continue;
}
if (s.st_mode & S_IFREG) {
if (type == SSL_FILETYPE_PEM) {
if (strstr(entry->d_name, ".pem") == NULL) {
CYASSL_MSG("not .pem file, skipping");
WOLFSSL_MSG("not .pem file, skipping");
continue;
}
}
@ -673,20 +744,24 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor)
if (strstr(entry->d_name, ".der") == NULL &&
strstr(entry->d_name, ".crl") == NULL) {
CYASSL_MSG("not .der or .crl file, skipping");
WOLFSSL_MSG("not .der or .crl file, skipping");
continue;
}
}
if (ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl)
!= SSL_SUCCESS) {
CYASSL_MSG("CRL file load failed, continuing");
WOLFSSL_MSG("CRL file load failed, continuing");
}
}
}
if (monitor & CYASSL_CRL_MONITOR) {
CYASSL_MSG("monitor path requested");
#ifdef WOLFSSL_SMALL_STACK
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (monitor & WOLFSSL_CRL_MONITOR) {
WOLFSSL_MSG("monitor path requested");
if (type == SSL_FILETYPE_PEM) {
crl->monitors[0].path = strdup(path);
@ -700,8 +775,8 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor)
ret = MEMORY_E;
}
if (monitor & CYASSL_CRL_START_MON) {
CYASSL_MSG("start monitoring requested");
if (monitor & WOLFSSL_CRL_START_MON) {
WOLFSSL_MSG("start monitoring requested");
ret = StartMonitorCRL(crl);
}

337
FreeRTOS-Plus/Source/WolfSSL/src/include.am
View file

@ -2,156 +2,221 @@
# included from Top Level Makefile.am
# All paths should be given relative to the root
lib_LTLIBRARIES+= src/libcyassl.la
src_libcyassl_la_SOURCES =
lib_LTLIBRARIES+= src/libwolfssl.la
src_libwolfssl_la_SOURCES =
src_libwolfssl_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${WOLFSSL_LIBRARY_VERSION}
src_libwolfssl_la_LIBADD = $(LIBM)
src_libwolfssl_la_CFLAGS = -DBUILDING_WOLFSSL $(AM_CFLAGS)
src_libwolfssl_la_CPPFLAGS = -DBUILDING_WOLFSSL $(AM_CPPFLAGS)
# fips first file
if BUILD_FIPS
src_libcyassl_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c
src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c
src_libwolfssl_la_SOURCES += \
ctaocrypt/src/hmac.c \
ctaocrypt/src/random.c \
ctaocrypt/src/sha256.c
if BUILD_RSA
src_libwolfssl_la_SOURCES += ctaocrypt/src/rsa.c
endif
src_libcyassl_la_SOURCES += \
if BUILD_AES
src_libwolfssl_la_SOURCES += ctaocrypt/src/aes.c
endif
if BUILD_DES3
src_libwolfssl_la_SOURCES += ctaocrypt/src/des3.c
endif
if BUILD_SHA
src_libwolfssl_la_SOURCES += ctaocrypt/src/sha.c
endif
if BUILD_SHA512
src_libwolfssl_la_SOURCES += ctaocrypt/src/sha512.c
endif
src_libwolfssl_la_SOURCES += ctaocrypt/src/fips.c
src_libwolfssl_la_SOURCES += ctaocrypt/src/fips_test.c
# fips last file
src_libwolfssl_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c
endif
src_libwolfssl_la_SOURCES += \
wolfcrypt/src/hmac.c \
wolfcrypt/src/random.c \
wolfcrypt/src/sha256.c \
wolfcrypt/src/hash.c
if BUILD_RSA
src_libwolfssl_la_SOURCES += wolfcrypt/src/rsa.c
endif
if BUILD_AES
src_libwolfssl_la_SOURCES += wolfcrypt/src/aes.c
endif
if BUILD_DES3
src_libwolfssl_la_SOURCES += wolfcrypt/src/des3.c
endif
if BUILD_SHA
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha.c
endif
if BUILD_SHA512
src_libwolfssl_la_SOURCES += wolfcrypt/src/sha512.c
endif
src_libwolfssl_la_SOURCES += \
wolfcrypt/src/logging.c \
wolfcrypt/src/wc_port.c \
wolfcrypt/src/error.c
if BUILD_MEMORY
src_libwolfssl_la_SOURCES += wolfcrypt/src/memory.c
endif
if BUILD_DH
src_libwolfssl_la_SOURCES += wolfcrypt/src/dh.c
endif
if BUILD_ASN
src_libwolfssl_la_SOURCES += wolfcrypt/src/asn.c
endif
if BUILD_CODING
src_libwolfssl_la_SOURCES += wolfcrypt/src/coding.c
endif
if BUILD_POLY1305
src_libwolfssl_la_SOURCES += wolfcrypt/src/poly1305.c
endif
if BUILD_RC4
src_libwolfssl_la_SOURCES += wolfcrypt/src/arc4.c
endif
if BUILD_MD4
src_libwolfssl_la_SOURCES += wolfcrypt/src/md4.c
endif
if BUILD_MD5
src_libwolfssl_la_SOURCES += wolfcrypt/src/md5.c
endif
if BUILD_PWDBASED
src_libwolfssl_la_SOURCES += wolfcrypt/src/pwdbased.c
endif
if BUILD_DSA
src_libwolfssl_la_SOURCES += wolfcrypt/src/dsa.c
endif
if BUILD_AESNI
src_libwolfssl_la_SOURCES += wolfcrypt/src/aes_asm.s
endif
if BUILD_CAMELLIA
src_libwolfssl_la_SOURCES += wolfcrypt/src/camellia.c
endif
if BUILD_MD2
src_libwolfssl_la_SOURCES += wolfcrypt/src/md2.c
endif
if BUILD_RIPEMD
src_libwolfssl_la_SOURCES += wolfcrypt/src/ripemd.c
endif
if BUILD_BLAKE2
src_libwolfssl_la_SOURCES += wolfcrypt/src/blake2b.c
endif
if BUILD_HC128
src_libwolfssl_la_SOURCES += wolfcrypt/src/hc128.c
endif
if BUILD_RABBIT
src_libwolfssl_la_SOURCES += wolfcrypt/src/rabbit.c
endif
if BUILD_CHACHA
src_libwolfssl_la_SOURCES += wolfcrypt/src/chacha.c
if BUILD_POLY1305
src_libwolfssl_la_SOURCES += wolfcrypt/src/chacha20_poly1305.c
endif
endif
if !BUILD_INLINE
src_libwolfssl_la_SOURCES += wolfcrypt/src/misc.c
endif
if BUILD_FASTMATH
src_libwolfssl_la_SOURCES += wolfcrypt/src/tfm.c
endif
if BUILD_SLOWMATH
src_libwolfssl_la_SOURCES += wolfcrypt/src/integer.c
endif
if BUILD_ECC
src_libwolfssl_la_SOURCES += wolfcrypt/src/ecc.c
endif
if BUILD_CURVE25519
src_libwolfssl_la_SOURCES += wolfcrypt/src/curve25519.c
endif
if BUILD_ED25519
src_libwolfssl_la_SOURCES += wolfcrypt/src/ed25519.c
endif
if BUILD_FEMATH
if BUILD_CURVED25519_SMALL
src_libwolfssl_la_SOURCES += wolfcrypt/src/fe_low_mem.c
else
src_libwolfssl_la_SOURCES += wolfcrypt/src/fe_operations.c
endif
endif
if BUILD_GEMATH
if BUILD_CURVED25519_SMALL
src_libwolfssl_la_SOURCES += wolfcrypt/src/ge_low_mem.c
else
src_libwolfssl_la_SOURCES += wolfcrypt/src/ge_operations.c
endif
endif
if BUILD_LIBZ
src_libwolfssl_la_SOURCES += wolfcrypt/src/compress.c
endif
if BUILD_PKCS7
src_libwolfssl_la_SOURCES += wolfcrypt/src/pkcs7.c
endif
# ssl files
src_libwolfssl_la_SOURCES += \
src/internal.c \
src/io.c \
src/keys.c \
src/ssl.c \
src/tls.c \
ctaocrypt/src/hmac.c \
ctaocrypt/src/random.c \
ctaocrypt/src/sha256.c \
ctaocrypt/src/logging.c \
ctaocrypt/src/wc_port.c \
ctaocrypt/src/error.c
src_libcyassl_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${CYASSL_LIBRARY_VERSION}
src_libcyassl_la_LIBADD = $(LIBM)
src_libcyassl_la_CFLAGS = -DBUILDING_CYASSL $(AM_CFLAGS)
src_libcyassl_la_CPPFLAGS = -DBUILDING_CYASSL $(AM_CPPFLAGS)
if BUILD_MEMORY
src_libcyassl_la_SOURCES += ctaocrypt/src/memory.c
endif
if BUILD_RSA
src_libcyassl_la_SOURCES += ctaocrypt/src/rsa.c
endif
if BUILD_DH
src_libcyassl_la_SOURCES += ctaocrypt/src/dh.c
endif
if BUILD_ASN
src_libcyassl_la_SOURCES += ctaocrypt/src/asn.c
endif
if BUILD_FIPS
src_libcyassl_la_SOURCES += ctaocrypt/src/fips.c
src_libcyassl_la_SOURCES += ctaocrypt/src/fips_test.c
endif
if BUILD_CODING
src_libcyassl_la_SOURCES += ctaocrypt/src/coding.c
endif
if BUILD_AES
src_libcyassl_la_SOURCES += ctaocrypt/src/aes.c
endif
if BUILD_DES3
src_libcyassl_la_SOURCES += ctaocrypt/src/des3.c
endif
if BUILD_SHA
src_libcyassl_la_SOURCES += ctaocrypt/src/sha.c
endif
if BUILD_RC4
src_libcyassl_la_SOURCES += ctaocrypt/src/arc4.c
endif
if BUILD_MD4
src_libcyassl_la_SOURCES += ctaocrypt/src/md4.c
endif
if BUILD_MD5
src_libcyassl_la_SOURCES += ctaocrypt/src/md5.c
endif
if BUILD_PWDBASED
src_libcyassl_la_SOURCES += ctaocrypt/src/pwdbased.c
endif
if BUILD_DSA
src_libcyassl_la_SOURCES += ctaocrypt/src/dsa.c
endif
if BUILD_AESNI
src_libcyassl_la_SOURCES += ctaocrypt/src/aes_asm.s
endif
if BUILD_CAMELLIA
src_libcyassl_la_SOURCES += ctaocrypt/src/camellia.c
endif
if BUILD_MD2
src_libcyassl_la_SOURCES += ctaocrypt/src/md2.c
endif
if BUILD_RIPEMD
src_libcyassl_la_SOURCES += ctaocrypt/src/ripemd.c
endif
if BUILD_SHA512
src_libcyassl_la_SOURCES += ctaocrypt/src/sha512.c
endif
if BUILD_BLAKE2
src_libcyassl_la_SOURCES += ctaocrypt/src/blake2b.c
endif
if BUILD_SNIFFER
src_libcyassl_la_SOURCES += src/sniffer.c
endif
if BUILD_HC128
src_libcyassl_la_SOURCES += ctaocrypt/src/hc128.c
endif
if BUILD_RABBIT
src_libcyassl_la_SOURCES += ctaocrypt/src/rabbit.c
endif
if !BUILD_INLINE
src_libcyassl_la_SOURCES += ctaocrypt/src/misc.c
endif
if BUILD_FASTMATH
src_libcyassl_la_SOURCES += ctaocrypt/src/tfm.c
endif
if BUILD_SLOWMATH
src_libcyassl_la_SOURCES += ctaocrypt/src/integer.c
endif
if BUILD_ECC
src_libcyassl_la_SOURCES += ctaocrypt/src/ecc.c
endif
src/tls.c
if BUILD_OCSP
src_libcyassl_la_SOURCES += src/ocsp.c
src_libwolfssl_la_SOURCES += src/ocsp.c
endif
if BUILD_CRL
src_libcyassl_la_SOURCES += src/crl.c
src_libwolfssl_la_SOURCES += src/crl.c
endif
if BUILD_LIBZ
src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c
endif
if BUILD_PKCS7
src_libcyassl_la_SOURCES += ctaocrypt/src/pkcs7.c
endif
if BUILD_FIPS
src_libcyassl_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c
if BUILD_SNIFFER
src_libwolfssl_la_SOURCES += src/sniffer.c
endif

7159
FreeRTOS-Plus/Source/WolfSSL/src/internal.c
View file

File diff suppressed because it is too large Load diff

435
FreeRTOS-Plus/Source/WolfSSL/src/io.c
View file

@ -1,15 +1,15 @@
/* io.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of CyaSSL.
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* CyaSSL is free software; you can redistribute it and/or modify
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
@ -19,32 +19,34 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <wolfssl/wolfcrypt/settings.h>
#ifdef _WIN32_WCE
/* On WinCE winsock2.h must be included before windows.h for socket stuff */
#include <winsock2.h>
#endif
#include <cyassl/internal.h>
#include <cyassl/error-ssl.h>
#include <wolfssl/internal.h>
#include <wolfssl/error-ssl.h>
/* if user writes own I/O callbacks they can define CYASSL_USER_IO to remove
/* if user writes own I/O callbacks they can define WOLFSSL_USER_IO to remove
automatic setting of default I/O functions EmbedSend() and EmbedReceive()
but they'll still need SetCallback xxx() at end of file
*/
#ifndef CYASSL_USER_IO
#ifndef WOLFSSL_USER_IO
#ifdef HAVE_LIBZ
#include "zlib.h"
#endif
#ifndef USE_WINDOWS_API
#ifdef CYASSL_LWIP
#ifdef WOLFSSL_LWIP
/* lwIP needs to be configured to use sockets API in this mode */
/* LWIP_SOCKET 1 in lwip/opt.h or in build */
#include "lwip/sockets.h"
@ -55,8 +57,8 @@
#elif defined(FREESCALE_MQX)
#include <posix.h>
#include <rtcs.h>
#elif defined(CYASSL_MDK_ARM)
#if defined(CYASSL_MDK5)
#elif defined(WOLFSSL_MDK_ARM)
#if defined(WOLFSSL_MDK5)
#include "cmsis_os.h"
#include "rl_fs.h"
#include "rl_net.h"
@ -64,12 +66,14 @@
#include <rtl.h>
#endif
#undef RNG
#include "CYASSL_MDK_ARM.h"
#include "WOLFSSL_MDK_ARM.h"
#undef RNG
#define RNG CyaSSL_RNG
#define RNG wolfSSL_RNG
/* for avoiding name conflict in "stm32f2xx.h" */
static int errno;
#elif defined(CYASSL_IAR_ARM)
#elif defined(WOLFSSL_TIRTOS)
#include <sys/socket.h>
#elif defined(WOLFSSL_IAR_ARM)
/* nothing */
#else
#include <sys/types.h>
@ -78,7 +82,8 @@
#include <unistd.h>
#endif
#include <fcntl.h>
#if !(defined(DEVKITPRO) || defined(HAVE_RTP_SYS) || defined(EBSNET))
#if !(defined(DEVKITPRO) || defined(HAVE_RTP_SYS) || defined(EBSNET)) \
&& !(defined(WOLFSSL_PICOTCP))
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
@ -133,8 +138,8 @@
#define SOCKET_EPIPE EPIPE
#define SOCKET_ECONNREFUSED RTCSERR_TCP_CONN_REFUSED
#define SOCKET_ECONNABORTED RTCSERR_TCP_CONN_ABORTED
#elif defined(CYASSL_MDK_ARM)
#if defined(CYASSL_MDK5)
#elif defined(WOLFSSL_MDK_ARM)
#if defined(WOLFSSL_MDK5)
#define SOCKET_EWOULDBLOCK BSD_ERROR_WOULDBLOCK
#define SOCKET_EAGAIN BSD_ERROR_LOCKED
#define SOCKET_ECONNRESET BSD_ERROR_CLOSED
@ -151,6 +156,14 @@
#define SOCKET_ECONNREFUSED SCK_ERROR
#define SOCKET_ECONNABORTED SCK_ERROR
#endif
#elif defined(WOLFSSL_PICOTCP)
#define SOCKET_EWOULDBLOCK PICO_ERR_EAGAIN
#define SOCKET_EAGAIN PICO_ERR_EAGAIN
#define SOCKET_ECONNRESET PICO_ERR_ECONNRESET
#define SOCKET_EINTR PICO_ERR_EINTR
#define SOCKET_EPIPE PICO_ERR_EIO
#define SOCKET_ECONNREFUSED PICO_ERR_ECONNREFUSED
#define SOCKET_ECONNABORTED PICO_ERR_ESHUTDOWN
#else
#define SOCKET_EWOULDBLOCK EWOULDBLOCK
#define SOCKET_EAGAIN EAGAIN
@ -168,9 +181,12 @@
int net_recv(int, void*, int, unsigned int);
#define SEND_FUNCTION net_send
#define RECV_FUNCTION net_recv
#elif defined(CYASSL_LWIP)
#elif defined(WOLFSSL_LWIP)
#define SEND_FUNCTION lwip_send
#define RECV_FUNCTION lwip_recv
#elif defined(WOLFSSL_PICOTCP)
#define SEND_FUNCTION pico_send
#define RECV_FUNCTION pico_recv
#else
#define SEND_FUNCTION send
#define RECV_FUNCTION recv
@ -214,17 +230,17 @@ static INLINE int LastError(void)
/* The receive embedded callback
* return : nb bytes read, or error
*/
int EmbedReceive(CYASSL *ssl, char *buf, int sz, void *ctx)
int EmbedReceive(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
int recvd;
int err;
int sd = *(int*)ctx;
#ifdef CYASSL_DTLS
#ifdef WOLFSSL_DTLS
{
int dtls_timeout = CyaSSL_dtls_get_current_timeout(ssl);
if (CyaSSL_dtls(ssl)
&& !CyaSSL_get_using_nonblock(ssl)
int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);
if (wolfSSL_dtls(ssl)
&& !wolfSSL_get_using_nonblock(ssl)
&& dtls_timeout != 0) {
#ifdef USE_WINDOWS_API
DWORD timeout = dtls_timeout * 1000;
@ -235,7 +251,7 @@ int EmbedReceive(CYASSL *ssl, char *buf, int sz, void *ctx)
#endif
if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,
sizeof(timeout)) != 0) {
CYASSL_MSG("setsockopt rcvtimeo failed");
WOLFSSL_MSG("setsockopt rcvtimeo failed");
}
}
}
@ -247,42 +263,42 @@ int EmbedReceive(CYASSL *ssl, char *buf, int sz, void *ctx)
if (recvd < 0) {
err = LastError();
CYASSL_MSG("Embed Receive error");
WOLFSSL_MSG("Embed Receive error");
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
if (!CyaSSL_dtls(ssl) || CyaSSL_get_using_nonblock(ssl)) {
CYASSL_MSG(" Would block");
return CYASSL_CBIO_ERR_WANT_READ;
if (!wolfSSL_dtls(ssl) || wolfSSL_get_using_nonblock(ssl)) {
WOLFSSL_MSG(" Would block");
return WOLFSSL_CBIO_ERR_WANT_READ;
}
else {
CYASSL_MSG(" Socket timeout");
return CYASSL_CBIO_ERR_TIMEOUT;
WOLFSSL_MSG(" Socket timeout");
return WOLFSSL_CBIO_ERR_TIMEOUT;
}
}
else if (err == SOCKET_ECONNRESET) {
CYASSL_MSG(" Connection reset");
return CYASSL_CBIO_ERR_CONN_RST;
WOLFSSL_MSG(" Connection reset");
return WOLFSSL_CBIO_ERR_CONN_RST;
}
else if (err == SOCKET_EINTR) {
CYASSL_MSG(" Socket interrupted");
return CYASSL_CBIO_ERR_ISR;
WOLFSSL_MSG(" Socket interrupted");
return WOLFSSL_CBIO_ERR_ISR;
}
else if (err == SOCKET_ECONNREFUSED) {
CYASSL_MSG(" Connection refused");
return CYASSL_CBIO_ERR_WANT_READ;
WOLFSSL_MSG(" Connection refused");
return WOLFSSL_CBIO_ERR_WANT_READ;
}
else if (err == SOCKET_ECONNABORTED) {
CYASSL_MSG(" Connection aborted");
return CYASSL_CBIO_ERR_CONN_CLOSE;
WOLFSSL_MSG(" Connection aborted");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
else {
CYASSL_MSG(" General error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG(" General error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
else if (recvd == 0) {
CYASSL_MSG("Embed receive connection closed");
return CYASSL_CBIO_ERR_CONN_CLOSE;
WOLFSSL_MSG("Embed receive connection closed");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
return recvd;
@ -291,7 +307,7 @@ int EmbedReceive(CYASSL *ssl, char *buf, int sz, void *ctx)
/* The send embedded callback
* return : nb bytes sent, or error
*/
int EmbedSend(CYASSL* ssl, char *buf, int sz, void *ctx)
int EmbedSend(WOLFSSL* ssl, char *buf, int sz, void *ctx)
{
int sd = *(int*)ctx;
int sent;
@ -302,27 +318,27 @@ int EmbedSend(CYASSL* ssl, char *buf, int sz, void *ctx)
if (sent < 0) {
err = LastError();
CYASSL_MSG("Embed Send error");
WOLFSSL_MSG("Embed Send error");
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
CYASSL_MSG(" Would Block");
return CYASSL_CBIO_ERR_WANT_WRITE;
WOLFSSL_MSG(" Would Block");
return WOLFSSL_CBIO_ERR_WANT_WRITE;
}
else if (err == SOCKET_ECONNRESET) {
CYASSL_MSG(" Connection reset");
return CYASSL_CBIO_ERR_CONN_RST;
WOLFSSL_MSG(" Connection reset");
return WOLFSSL_CBIO_ERR_CONN_RST;
}
else if (err == SOCKET_EINTR) {
CYASSL_MSG(" Socket interrupted");
return CYASSL_CBIO_ERR_ISR;
WOLFSSL_MSG(" Socket interrupted");
return WOLFSSL_CBIO_ERR_ISR;
}
else if (err == SOCKET_EPIPE) {
CYASSL_MSG(" Socket EPIPE");
return CYASSL_CBIO_ERR_CONN_CLOSE;
WOLFSSL_MSG(" Socket EPIPE");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
else {
CYASSL_MSG(" General error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG(" General error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
@ -330,9 +346,9 @@ int EmbedSend(CYASSL* ssl, char *buf, int sz, void *ctx)
}
#ifdef CYASSL_DTLS
#ifdef WOLFSSL_DTLS
#include <cyassl/ctaocrypt/sha.h>
#include <wolfssl/wolfcrypt/sha.h>
#ifdef USE_WINDOWS_API
#define XSOCKLENT int
@ -347,19 +363,19 @@ int EmbedSend(CYASSL* ssl, char *buf, int sz, void *ctx)
/* The receive embedded callback
* return : nb bytes read, or error
*/
int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
int EmbedReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
CYASSL_DTLS_CTX* dtlsCtx = (CYASSL_DTLS_CTX*)ctx;
WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
int recvd;
int err;
int sd = dtlsCtx->fd;
int dtls_timeout = CyaSSL_dtls_get_current_timeout(ssl);
int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);
struct sockaddr_storage peer;
XSOCKLENT peerSz = sizeof(peer);
CYASSL_ENTER("EmbedReceiveFrom()");
WOLFSSL_ENTER("EmbedReceiveFrom()");
if (!CyaSSL_get_using_nonblock(ssl) && dtls_timeout != 0) {
if (!wolfSSL_get_using_nonblock(ssl) && dtls_timeout != 0) {
#ifdef USE_WINDOWS_API
DWORD timeout = dtls_timeout * 1000;
#else
@ -369,7 +385,7 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
#endif
if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,
sizeof(timeout)) != 0) {
CYASSL_MSG("setsockopt rcvtimeo failed");
WOLFSSL_MSG("setsockopt rcvtimeo failed");
}
}
@ -380,41 +396,41 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
if (recvd < 0) {
err = LastError();
CYASSL_MSG("Embed Receive From error");
WOLFSSL_MSG("Embed Receive From error");
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
if (CyaSSL_get_using_nonblock(ssl)) {
CYASSL_MSG(" Would block");
return CYASSL_CBIO_ERR_WANT_READ;
if (wolfSSL_get_using_nonblock(ssl)) {
WOLFSSL_MSG(" Would block");
return WOLFSSL_CBIO_ERR_WANT_READ;
}
else {
CYASSL_MSG(" Socket timeout");
return CYASSL_CBIO_ERR_TIMEOUT;
WOLFSSL_MSG(" Socket timeout");
return WOLFSSL_CBIO_ERR_TIMEOUT;
}
}
else if (err == SOCKET_ECONNRESET) {
CYASSL_MSG(" Connection reset");
return CYASSL_CBIO_ERR_CONN_RST;
WOLFSSL_MSG(" Connection reset");
return WOLFSSL_CBIO_ERR_CONN_RST;
}
else if (err == SOCKET_EINTR) {
CYASSL_MSG(" Socket interrupted");
return CYASSL_CBIO_ERR_ISR;
WOLFSSL_MSG(" Socket interrupted");
return WOLFSSL_CBIO_ERR_ISR;
}
else if (err == SOCKET_ECONNREFUSED) {
CYASSL_MSG(" Connection refused");
return CYASSL_CBIO_ERR_WANT_READ;
WOLFSSL_MSG(" Connection refused");
return WOLFSSL_CBIO_ERR_WANT_READ;
}
else {
CYASSL_MSG(" General error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG(" General error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
else {
if (dtlsCtx->peer.sz > 0
&& peerSz != (XSOCKLENT)dtlsCtx->peer.sz
&& memcmp(&peer, dtlsCtx->peer.sa, peerSz) != 0) {
CYASSL_MSG(" Ignored packet from invalid peer");
return CYASSL_CBIO_ERR_WANT_READ;
WOLFSSL_MSG(" Ignored packet from invalid peer");
return WOLFSSL_CBIO_ERR_WANT_READ;
}
}
@ -425,41 +441,42 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
/* The send embedded callback
* return : nb bytes sent, or error
*/
int EmbedSendTo(CYASSL* ssl, char *buf, int sz, void *ctx)
int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
{
CYASSL_DTLS_CTX* dtlsCtx = (CYASSL_DTLS_CTX*)ctx;
WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
int sd = dtlsCtx->fd;
int sent;
int len = sz;
int err;
CYASSL_ENTER("EmbedSendTo()");
WOLFSSL_ENTER("EmbedSendTo()");
sent = (int)SENDTO_FUNCTION(sd, &buf[sz - len], len, ssl->wflags,
dtlsCtx->peer.sa, dtlsCtx->peer.sz);
(const struct sockaddr*)dtlsCtx->peer.sa,
dtlsCtx->peer.sz);
if (sent < 0) {
err = LastError();
CYASSL_MSG("Embed Send To error");
WOLFSSL_MSG("Embed Send To error");
if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) {
CYASSL_MSG(" Would Block");
return CYASSL_CBIO_ERR_WANT_WRITE;
WOLFSSL_MSG(" Would Block");
return WOLFSSL_CBIO_ERR_WANT_WRITE;
}
else if (err == SOCKET_ECONNRESET) {
CYASSL_MSG(" Connection reset");
return CYASSL_CBIO_ERR_CONN_RST;
WOLFSSL_MSG(" Connection reset");
return WOLFSSL_CBIO_ERR_CONN_RST;
}
else if (err == SOCKET_EINTR) {
CYASSL_MSG(" Socket interrupted");
return CYASSL_CBIO_ERR_ISR;
WOLFSSL_MSG(" Socket interrupted");
return WOLFSSL_CBIO_ERR_ISR;
}
else if (err == SOCKET_EPIPE) {
CYASSL_MSG(" Socket EPIPE");
return CYASSL_CBIO_ERR_CONN_CLOSE;
WOLFSSL_MSG(" Socket EPIPE");
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
else {
CYASSL_MSG(" General error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG(" General error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
@ -470,12 +487,11 @@ int EmbedSendTo(CYASSL* ssl, char *buf, int sz, void *ctx)
/* The DTLS Generate Cookie callback
* return : number of bytes copied into buf, or error
*/
int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
int EmbedGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
{
int sd = ssl->wfd;
struct sockaddr_storage peer;
XSOCKLENT peerSz = sizeof(peer);
Sha sha;
byte digest[SHA_DIGEST_SIZE];
int ret = 0;
@ -483,15 +499,13 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
XMEMSET(&peer, 0, sizeof(peer));
if (getpeername(sd, (struct sockaddr*)&peer, &peerSz) != 0) {
CYASSL_MSG("getpeername failed in EmbedGenerateCookie");
WOLFSSL_MSG("getpeername failed in EmbedGenerateCookie");
return GEN_COOKIE_E;
}
ret = InitSha(&sha);
ret = wc_ShaHash((byte*)&peer, peerSz, digest);
if (ret != 0)
return ret;
ShaUpdate(&sha, (byte*)&peer, peerSz);
ShaFinal(&sha, digest);
if (sz > SHA_DIGEST_SIZE)
sz = SHA_DIGEST_SIZE;
@ -500,7 +514,7 @@ int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx)
return sz;
}
#endif /* CYASSL_DTLS */
#endif /* WOLFSSL_DTLS */
#ifdef HAVE_OCSP
@ -520,7 +534,7 @@ static int Word16ToString(char* d, word16 number)
while (order) {
digit = number / order;
if (i > 0 || digit != 0) {
d[i++] = digit + '0';
d[i++] = (char)digit + '0';
}
if (digit != 0)
number %= digit * order;
@ -555,12 +569,12 @@ static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
hints.ai_protocol = IPPROTO_TCP;
if (Word16ToString(strPort, port) == 0) {
CYASSL_MSG("invalid port number for OCSP responder");
WOLFSSL_MSG("invalid port number for OCSP responder");
return -1;
}
if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) {
CYASSL_MSG("no addr info for OCSP responder");
WOLFSSL_MSG("no addr info for OCSP responder");
return -1;
}
@ -581,20 +595,28 @@ static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port)
entry->h_length);
}
else {
CYASSL_MSG("no addr info for OCSP responder");
WOLFSSL_MSG("no addr info for OCSP responder");
return -1;
}
}
#endif /* HAVE_GETADDRINFO */
*sockfd = socket(addr.ss_family, SOCK_STREAM, 0);
if (*sockfd < 0) {
CYASSL_MSG("bad socket fd, out of fds?");
#ifdef USE_WINDOWS_API
if (*sockfd == INVALID_SOCKET) {
WOLFSSL_MSG("bad socket fd, out of fds?");
return -1;
}
#else
if (*sockfd < 0) {
WOLFSSL_MSG("bad socket fd, out of fds?");
return -1;
}
#endif
if (connect(*sockfd, (struct sockaddr *)&addr, sockaddr_len) != 0) {
CYASSL_MSG("OCSP responder tcp connect failed");
WOLFSSL_MSG("OCSP responder tcp connect failed");
return -1;
}
@ -610,7 +632,7 @@ static int build_http_request(const char* domainName, const char* path,
domainNameLen = (word32)XSTRLEN(domainName);
pathLen = (word32)XSTRLEN(path);
ocspReqSzStrLen = Word16ToString(ocspReqSzStr, ocspReqSz);
ocspReqSzStrLen = Word16ToString(ocspReqSzStr, (word16)ocspReqSz);
completeLen = domainNameLen + pathLen + ocspReqSzStrLen + 84;
if (completeLen > (word32)bufSize)
@ -740,7 +762,7 @@ static int process_http_response(int sfd, byte** respBuf,
start[len] = 0;
}
else {
CYASSL_MSG("process_http_response recv http from peer failed");
WOLFSSL_MSG("process_http_response recv http from peer failed");
return -1;
}
}
@ -758,7 +780,7 @@ static int process_http_response(int sfd, byte** respBuf,
start += 2;
}
else {
CYASSL_MSG("process_http_response header ended early");
WOLFSSL_MSG("process_http_response header ended early");
return -1;
}
}
@ -771,7 +793,7 @@ static int process_http_response(int sfd, byte** respBuf,
start += 9;
if (XSTRNCASECMP(start, "200 OK", 6) != 0 ||
state != phr_init) {
CYASSL_MSG("process_http_response not OK");
WOLFSSL_MSG("process_http_response not OK");
return -1;
}
state = phr_http_start;
@ -780,14 +802,14 @@ static int process_http_response(int sfd, byte** respBuf,
start += 13;
while (*start == ' ' && *start != '\0') start++;
if (XSTRNCASECMP(start, "application/ocsp-response", 25) != 0) {
CYASSL_MSG("process_http_response not ocsp-response");
WOLFSSL_MSG("process_http_response not ocsp-response");
return -1;
}
if (state == phr_http_start) state = phr_have_type;
else if (state == phr_have_length) state = phr_wait_end;
else {
CYASSL_MSG("process_http_response type invalid state");
WOLFSSL_MSG("process_http_response type invalid state");
return -1;
}
}
@ -799,7 +821,7 @@ static int process_http_response(int sfd, byte** respBuf,
if (state == phr_http_start) state = phr_have_length;
else if (state == phr_have_type) state = phr_wait_end;
else {
CYASSL_MSG("process_http_response length invalid state");
WOLFSSL_MSG("process_http_response length invalid state");
return -1;
}
}
@ -808,9 +830,9 @@ static int process_http_response(int sfd, byte** respBuf,
}
} while (state != phr_http_end);
recvBuf = XMALLOC(recvBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
recvBuf = (byte*)XMALLOC(recvBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
if (recvBuf == NULL) {
CYASSL_MSG("process_http_response couldn't create response buffer");
WOLFSSL_MSG("process_http_response couldn't create response buffer");
return -1;
}
@ -824,7 +846,7 @@ static int process_http_response(int sfd, byte** respBuf,
if (result > 0)
len += result;
else {
CYASSL_MSG("process_http_response recv ocsp from peer failed");
WOLFSSL_MSG("process_http_response recv ocsp from peer failed");
return -1;
}
} while (len != recvBufSz);
@ -839,68 +861,81 @@ static int process_http_response(int sfd, byte** respBuf,
int EmbedOcspLookup(void* ctx, const char* url, int urlSz,
byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf)
{
char domainName[80], path[80];
int httpBufSz;
SOCKET_T sfd = 0;
word16 port;
int ocspRespSz = 0;
byte* httpBuf = NULL;
word16 port;
int ret = -1;
#ifdef WOLFSSL_SMALL_STACK
char* path;
char* domainName;
#else
char path[80];
char domainName[80];
#endif
#ifdef WOLFSSL_SMALL_STACK
path = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (path == NULL)
return -1;
domainName = (char*)XMALLOC(80, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (domainName == NULL) {
XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return -1;
}
#endif
(void)ctx;
if (ocspReqBuf == NULL || ocspReqSz == 0) {
CYASSL_MSG("OCSP request is required for lookup");
return -1;
WOLFSSL_MSG("OCSP request is required for lookup");
}
if (ocspRespBuf == NULL) {
CYASSL_MSG("Cannot save OCSP response");
return -1;
else if (ocspRespBuf == NULL) {
WOLFSSL_MSG("Cannot save OCSP response");
}
if (decode_url(url, urlSz, domainName, path, &port) < 0) {
CYASSL_MSG("Unable to decode OCSP URL");
return -1;
else if (decode_url(url, urlSz, domainName, path, &port) < 0) {
WOLFSSL_MSG("Unable to decode OCSP URL");
}
/* Note, the library uses the EmbedOcspRespFree() callback to
* free this buffer. */
httpBufSz = SCRATCH_BUFFER_SIZE;
httpBuf = (byte*)XMALLOC(httpBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
else {
/* Note, the library uses the EmbedOcspRespFree() callback to
* free this buffer. */
int httpBufSz = SCRATCH_BUFFER_SIZE;
byte* httpBuf = (byte*)XMALLOC(httpBufSz, NULL,
DYNAMIC_TYPE_IN_BUFFER);
if (httpBuf == NULL) {
CYASSL_MSG("Unable to create OCSP response buffer");
return -1;
}
if (httpBuf == NULL) {
WOLFSSL_MSG("Unable to create OCSP response buffer");
}
else {
httpBufSz = build_http_request(domainName, path, ocspReqSz,
httpBuf, httpBufSz);
httpBufSz = build_http_request(domainName, path, ocspReqSz,
httpBuf, httpBufSz);
if ((tcp_connect(&sfd, domainName, port) == 0) && (sfd > 0)) {
int written;
written = (int)send(sfd, (char*)httpBuf, httpBufSz, 0);
if (written == httpBufSz) {
written = (int)send(sfd, (char*)ocspReqBuf, ocspReqSz, 0);
if (written == ocspReqSz) {
ocspRespSz = process_http_response(sfd, ocspRespBuf,
httpBuf, SCRATCH_BUFFER_SIZE);
if ((tcp_connect(&sfd, domainName, port) != 0) || (sfd <= 0)) {
WOLFSSL_MSG("OCSP Responder connection failed");
}
}
close(sfd);
if (ocspRespSz == 0) {
CYASSL_MSG("OCSP response was not OK, no OCSP response");
else if ((int)send(sfd, (char*)httpBuf, httpBufSz, 0) !=
httpBufSz) {
WOLFSSL_MSG("OCSP http request failed");
}
else if ((int)send(sfd, (char*)ocspReqBuf, ocspReqSz, 0) !=
ocspReqSz) {
WOLFSSL_MSG("OCSP ocsp request failed");
}
else {
ret = process_http_response(sfd, ocspRespBuf, httpBuf,
SCRATCH_BUFFER_SIZE);
}
close(sfd);
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
return -1;
}
} else {
CYASSL_MSG("OCSP Responder connection failed");
close(sfd);
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
return -1;
}
XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
return ocspRespSz;
#ifdef WOLFSSL_SMALL_STACK
XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(domainName, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
@ -915,33 +950,33 @@ void EmbedOcspRespFree(void* ctx, byte *resp)
#endif
#endif /* CYASSL_USER_IO */
#endif /* WOLFSSL_USER_IO */
CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX *ctx, CallbackIORecv CBIORecv)
WOLFSSL_API void wolfSSL_SetIORecv(WOLFSSL_CTX *ctx, CallbackIORecv CBIORecv)
{
ctx->CBIORecv = CBIORecv;
}
CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX *ctx, CallbackIOSend CBIOSend)
WOLFSSL_API void wolfSSL_SetIOSend(WOLFSSL_CTX *ctx, CallbackIOSend CBIOSend)
{
ctx->CBIOSend = CBIOSend;
}
CYASSL_API void CyaSSL_SetIOReadCtx(CYASSL* ssl, void *rctx)
WOLFSSL_API void wolfSSL_SetIOReadCtx(WOLFSSL* ssl, void *rctx)
{
ssl->IOCB_ReadCtx = rctx;
}
CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *wctx)
WOLFSSL_API void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *wctx)
{
ssl->IOCB_WriteCtx = wctx;
}
CYASSL_API void* CyaSSL_GetIOReadCtx(CYASSL* ssl)
WOLFSSL_API void* wolfSSL_GetIOReadCtx(WOLFSSL* ssl)
{
if (ssl)
return ssl->IOCB_ReadCtx;
@ -950,7 +985,7 @@ CYASSL_API void* CyaSSL_GetIOReadCtx(CYASSL* ssl)
}
CYASSL_API void* CyaSSL_GetIOWriteCtx(CYASSL* ssl)
WOLFSSL_API void* wolfSSL_GetIOWriteCtx(WOLFSSL* ssl)
{
if (ssl)
return ssl->IOCB_WriteCtx;
@ -959,33 +994,33 @@ CYASSL_API void* CyaSSL_GetIOWriteCtx(CYASSL* ssl)
}
CYASSL_API void CyaSSL_SetIOReadFlags(CYASSL* ssl, int flags)
WOLFSSL_API void wolfSSL_SetIOReadFlags(WOLFSSL* ssl, int flags)
{
ssl->rflags = flags;
}
CYASSL_API void CyaSSL_SetIOWriteFlags(CYASSL* ssl, int flags)
WOLFSSL_API void wolfSSL_SetIOWriteFlags(WOLFSSL* ssl, int flags)
{
ssl->wflags = flags;
}
#ifdef CYASSL_DTLS
#ifdef WOLFSSL_DTLS
CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX* ctx, CallbackGenCookie cb)
WOLFSSL_API void wolfSSL_CTX_SetGenCookie(WOLFSSL_CTX* ctx, CallbackGenCookie cb)
{
ctx->CBIOCookie = cb;
}
CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx)
WOLFSSL_API void wolfSSL_SetCookieCtx(WOLFSSL* ssl, void *ctx)
{
ssl->IOCB_CookieCtx = ctx;
}
CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl)
WOLFSSL_API void* wolfSSL_GetCookieCtx(WOLFSSL* ssl)
{
if (ssl)
return ssl->IOCB_CookieCtx;
@ -993,7 +1028,7 @@ CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl)
return NULL;
}
#endif /* CYASSL_DTLS */
#endif /* WOLFSSL_DTLS */
#ifdef HAVE_NETX
@ -1001,7 +1036,7 @@ CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl)
/* The NetX receive callback
* return : bytes read, or error
*/
int NetX_Receive(CYASSL *ssl, char *buf, int sz, void *ctx)
int NetX_Receive(WOLFSSL *ssl, char *buf, int sz, void *ctx)
{
NetX_Ctx* nxCtx = (NetX_Ctx*)ctx;
ULONG left;
@ -1010,38 +1045,38 @@ int NetX_Receive(CYASSL *ssl, char *buf, int sz, void *ctx)
UINT status;
if (nxCtx == NULL || nxCtx->nxSocket == NULL) {
CYASSL_MSG("NetX Recv NULL parameters");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Recv NULL parameters");
return WOLFSSL_CBIO_ERR_GENERAL;
}
if (nxCtx->nxPacket == NULL) {
status = nx_tcp_socket_receive(nxCtx->nxSocket, &nxCtx->nxPacket,
nxCtx->nxWait);
if (status != NX_SUCCESS) {
CYASSL_MSG("NetX Recv receive error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Recv receive error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
}
if (nxCtx->nxPacket) {
status = nx_packet_length_get(nxCtx->nxPacket, &total);
if (status != NX_SUCCESS) {
CYASSL_MSG("NetX Recv length get error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Recv length get error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
left = total - nxCtx->nxOffset;
status = nx_packet_data_extract_offset(nxCtx->nxPacket, nxCtx->nxOffset,
buf, sz, &copied);
if (status != NX_SUCCESS) {
CYASSL_MSG("NetX Recv data extract offset error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Recv data extract offset error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
nxCtx->nxOffset += copied;
if (copied == left) {
CYASSL_MSG("NetX Recv Drained packet");
WOLFSSL_MSG("NetX Recv Drained packet");
nx_packet_release(nxCtx->nxPacket);
nxCtx->nxPacket = NULL;
nxCtx->nxOffset = 0;
@ -1055,7 +1090,7 @@ int NetX_Receive(CYASSL *ssl, char *buf, int sz, void *ctx)
/* The NetX send callback
* return : bytes sent, or error
*/
int NetX_Send(CYASSL* ssl, char *buf, int sz, void *ctx)
int NetX_Send(WOLFSSL* ssl, char *buf, int sz, void *ctx)
{
NetX_Ctx* nxCtx = (NetX_Ctx*)ctx;
NX_PACKET* packet;
@ -1063,30 +1098,30 @@ int NetX_Send(CYASSL* ssl, char *buf, int sz, void *ctx)
UINT status;
if (nxCtx == NULL || nxCtx->nxSocket == NULL) {
CYASSL_MSG("NetX Send NULL parameters");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Send NULL parameters");
return WOLFSSL_CBIO_ERR_GENERAL;
}
pool = nxCtx->nxSocket->nx_tcp_socket_ip_ptr->nx_ip_default_packet_pool;
status = nx_packet_allocate(pool, &packet, NX_TCP_PACKET,
nxCtx->nxWait);
if (status != NX_SUCCESS) {
CYASSL_MSG("NetX Send packet alloc error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Send packet alloc error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
status = nx_packet_data_append(packet, buf, sz, pool, nxCtx->nxWait);
if (status != NX_SUCCESS) {
nx_packet_release(packet);
CYASSL_MSG("NetX Send data append error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Send data append error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
status = nx_tcp_socket_send(nxCtx->nxSocket, packet, nxCtx->nxWait);
if (status != NX_SUCCESS) {
nx_packet_release(packet);
CYASSL_MSG("NetX Send socket send error");
return CYASSL_CBIO_ERR_GENERAL;
WOLFSSL_MSG("NetX Send socket send error");
return WOLFSSL_CBIO_ERR_GENERAL;
}
return sz;
@ -1094,7 +1129,7 @@ int NetX_Send(CYASSL* ssl, char *buf, int sz, void *ctx)
/* like set_fd, but for default NetX context */
void CyaSSL_SetIO_NetX(CYASSL* ssl, NX_TCP_SOCKET* nxSocket, ULONG waitOption)
void wolfSSL_SetIO_NetX(WOLFSSL* ssl, NX_TCP_SOCKET* nxSocket, ULONG waitOption)
{
if (ssl) {
ssl->nxCtx.nxSocket = nxSocket;

1292
FreeRTOS-Plus/Source/WolfSSL/src/keys.c
View file

File diff suppressed because it is too large Load diff

108
FreeRTOS-Plus/Source/WolfSSL/src/ocsp.c
View file

@ -1,15 +1,15 @@
/* ocsp.c
*
* Copyright (C) 2006-2014 wolfSSL Inc.
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of CyaSSL.
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* CyaSSL is free software; you can redistribute it and/or modify
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
@ -19,22 +19,24 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
/* Name change compatibility layer no longer needs to be included here */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <wolfssl/wolfcrypt/settings.h>
#ifdef HAVE_OCSP
#include <cyassl/error-ssl.h>
#include <cyassl/ocsp.h>
#include <cyassl/internal.h>
#include <wolfssl/error-ssl.h>
#include <wolfssl/ocsp.h>
#include <wolfssl/internal.h>
int InitOCSP(CYASSL_OCSP* ocsp, CYASSL_CERT_MANAGER* cm)
int InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm)
{
CYASSL_ENTER("InitOCSP");
WOLFSSL_ENTER("InitOCSP");
XMEMSET(ocsp, 0, sizeof(*ocsp));
ocsp->cm = cm;
if (InitMutex(&ocsp->ocspLock) != 0)
@ -46,7 +48,7 @@ int InitOCSP(CYASSL_OCSP* ocsp, CYASSL_CERT_MANAGER* cm)
static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert)
{
CYASSL_ENTER("InitOCSP_Entry");
WOLFSSL_ENTER("InitOCSP_Entry");
XMEMSET(ocspe, 0, sizeof(*ocspe));
XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE);
@ -60,7 +62,7 @@ static void FreeOCSP_Entry(OCSP_Entry* ocspe)
{
CertStatus* tmp = ocspe->status;
CYASSL_ENTER("FreeOCSP_Entry");
WOLFSSL_ENTER("FreeOCSP_Entry");
while (tmp) {
CertStatus* next = tmp->next;
@ -70,11 +72,11 @@ static void FreeOCSP_Entry(OCSP_Entry* ocspe)
}
void FreeOCSP(CYASSL_OCSP* ocsp, int dynamic)
void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic)
{
OCSP_Entry* tmp = ocsp->ocspList;
CYASSL_ENTER("FreeOCSP");
WOLFSSL_ENTER("FreeOCSP");
while (tmp) {
OCSP_Entry* next = tmp->next;
@ -102,24 +104,30 @@ static int xstat2err(int stat)
}
int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert)
int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
{
byte* ocspReqBuf = NULL;
int ocspReqSz = 2048;
byte* ocspRespBuf = NULL;
OcspRequest ocspRequest;
OcspResponse ocspResponse;
int result = -1;
OCSP_Entry* ocspe;
CertStatus* certStatus = NULL;
CertStatus newStatus;
const char *url;
int urlSz;
#ifdef WOLFSSL_SMALL_STACK
CertStatus* newStatus;
OcspRequest* ocspRequest;
OcspResponse* ocspResponse;
#else
CertStatus newStatus[1];
OcspRequest ocspRequest[1];
OcspResponse ocspResponse[1];
#endif
CYASSL_ENTER("CheckCertOCSP");
WOLFSSL_ENTER("CheckCertOCSP");
if (LockMutex(&ocsp->ocspLock) != 0) {
CYASSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E);
WOLFSSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E);
return BAD_MUTEX_E;
}
@ -143,7 +151,7 @@ int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert)
}
else {
UnLockMutex(&ocsp->ocspLock);
CYASSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
return MEMORY_ERROR;
}
}
@ -164,12 +172,12 @@ int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert)
(certStatus->nextDate[0] == 0) ||
!ValidateDate(certStatus->nextDate,
certStatus->nextDateFormat, AFTER)) {
CYASSL_MSG("\tinvalid status date, looking up cert");
WOLFSSL_MSG("\tinvalid status date, looking up cert");
}
else {
result = xstat2err(certStatus->status);
UnLockMutex(&ocsp->ocspLock);
CYASSL_LEAVE("CheckCertOCSP", result);
WOLFSSL_LEAVE("CheckCertOCSP", result);
return result;
}
}
@ -194,41 +202,62 @@ int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert)
ocspReqBuf = (byte*)XMALLOC(ocspReqSz, NULL, DYNAMIC_TYPE_IN_BUFFER);
if (ocspReqBuf == NULL) {
CYASSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
return MEMORY_ERROR;
}
InitOcspRequest(&ocspRequest, cert, ocsp->cm->ocspSendNonce,
#ifdef WOLFSSL_SMALL_STACK
newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ocspRequest = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
ocspResponse = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (newStatus == NULL || ocspRequest == NULL || ocspResponse == NULL) {
if (newStatus) XFREE(newStatus, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ocspRequest) XFREE(ocspRequest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ocspResponse) XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
return MEMORY_E;
}
#endif
InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce,
ocspReqBuf, ocspReqSz);
ocspReqSz = EncodeOcspRequest(&ocspRequest);
ocspReqSz = EncodeOcspRequest(ocspRequest);
if (ocsp->cm->ocspIOCb)
result = ocsp->cm->ocspIOCb(ocsp->cm->ocspIOCtx, url, urlSz,
ocspReqBuf, ocspReqSz, &ocspRespBuf);
if (result >= 0 && ocspRespBuf) {
XMEMSET(&newStatus, 0, sizeof(CertStatus));
XMEMSET(newStatus, 0, sizeof(CertStatus));
InitOcspResponse(&ocspResponse, &newStatus, ocspRespBuf, result);
OcspResponseDecode(&ocspResponse);
InitOcspResponse(ocspResponse, newStatus, ocspRespBuf, result);
OcspResponseDecode(ocspResponse);
if (ocspResponse.responseStatus != OCSP_SUCCESSFUL)
if (ocspResponse->responseStatus != OCSP_SUCCESSFUL)
result = OCSP_LOOKUP_FAIL;
else {
if (CompareOcspReqResp(&ocspRequest, &ocspResponse) == 0) {
result = xstat2err(ocspResponse.status->status);
if (CompareOcspReqResp(ocspRequest, ocspResponse) == 0) {
result = xstat2err(ocspResponse->status->status);
if (LockMutex(&ocsp->ocspLock) != 0)
result = BAD_MUTEX_E;
else {
if (certStatus != NULL)
/* Replace existing certificate entry with updated */
XMEMCPY(certStatus, &newStatus, sizeof(CertStatus));
XMEMCPY(certStatus, newStatus, sizeof(CertStatus));
else {
/* Save new certificate entry */
certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus),
NULL, DYNAMIC_TYPE_OCSP_STATUS);
if (certStatus != NULL) {
XMEMCPY(certStatus, &newStatus, sizeof(CertStatus));
XMEMCPY(certStatus, newStatus, sizeof(CertStatus));
certStatus->next = ocspe->status;
ocspe->status = certStatus;
ocspe->totalStatus++;
@ -245,13 +274,18 @@ int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert)
else
result = OCSP_LOOKUP_FAIL;
if (ocspReqBuf != NULL)
XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_IN_BUFFER);
#ifdef WOLFSSL_SMALL_STACK
XFREE(newStatus, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(ocspRequest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (ocspRespBuf != NULL && ocsp->cm->ocspRespFreeCb)
ocsp->cm->ocspRespFreeCb(ocsp->cm->ocspIOCtx, ocspRespBuf);
CYASSL_LEAVE("CheckCertOCSP", result);
WOLFSSL_LEAVE("CheckCertOCSP", result);
return result;
}

745
FreeRTOS-Plus/Source/WolfSSL/src/sniffer.c
View file

File diff suppressed because it is too large Load diff

10686
FreeRTOS-Plus/Source/WolfSSL/src/ssl.c
View file

File diff suppressed because it is too large Load diff

1337
FreeRTOS-Plus/Source/WolfSSL/src/tls.c
View file

File diff suppressed because it is too large Load diff