From patchwork Wed Mar 30 23:53:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masashi Honma X-Patchwork-Id: 1611488 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ClIjcy/R; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=N1tFXZ0w; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4KTNZs0Nkgz9sBy for ; Thu, 31 Mar 2022 10:54:45 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=oUxzsyDGErnZ6jvjo0e9m0+Mp/TApsHrs6p9XQEZxhA=; b=ClIjcy/RgCBUFM IZXBfI7o+ZT+kgvZ1ueE9I4inZPmexHxcth+CT6vMpBTm5y1KtaAj/2pgJrvK8y3T8wy4YFz4fcVd bR9YaGbbyxXPGYpUKPCsTe+r0WHuqJu6xdV0+Q+Y6x4X0Pha5RjuZK1z+eZ19EWOVjXCZLdirHlD5 pagy5+uCVGWX1dz/8/7ST8XfpVuJ4jgR8QUWF77HE/XTNZBN7zg7e0elGhB5hlm8jiDItLwPK3i8F Kazj+VAXYomw6A0rbm+ea9IMiisg86ibTTpsn4U1A9zXXeZYX5Exssjxp5PZ4pv9dFRiHzn14iE3z TIIW4Zrj+fEnIFfxIf/A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nZi81-0008Gw-71; Wed, 30 Mar 2022 23:53:29 +0000 Received: from mail-pj1-x1029.google.com ([2607:f8b0:4864:20::1029]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nZi7x-0008GV-SW for hostap@lists.infradead.org; Wed, 30 Mar 2022 23:53:27 +0000 Received: by mail-pj1-x1029.google.com with SMTP id o3-20020a17090a3d4300b001c6bc749227so1859888pjf.1 for ; Wed, 30 Mar 2022 16:53:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=FzoWl+vWxranLCb27psLTmlJfzdSSuKyF1KUQhiMydk=; b=N1tFXZ0woAUgrwZtYf/zEAVgLE/TazxaZ1LfKgLlrnBEyFT9OiphEN3OqJ89v9VKT6 g5LtHxW1/ukkGin5TzW019HDchkX+CJQo1R7Z+lzoOB7HalJ8kW1v4bia2qlEoX+NBLY IOjrtVbV7hgdCgZQGo+0G/qY8l6wGbmYGUe3cag0af/ANIUQxlmxcwhhmWFvKpeoZqZs 8KKrk4IXb5hKyUh2AhqR6M2IemVSvWB5XSbxcItpouwwl7vpYmkHQhdNWfDshV2wvZhn zARPQ9z3Y1xDJVqTv9RpwQNWSEKWvHm9jdsL307ut7bxiRDQO4U7q5jeDbumX7YPhDIj ZQmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=FzoWl+vWxranLCb27psLTmlJfzdSSuKyF1KUQhiMydk=; b=zoVi8Z5fXjr4zxyZACtiQPhTa8i8pXyJjQU0AdwPQIAnAz5c8LHVNbvwF0EFZb4SlJ 8wUxQSBa1S9ejdd89/Q3fb6TKhXBttPz8O3EjrZnQ2hWQXsNguaCld0aNoUOWee/zO0P QA0X0PEzwYzGPFaWjzqb1KFpu0fPLaxyx4oTghIeQLaYIA0fxQO80C2hNN1HWu/Gruf6 SUHW7Jb21VgkYipNmDxK/8nLKU9uQykd0MCRWbAtSGZOjqH46sNTH4qdt4JLyV7FawDj cJ29NEZ1YTwjdOpqY9XOJ2Xv56fvv9QfJMECHs7iHrklzIldZjEFKdu+W5MSbOuHrR0m ADfg== X-Gm-Message-State: AOAM532rGDNJo9+u+tG49EY7XXzYJNBebPA2uHkACCymla/sGi36ZXxr ZhgABmVpP2PXDznEOZ/vdoLOuvR9ACdiJQ== X-Google-Smtp-Source: ABdhPJw92z0RzzuODPUW6t6O+qS8QAulnh9wOmPPQyTzYcvDdKHzB9T5utoAm0kMZQcdNzhPT1okug== X-Received: by 2002:a17:90b:1bc6:b0:1c7:69d:e80f with SMTP id oa6-20020a17090b1bc600b001c7069de80fmr2639294pjb.202.1648684403594; Wed, 30 Mar 2022 16:53:23 -0700 (PDT) Received: from iiyama2004.flets-east.jp ([2409:11:53c0:1f00:c964:493f:5ebb:204]) by smtp.gmail.com with ESMTPSA id gk13-20020a17090b118d00b001c6b2472576sm7562745pjb.19.2022.03.30.16.53.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Mar 2022 16:53:23 -0700 (PDT) From: Masashi Honma To: hostap@lists.infradead.org Cc: Masashi Honma Subject: [PATCH] wolfSSL: Add the server bit according to the openssl code Date: Thu, 31 Mar 2022 08:53:12 +0900 Message-Id: <20220330235312.100758-1-masashi.honma@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220330_165325_957427_5B1BB032 X-CRM114-Status: GOOD ( 13.56 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Masashi Honma --- src/crypto/tls_wolfssl.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index cf482bfc3..7aadf8322 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -90, 6 +90,7 @@ struct tls_connection [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1029 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [masashi.honma[at]gmail.com] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Masashi Honma --- src/crypto/tls_wolfssl.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index cf482bfc3..7aadf8322 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -90,6 +90,7 @@ struct tls_connection { unsigned int cert_probe:1; unsigned int server_cert_only:1; unsigned int success_data:1; + unsigned int server:1; WOLFSSL_X509 *peer_cert; WOLFSSL_X509 *peer_issuer; @@ -1614,15 +1615,14 @@ int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn, static struct wpabuf * wolfssl_handshake(struct tls_connection *conn, - const struct wpabuf *in_data, - int server) + const struct wpabuf *in_data) { int res; wolfssl_reset_out_data(&conn->output); /* Initiate TLS handshake or continue the existing handshake */ - if (server) { + if (conn->server) { wolfSSL_set_accept_state(conn->ssl); res = wolfSSL_accept(conn->ssl); wpa_printf(MSG_DEBUG, "SSL: wolfSSL_accept: %d", res); @@ -1695,7 +1695,7 @@ static struct wpabuf * wolfssl_get_appl_data(struct tls_connection *conn, static struct wpabuf * wolfssl_connection_handshake(struct tls_connection *conn, const struct wpabuf *in_data, - struct wpabuf **appl_data, int server) + struct wpabuf **appl_data) { struct wpabuf *out_data; @@ -1704,7 +1704,7 @@ wolfssl_connection_handshake(struct tls_connection *conn, if (appl_data) *appl_data = NULL; - out_data = wolfssl_handshake(conn, in_data, server); + out_data = wolfssl_handshake(conn, in_data); if (!out_data) return NULL; @@ -1726,7 +1726,7 @@ struct wpabuf * tls_connection_handshake(void *tls_ctx, const struct wpabuf *in_data, struct wpabuf **appl_data) { - return wolfssl_connection_handshake(conn, in_data, appl_data, 0); + return wolfssl_connection_handshake(conn, in_data, appl_data); } @@ -1735,7 +1735,8 @@ struct wpabuf * tls_connection_server_handshake(void *tls_ctx, const struct wpabuf *in_data, struct wpabuf **appl_data) { - return wolfssl_connection_handshake(conn, in_data, appl_data, 1); + conn->server = 1; + return wolfssl_connection_handshake(conn, in_data, appl_data); }