Skip to content

Commit

Permalink
adding implementation of wolfSSL_get_client_ciphers
Browse files Browse the repository at this point in the history
  • Loading branch information
@JacobBarthelmeh
JacobBarthelmeh committed Jan 9, 2025
1 parent d041923 commit 474ea39
Show file tree
Hide file tree
Showing 4 changed files with 85 additions and 28 deletions.
19 changes: 6 additions & 13 deletions src/internal.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8364,6 +8364,8 @@ void FreeSuites(WOLFSSL* ssl)
wolfSSL_sk_SSL_CIPHER_free(ssl->suitesStack);
ssl->suitesStack = NULL;
}
XFREE(ssl->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
ssl->clSuites = NULL;
#endif
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
ssl->suites = NULL;
Expand Down Expand Up @@ -37553,7 +37555,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
{
byte b;
ProtocolVersion pv;
#ifdef WOLFSSL_SMALL_STACK
#if defined(WOLFSSL_SMALL_STACK) || defined(OPENSSL_ALL)
Suites* clSuites = NULL;
#else
Suites clSuites[1];
Expand Down Expand Up @@ -37855,13 +37857,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
goto out;
}

#ifdef WOLFSSL_SMALL_STACK
#if defined(WOLFSSL_SMALL_STACK) || defined(OPENSSL_ALL)
clSuites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
DYNAMIC_TYPE_SUITES);
if (clSuites == NULL) {
ret = MEMORY_E;
goto out;
}
ssl->clSuites = clSuites;
#endif
XMEMSET(clSuites, 0, sizeof(Suites));
ato16(&input[i], &clSuites->suiteSz);
Expand Down Expand Up @@ -38140,13 +38143,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif

#ifdef OPENSSL_EXTRA
ssl->clSuites = clSuites; /* cppcheck-suppress autoVariables
*
* (suppress warning that ssl, a persistent
* non-local allocation, has its ->clSuites
* set to clSuites, a local stack allocation.
* we clear this assignment before returning.)
*/
/* Give user last chance to provide a cert for cipher selection */
if (ret == 0 && ssl->ctx->certSetupCb != NULL)
ret = CertSetupCbWrapper(ssl);
Expand All @@ -38170,10 +38166,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif

out:
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
ssl->clSuites = NULL;
#endif
#ifdef WOLFSSL_SMALL_STACK
#if defined(WOLFSSL_SMALL_STACK) && !defined(OPENSSL_ALL)
XFREE(clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
#endif
WOLFSSL_LEAVE("DoClientHello", ret);
Expand Down
82 changes: 72 additions & 10 deletions src/ssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15105,16 +15105,6 @@ word32 wolfSSL_lib_version_hex(void)
}


#ifdef OPENSSL_EXTRA
WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
{
WOLFSSL_STUB("wolfSSL_get_client_ciphers");
(void)ssl;
return NULL;
}
#endif


int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_get_current_cipher_suite");
Expand Down Expand Up @@ -21949,6 +21939,78 @@ WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
return ssl->suitesStack;
}
#endif /* OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
#ifdef OPENSSL_ALL
WOLF_STACK_OF(WOLFSSL_CIPHER)* wolfSSL_get_client_ciphers(WOLFSSL* ssl)
{
WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL;
const CipherSuiteInfo* cipher_names = GetCipherNames();
int cipherSz = GetCipherNamesSize();
const Suites* suites;

WOLFSSL_ENTER("wolfSSL_get_client_ciphers");

if (ssl == NULL) {
return NULL;
}

/* return NULL if is client side */
if (wolfSSL_is_server(ssl) == 0) {
return NULL;
}

suites = ssl->clSuites;
if (suites == NULL) {
WOLFSSL_MSG("No client suites stored");
}
else {
int i;
int j;

/* higher priority of cipher suite will be on top of stack */
for (i = suites->suiteSz - 2; i >=0; i-=2) {
WOLFSSL_STACK* add;

/* A couple of suites are placeholders for special options,
* skip those. */
if (SCSV_Check(suites->suites[i], suites->suites[i+1])
|| sslCipherMinMaxCheck(ssl, suites->suites[i],
suites->suites[i+1])) {
continue;
}

add = wolfSSL_sk_new_node(ssl->heap);
if (add != NULL) {
add->type = STACK_TYPE_CIPHER;
add->data.cipher.cipherSuite0 = suites->suites[i];
add->data.cipher.cipherSuite = suites->suites[i+1];
add->data.cipher.ssl = ssl;
for (j = 0; j < cipherSz; j++) {
if (cipher_names[j].cipherSuite0 ==
add->data.cipher.cipherSuite0 &&
cipher_names[j].cipherSuite ==
add->data.cipher.cipherSuite) {
add->data.cipher.offset = (unsigned long)j;
break;
}
}

/* in_stack is checked in wolfSSL_CIPHER_description */
add->data.cipher.in_stack = 1;

add->next = ret;
if (ret != NULL) {
add->num = ret->num + 1;
}
else {
add->num = 1;
}
ret = add;
}
}
}
return ret;
}
#endif /* OPENSSL_ALL */

#if defined(OPENSSL_EXTRA) || defined(HAVE_SECRET_CALLBACK)
long wolfSSL_SSL_CTX_get_timeout(const WOLFSSL_CTX *ctx)
Expand Down
10 changes: 6 additions & 4 deletions src/tls13.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6682,17 +6682,19 @@ typedef struct Dch13Args {

static void FreeDch13Args(WOLFSSL* ssl, void* pArgs)
{
/* openssl compat builds hang on to the client suites until WOLFSSL object
* is destroyed */
#ifndef OPENSSL_EXTRA
Dch13Args* args = (Dch13Args*)pArgs;

(void)ssl;

if (args && args->clSuites) {
XFREE(args->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
args->clSuites = NULL;
}
#ifdef OPENSSL_EXTRA
ssl->clSuites = NULL;
#endif
(void)ssl;
(void)pArgs;

}

int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
Expand Down
2 changes: 1 addition & 1 deletion wolfssl/internal.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5784,7 +5784,7 @@ struct WOLFSSL {
* object needs separate instance of suites use
* AllocateSuites(). */
#ifdef OPENSSL_EXTRA
const Suites* clSuites;
Suites* clSuites;
#endif
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
Expand Down

0 comments on commit 474ea39

Please sign in to comment.