20241024-opensslcoexist-opensslextra#8132
Conversation
| if (bio->type == WOLFSSL_BIO_FILE && bio->shutdown == BIO_CLOSE) { | ||
| if (bio->type == WOLFSSL_BIO_FILE && | ||
| bio->shutdown == WOLFSSL_BIO_CLOSE) | ||
| { |
There was a problem hiding this comment.
Move brace up to previous line.
There was a problem hiding this comment.
the typography is much clearer the way I have it -- I use this technique routinely to avoid visual running together of the condition and the enclosed statements.
|
|
||
| if ((ret == 1) && (hashAlg != NID_undef) && | ||
| (padding == RSA_PKCS1_PADDING)) { | ||
| if ((ret == 1) && (hashAlg != wc_NID_undef) && |
There was a problem hiding this comment.
wc_NID_undef => WC_NID_undef
There was a problem hiding this comment.
done -- turns out they were all macros. I misremembered them as enums.
| {"ECDSA", NID_auth_ecdsa}, | ||
| {"None", NID_auth_null}, | ||
| {NULL, NID_undef} | ||
| {NULL, wc_NID_undef} |
There was a problem hiding this comment.
Change all NIDs over.
NID_auth_ecdsa is definitely in OpenSSL.
There was a problem hiding this comment.
OK yeah good idea, close the deal. the ones done in the first round were just what was necessary to get OPENSSL_EXTRA clean.
| a->negative = 0; | ||
| /* Set type to positive INTEGER. */ | ||
| a->type = V_ASN1_INTEGER; | ||
| a->type = WOLFSSL_ASN1_TYPE_INTEGER; |
There was a problem hiding this comment.
yup better. fixed globally for all WOLFSSL_ASN1_TYPE_*s.
| /* Check if client has disabled TLS 1.2 */ | ||
| if (args->pv.minor == TLSv1_2_MINOR && | ||
| (ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) { | ||
| (ssl->options.mask & WOLFSSL_OP_NO_TLSv1_2) == WOLFSSL_OP_NO_TLSv1_2) { |
…A -DOPENSSL_COEXIST, or equivalently, --enable-opensslextra --enable-opensslcoexist. No functional changes. Several compat symbols that were formerly enums are now macros. All library source is refactored to use only native symbols in all code gated in with --enable-all-crypto --enable-opensslextra. wolfcrypt/test/test.c is similarly refactored to use only native symbols. examples/ and tests/ are unmodified except for header setup to disable OPENSSL_COEXIST and TEST_OPENSSL_COEXIST.
…SN1_TYPE_* -- some are used in non-OPENSSL_EXTRA builds, e.g. when -DWOLFSSL_X509_NAME_AVAILABLE.
…T: cover -DWOLFSSL_QUIC, fix -DNO_ASN, rename WOLFSSL_ASN1_TYPE_* to WOLFSSL_V_ASN1_*, completed nativization of NID_*, and switch to prefix WC_NID_ rather than wc_NID_.
…T: cover -DWOLFSSL_QUIC, fix -DNO_ASN, rename WOLFSSL_ASN1_TYPE_* to WOLFSSL_V_ASN1_*, completed nativization of NID_*, and switch to prefix WC_NID_ rather than wc_NID_.
douzzer
force-pushed
the
20241024-opensslcoexist-opensslextra
branch
from
2f96291 to
39e8cb5
Compare
configure.ac: * add --enable-all-osp to separate OSP meta-feature sets from --enable-all, allowing --enable-all --disable-all-osp --disable-opensslall (e.g. for testing OPENSSL_COEXIST). * fix enable_all_crypto=yes in enable-all to be conditional on "$enable_all_crypto" = "". * move enable_rsapss=yes from enable-all to enable-all-crypto. examples/ and testsuite/: #undef OPENSSL_COEXIST unconditionally rather than only if defined(OPENSSL_EXTRA), to capture -DOPENSSL_EXTRA_X509_SMALL or any other such variants.
|
retest this please ("FAIL: scripts/openssl.test" in |
| #ifndef TESTS_UNIT_H | ||
| #define TESTS_UNIT_H | ||
|
|
||
| #ifdef HAVE_CONFIG_H |
There was a problem hiding this comment.
Including config.h can only happen in the .c files.
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
Allowing config.h include in the test header.
4 participants
Globally remap & refactor conflicting symbols to allow
-DOPENSSL_EXTRA -DOPENSSL_COEXIST, or equivalently,--enable-opensslextra --enable-opensslcoexist.No functional changes.
Several compat symbols that were formerly
enums are now macros.All library source is refactored to use only native symbols in all code gated in with
--enable-all-crypto --enable-opensslextra.wolfcrypt/test/test.cis similarly refactored to use only native symbols.examples/andtests/are unmodified except for header setup to disableOPENSSL_COEXISTandTEST_OPENSSL_COEXIST.tested with
wolfssl-multi-test.sh ... super-quick-check all-crypto-openssl-extra-coexist-with-suites all-crypto-openssl-extra-coexist-smallstack all-crypto-openssl-extra-coexist-TEST_OPENSSL_COEXIST, the latter 3 of which add thorough testing of the newly allowed build settings.