[03/24] wolfssl: use defines for ex_data access

Message ID	20240404181630.2431991-3-juliusz@wolfssl.com
State	Under Review
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: Juliusz Sosinowicz <juliusz@wolfssl.com> To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz <juliusz@wolfssl.com> Subject: [PATCH 03/24] wolfssl: use defines for ex_data access Date: Thu, 4 Apr 2024 20:16:09 +0200 Message-Id: <20240404181630.2431991-3-juliusz@wolfssl.com> In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com> References: <20240404181630.2431991-1-juliusz@wolfssl.com> MIME-Version: 1.0 preview: Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/tls_wolfssl.c \| 28 ++++++++++++++++ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index 25616f2c7a..26832ed430 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -42,7 +42,9 @@ Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:52c listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	[01/24] wolfssl: simplify tls_get_cipher \| expand [01/24] wolfssl: simplify tls_get_cipher [02/24] wolfssl: implement suiteb ciphersuite [03/24] wolfssl: use defines for ex_data access [04/24] wolfssl: fix get_x509_cert [05/24] wolfssl: support tod policy [06/24] wolfssl: implement EAP-AKA [07/24] openssl: Use uncompressed format for ECC keys [08/24] wolfssl: Set additional sigalgs when using anon cipher [09/24] wolfssl: tune test_ap_wpa2_eap_fast_prf_oom for wolfssl [10/24] ap_wpa2_eap_tls_rsa_and_ec: use ciphersuites that wolfSSL understands [11/24] ap_wpa2_eap_fast_cipher_suites: allow wolfSSL to skip RC4 test [12/24] ap_wpa2_eap_tls_versions: run tests with wolfSSL [13/24] wolfssl: generate events when OCSP status is revoked [14/24] wolfssl: remove unnecessary WOLFSSL_X509_STORE manipulation [15/24] wolfssl: log error number on failure [16/24] wolfssl: remove unused and non-compiling code [17/24] wolfssl: add missing return in tls_init [18/24] wolfssl: implement check_cert_subject [19/24] wolfssl: Actually use ocsp_stapling_response [20/24] run_ap_wpa2_eap_tls_intermediate_ca_ocsp: fix cert configuration [21/24] wolfssl: Implement EAP-FAST [22/24] wolfSSL: simplify option setting in tls_set_conn_flags [23/24] wolfSSL: Implement openssl_ecdh_curves [24/24] wolfSSL: test_ap_wpa2_eap_fast_server_oom

Message ID

20240404181630.2431991-3-juliusz@wolfssl.com

State

Under Review

Headers

From: Juliusz Sosinowicz <juliusz@wolfssl.com>
To: hostap@lists.infradead.org
Cc: Juliusz Sosinowicz <juliusz@wolfssl.com>
Subject: [PATCH 03/24] wolfssl: use defines for ex_data access
Date: Thu,  4 Apr 2024 20:16:09 +0200
Message-Id: <20240404181630.2431991-3-juliusz@wolfssl.com>
In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com>
References: <20240404181630.2431991-1-juliusz@wolfssl.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

[01/24] wolfssl: simplify tls_get_cipher | expand

Commit Message

Juliusz Sosinowicz April 4, 2024, 6:16 p.m. UTC

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
---
 src/crypto/tls_wolfssl.c | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 25616f2c7a..26832ed430 100644
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -42,7 +42,9 @@ 
 
 static int tls_ref_count = 0;
 
-static int tls_ex_idx_session = 0;
+#define TLS_SESSION_EX_IDX (0)
+#define TLS_SSL_CTX_CTX_EX_IDX (0)
+#define TLS_SSL_CON_EX_IDX (0)
 
 
 /* tls input data for wolfSSL Read Callback */
@@ -184,7 +186,7 @@  static void remove_session_cb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
 {
 	struct wpabuf *buf;
 
-	buf = wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session);
+	buf = wolfSSL_SESSION_get_ex_data(sess, TLS_SESSION_EX_IDX);
 	if (!buf)
 		return;
 	wpa_printf(MSG_DEBUG,
@@ -192,7 +194,7 @@  static void remove_session_cb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
 		   buf, sess);
 	wpabuf_free(buf);
 
-	wolfSSL_SESSION_set_ex_data(sess, tls_ex_idx_session, NULL);
+	wolfSSL_SESSION_set_ex_data(sess, TLS_SESSION_EX_IDX, NULL);
 }
 
 
@@ -380,7 +382,7 @@  void * tls_init(const struct tls_config *conf)
 	wolfSSL_SetIORecv(ssl_ctx, wolfssl_receive_cb);
 	wolfSSL_SetIOSend(ssl_ctx, wolfssl_send_cb);
 	context->tls_session_lifetime = conf->tls_session_lifetime;
-	wolfSSL_CTX_set_ex_data(ssl_ctx, 0, context);
+	wolfSSL_CTX_set_ex_data(ssl_ctx, TLS_SSL_CTX_CTX_EX_IDX, context);
 
 	if (conf->tls_session_lifetime > 0) {
 		wolfSSL_CTX_set_session_id_context(ssl_ctx,
@@ -410,7 +412,8 @@  void * tls_init(const struct tls_config *conf)
 
 void tls_deinit(void *ssl_ctx)
 {
-	struct tls_context *context = wolfSSL_CTX_get_ex_data(ssl_ctx, 0);
+	struct tls_context *context = wolfSSL_CTX_get_ex_data(ssl_ctx,
+			TLS_SSL_CTX_CTX_EX_IDX);
 
 	if (context != tls_global)
 		os_free(context);
@@ -462,8 +465,8 @@  struct tls_connection * tls_connection_init(void *tls_ctx)
 
 	wolfSSL_SetIOReadCtx(conn->ssl,  &conn->input);
 	wolfSSL_SetIOWriteCtx(conn->ssl, &conn->output);
-	wolfSSL_set_ex_data(conn->ssl, 0, conn);
-	conn->context = wolfSSL_CTX_get_ex_data(ssl_ctx, 0);
+	wolfSSL_set_ex_data(conn->ssl, TLS_SSL_CON_EX_IDX, conn);
+	conn->context = wolfSSL_CTX_get_ex_data(ssl_ctx, TLS_SSL_CTX_CTX_EX_IDX);
 
 	/* Need randoms post-hanshake for EAP-FAST, export key and deriving
 	 * session ID in EAP methods. */
@@ -1109,7 +1112,7 @@  static int tls_verify_cb(int preverify_ok, WOLFSSL_X509_STORE_CTX *x509_ctx)
 	wolfSSL_X509_NAME_oneline(wolfSSL_X509_get_subject_name(err_cert), buf,
 				  sizeof(buf));
 
-	conn = wolfSSL_get_ex_data(ssl, 0);
+	conn = wolfSSL_get_ex_data(ssl, TLS_SSL_CON_EX_IDX);
 	if (!conn) {
 		wpa_printf(MSG_DEBUG, "wolfSSL: No ex_data");
 		return 0;
@@ -1733,7 +1736,8 @@  int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
 
 	wolfSSL_set_accept_state(conn->ssl);
 
-	context = wolfSSL_CTX_get_ex_data((WOLFSSL_CTX *) ssl_ctx, 0);
+	context = wolfSSL_CTX_get_ex_data((WOLFSSL_CTX *) ssl_ctx,
+			TLS_SSL_CTX_CTX_EX_IDX);
 	if (context && context->tls_session_lifetime == 0) {
 		/*
 		 * Set session id context to a unique value to make sure
@@ -2361,13 +2365,13 @@  void tls_connection_set_success_data(struct tls_connection *conn,
 		goto fail;
 	}
 
-	old = wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session);
+	old = wolfSSL_SESSION_get_ex_data(sess, TLS_SESSION_EX_IDX);
 	if (old) {
 		wpa_printf(MSG_DEBUG, "wolfSSL: Replacing old success data %p",
 			   old);
 		wpabuf_free(old);
 	}
-	if (wolfSSL_SESSION_set_ex_data(sess, tls_ex_idx_session, data) != 1)
+	if (wolfSSL_SESSION_set_ex_data(sess, TLS_SESSION_EX_IDX, data) != 1)
 		goto fail;
 
 	wpa_printf(MSG_DEBUG, "wolfSSL: Stored success data %p", data);
@@ -2390,7 +2394,7 @@  tls_connection_get_success_data(struct tls_connection *conn)
 	sess = wolfSSL_get_session(conn->ssl);
 	if (!sess)
 		return NULL;
-	return wolfSSL_SESSION_get_ex_data(sess, tls_ex_idx_session);
+	return wolfSSL_SESSION_get_ex_data(sess, TLS_SESSION_EX_IDX);
 }

[03/24] wolfssl: use defines for ex_data access

Commit Message

Patch