tls_wolfssl: complete WOLFSSL_DEBUG_MEMORY commit

OpenSIPS · Aug 9, 2023 · 80a96be · 80a96be
1 parent bd7791d
commit 80a96be
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 17 deletions.
diff --git a/modules/tls_wolfssl/Makefile b/modules/tls_wolfssl/Makefile
@@ -11,8 +11,17 @@ MOD_DIR ?= $(shell realpath `dirname $(_makefile_path)`)/modules/tls_wolfssl
 
 include ../../Makefile.modules
 
+ifneq (,$(findstring -DWOLFSSL_DEBUG_MEMORY,$(DEFS)))
+ifeq (,$(findstring -DDBG_MALLOC,$(DEFS)))
+$(warning "Memory debugging not enabled - disabling wolfSSL memory debugging")
+DEFS := $(filter-out -DWOLFSSL_DEBUG_MEMORY,$(DEFS))
+else
+WOLFSSL_EXTRA_CFLAGS := -DWOLFSSL_DEBUG_MEMORY
+endif
+endif
+
 lib/lib/libwolfssl.a:
-	@cd ./lib/wolfssl; \
+	$(Q)cd ./lib/wolfssl; \
 	if [ ! -f "configure" ]; then \
 		./autogen.sh; \
 	fi; \
@@ -22,9 +31,11 @@ lib/lib/libwolfssl.a:
 		--enable-writedup --enable-tlsv10 --disable-shared --enable-static \
 		--disable-jni --disable-crl-monitor \
 		--prefix=$(MOD_DIR)/lib \
-		--exec-prefix=$(MOD_DIR)/lib C_EXTRA_FLAGS="-fPIC" CFLAGS="-DWOLFSSL_STATIC_RSA"; \
+		--exec-prefix=$(MOD_DIR)/lib \
+		C_EXTRA_FLAGS="-fPIC" \
+		CFLAGS="-DWOLFSSL_STATIC_RSA $(WOLFSSL_EXTRA_CFLAGS)"; \
 	fi;
-	@$(MAKE) -C ./lib/wolfssl install
+	$(Q)$(MAKE) -C ./lib/wolfssl install
 
 clean:	clean-wolfssl-lib
 
@@ -34,4 +45,4 @@ clean-wolfssl-lib:
 		$(MAKE) -C ./lib/wolfssl clean; \
 	fi;
 	@rm -rf ./lib/bin ./lib/include ./lib/lib ./lib/share \
-	./lib/wolfssl/Makefile ./lib/wolfssl/configure
+	./lib/wolfssl/Makefile ./lib/wolfssl/configure
diff --git a/modules/tls_wolfssl/wolfssl.c b/modules/tls_wolfssl/wolfssl.c
@@ -25,13 +25,7 @@
 #include <unistd.h>
 #include <netinet/tcp.h>
 
-/* uncomment the following line to enable memory debugging in WolfSSL */
-//#define WOLFSSL_DEBUG_MEMORY
-/* if we do not have DBG_MALLOC, we do not have the memory information
- * available, thus it makes no sense to use WOLFSSL_DEBUG_MEMORY */
-#ifndef DBG_MALLOC
-#undef WOLFSSL_DEBUG_MEMORY
-#endif
+#include "wolfssl_mem.h"
 
 #include <wolfssl/options.h>
 #include <wolfssl/ssl.h>

diff --git a/modules/tls_wolfssl/wolfssl_conn_ops.c b/modules/tls_wolfssl/wolfssl_conn_ops.c
@@ -20,6 +20,8 @@
  *
  */
 
+#include "wolfssl_mem.h"
+
 #include <wolfssl/options.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/error-ssl.h>
@@ -47,8 +49,8 @@ void tls_dump_cert_info(char* s, WOLFSSL_X509* cert)
 	issuer = wolfSSL_X509_NAME_oneline(wolfSSL_X509_get_issuer_name(cert), 0, 0);
 
 	LM_INFO("%s subject: %s, issuer: %s\n", s ? s : "", subj, issuer);
-	wolfSSL_Free(subj);
-	wolfSSL_Free(issuer);
+	oss_wolfSSL_Free(subj);
+	oss_wolfSSL_Free(issuer);
 }
 
 static void tls_dump_verification_failure(long verification_result)

diff --git a/modules/tls_wolfssl/wolfssl_tls_vars.c b/modules/tls_wolfssl/wolfssl_tls_vars.c
@@ -32,6 +32,8 @@
  *
  */
 
+#include "wolfssl_mem.h"
+
 #include <wolfssl/options.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/error-ssl.h>
@@ -271,13 +273,13 @@ int _wolfssl_tls_var_comp(int ind, void *ssl, str *res)
 		res->s = buf;
 		res->len = text.len;
 
-		wolfSSL_Free(text.s);
+		oss_wolfSSL_Free(text.s);
 	}
 	if (!my) wolfSSL_X509_free(cert);
 
 	return 0;
  err:
-	if (text.s) wolfSSL_Free(text.s);
+	if (text.s) oss_wolfSSL_Free(text.s);
 	if (!my) wolfSSL_X509_free(cert);
 	return -1;
 }

diff --git a/modules/tls_wolfssl/wolfssl_trace.h b/modules/tls_wolfssl/wolfssl_trace.h
@@ -50,8 +50,8 @@ static inline void tls_append_cert_info(WOLFSSL_X509 *cert, char client,
 		add_trace_data(message, "server-issuer", &issuer);
 	}
 
-	wolfSSL_Free(subj.s);
-	wolfSSL_Free(issuer.s);
+	oss_wolfSSL_Free(subj.s);
+	oss_wolfSSL_Free(issuer.s);
 }
 
 static inline void tls_append_master_secret(WOLFSSL *ssl, struct tls_data* data)