Minor fixes for nightly multi-test tool

.wolfssl_known_macro_extras

@@ -866,7 +866,6 @@ WOLFSSL_PSK_IDENTITY_ALERT
 WOLFSSL_PSK_ID_PROTECTION
 WOLFSSL_PSK_MULTI_ID_PER_CS
 WOLFSSL_PSK_TLS13_CB
-WOLFSSL_PYTHON
 WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY
 WOLFSSL_RENESAS_RA6M3
 WOLFSSL_RENESAS_RA6M3G

configure.ac

@@ -1211,7 +1211,11 @@ then
     test "$enable_ocsp" = "" && enable_ocsp=yes
     test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
     test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
-    test "$enable_ocsp_responder" = "" && test "$enable_ocsp" != "no" && test "$ASN_IMPL" = "template" && enable_ocsp_responder=yes
+    test "$enable_ocsp_responder" = "" &&
+        test "$enable_ocsp" != "no" &&
+        test "$enable_sha" != "no" &&
+        test "$ASN_IMPL" = "template" &&
+        enable_ocsp_responder=yes
     test "$enable_savesession" = "" && enable_savesession=yes
     test "$enable_savecert" = "" && enable_savecert=yes
     test "$enable_postauth" = "" && enable_postauth=yes
@@ -1485,7 +1489,6 @@ then
     test "$enable_ocsp" = "" && enable_ocsp=yes
     test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
     test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
-    test "$enable_ocsp_responder" = "" && test "$enable_ocsp" != "no" && test "$ASN_IMPL" = "template" && enable_ocsp_responder=yes
     test "$enable_crl" = "" && enable_crl=yes
     test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
     test "$enable_tlsx" = "" && enable_tlsx=yes

src/tls.c

@@ -2394,9 +2394,10 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, const byte* input, word16 length,
     else
 #endif
     {
-        matched = cacheOnly || (XSTRLEN(sni->data.host_name) == size &&
-            XSTRNCMP(sni->data.host_name, (const char*)input + offset,
-                                                                    size) == 0);
+        const char* hostName = (sni != NULL) ? sni->data.host_name : NULL;
+        matched = cacheOnly || (hostName != NULL &&
+            XSTRLEN(hostName) == size &&
+            XSTRNCMP(hostName, (const char*)input + offset, size) == 0);
     }
 
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
@@ -2415,7 +2416,8 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, const byte* input, word16 length,
     }
 #endif
 
-    if (matched || sni->options & WOLFSSL_SNI_ANSWER_ON_MISMATCH) {
+    if (matched ||
+            (sni != NULL && (sni->options & WOLFSSL_SNI_ANSWER_ON_MISMATCH))) {
         int matchStat;
         int r = TLSX_UseSNI(&ssl->extensions, type, input + offset, size,
                                                                      ssl->heap);
@@ -2441,7 +2443,8 @@ static int TLSX_SNI_Parse(WOLFSSL* ssl, const byte* input, word16 length,
         if (!cacheOnly)
             TLSX_SetResponse(ssl, TLSX_SERVER_NAME);
     }
-    else if (!(sni->options & WOLFSSL_SNI_CONTINUE_ON_MISMATCH)) {
+    else if ((sni == NULL) ||
+            !(sni->options & WOLFSSL_SNI_CONTINUE_ON_MISMATCH)) {
         SendAlert(ssl, alert_fatal, unrecognized_name);
         WOLFSSL_ERROR_VERBOSE(UNKNOWN_SNI_HOST_NAME_E);
         return UNKNOWN_SNI_HOST_NAME_E;

tests/api.c

@@ -33583,7 +33583,10 @@ static int test_lms_write_key(const byte* priv, word32 privSz, void* context)
     FILE* f = fopen((const char*)context, "wb");
     if (f == NULL)
         return -1;
-    fwrite(priv, 1, privSz, f);
+    if (fwrite(priv, 1, privSz, f) != privSz) {
+        fclose(f);
+        return -1;
+    }
     fclose(f);
     return WC_LMS_RC_SAVED_TO_NV_MEMORY;
 }

wolfcrypt/src/asn.c

@@ -12374,14 +12374,16 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
     /* dsaPubKeyASN is longer than dsaPublicKeyASN. */
     DECL_ASNGETDATA(dataASN, dsaPubKeyASN_Length);
     int ret = 0;
+    void* heap = NULL;
 
     /* Validated parameters. */
     if ((input == NULL) || (inOutIdx == NULL) || (key == NULL)) {
         ret = BAD_FUNC_ARG;
     }
+    heap = (key != NULL) ? key->heap : NULL;
 
     if (ret == 0) {
-        ALLOC_ASNGETDATA(dataASN, dsaPubKeyASN_Length, ret, key->heap);
+        ALLOC_ASNGETDATA(dataASN, dsaPubKeyASN_Length, ret, heap);
     }
 
     if (ret == 0) {
@@ -12420,7 +12422,7 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
         key->type = DSA_PUBLIC;
     }
 
-    FREE_ASNGETDATA(dataASN, key->heap);
+    FREE_ASNGETDATA(dataASN, heap);
     return ret;
 #endif
 }
@@ -37536,6 +37538,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
     /* eccKeyASN is longer than eccPublicKeyASN. */
     DECL_ASNGETDATA(dataASN, eccKeyASN_Length);
     int ret = 0;
+    void* heap = NULL;
     int curve_id = ECC_CURVE_DEF;
     int oidIdx = ECCPUBLICKEYASN_IDX_ALGOID_CURVEID;
 #ifdef WOLFSSL_CUSTOM_CURVES
@@ -37546,9 +37549,10 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
     if ((input == NULL) || (inOutIdx == NULL) || (key == NULL) || (inSz == 0)) {
         ret = BAD_FUNC_ARG;
     }
+    heap = (key != NULL) ? key->heap : NULL;
 
     if (ret == 0) {
-        ALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, key->heap);
+        ALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, heap);
     }
 
     if (ret == 0) {
@@ -37622,7 +37626,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         }
     }
 
-    FREE_ASNGETDATA(dataASN, key->heap);
+    FREE_ASNGETDATA(dataASN, heap);
     return ret;
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }

wolfcrypt/src/integer.c

@@ -3278,8 +3278,10 @@ int mp_div_3 (mp_int * a, mp_int *c, mp_digit * d)
   q.sign = a->sign;
   w = 0;
 
-  if (a->used == 0)
+  if (a->used == 0) {
+      mp_clear(&q);
       return MP_VAL;
+  }
 
   for (ix = a->used - 1; ix >= 0; ix--) {
      w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);