| Message ID | 20240404181630.2431991-14-juliusz@wolfssl.com |
|---|---|
| State | Accepted |
| Headers | show
Return-Path:
<hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
dkim=pass (2048-bit key;
secure) header.d=lists.infradead.org header.i=@lists.infradead.org
header.a=rsa-sha256 header.s=bombadil.20210309 header.b=jFTyZSsu;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=wolfssl-com.20230601.gappssmtp.com
header.i=@wolfssl-com.20230601.gappssmtp.com header.a=rsa-sha256
header.s=20230601 header.b=bC2zkYto;
dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
spf=none (no SPF record) smtp.mailfrom=lists.infradead.org
(client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;
envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
receiver=patchwork.ozlabs.org)
Received: from bombadil.infradead.org (bombadil.infradead.org
[IPv6:2607:7c80:54:3::133])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
(No client certificate requested)
by legolas.ozlabs.org (Postfix) with ESMTPS id 4V9VH85CBRz1yYf
for <incoming@patchwork.ozlabs.org>; Fri, 5 Apr 2024 05:18:28 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=lists.infradead.org; s=bombadil.20210309; h=Sender:
Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:
Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
List-Owner; bh=KNv4Kp2aqNipRyd2uMGVxyA92RUK4U2Y3d+6aK9EjAU=; b=jFTyZSsuT0C5O0
if2W6Yl9WIhj8X5kXH+A7r3MEjwxz/KTp4NJ4RNTb+ogMF16a7evHI5DlXvwzWXI+xmRfHVgWPf/e
Dq2yQ1XGUZiZKkVl9g5T7RD8sRXB1sC5y1PUfVO2q32x8Z05oX3br+3Ke2WwbAgRaWiDhnn5utg+v
kr1zXN3kur5HnqQi26qmuqndlCPKV0dKWuPvBmz8WUq7bJi/8P1+8Gb+SerMA3Fw0SeP7DdJZlOpg
9GznqbBn/TX/Dg5ok2M0y6Tc5bPPhqcAy8axjh6FDCkmRtmzWM0PkJu6/yT3xLULt3yKhXGL7KzSr
/4cfp+Dphr5oXDiBOd0A==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
id 1rsRf6-00000003nTg-41Lo;
Thu, 04 Apr 2024 18:18:08 +0000
Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136])
by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
id 1rsReB-00000003mks-3tBB
for hostap@lists.infradead.org;
Thu, 04 Apr 2024 18:17:14 +0000
Received: by mail-lf1-x136.google.com with SMTP id
2adb3069b0e04-516d0c004b1so885031e87.2
for <hostap@lists.infradead.org>;
Thu, 04 Apr 2024 11:17:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=wolfssl-com.20230601.gappssmtp.com; s=20230601; t=1712254630;
x=1712859430; darn=lists.infradead.org;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:from:to:cc:subject:date
:message-id:reply-to;
bh=FwX/7vCBxX+jXGI1GaQ3SvhG4LDE3dAmeoJo7kP24Sw=;
b=bC2zkYtoKz8KimnjKhCt5nE/RxeHSybRdoi0faoM13XAEBt/IGGYUI/J5ZuCMsxIq0
NMfIJ/691HnfRFZ7nOA333ZOixKtAh0n/K+SN0duVV1wd4B/MRyqRM5/mfXGQnxW0+Dw
zaZ8Mdc657I3ZX7xdfVRKAs7Auyndq6iIJuF7tHGdBtYDKjASoC94Ku0M/1tUVH7GN3Q
zozYo55J4OPCsTrMbVixy5V1Ocs8z0vTUTjGFwM0QLu4XOUqjZIkKkik0u1VMyNGvwMe
EpwNpnqYPbkd5QpaPxe103yg+pxRDqzxkPN9RqCTc2dfpEn7VErXaxFgtW9oV0ANXWBo
HUTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1712254630; x=1712859430;
h=content-transfer-encoding:mime-version:references:in-reply-to
:message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
:subject:date:message-id:reply-to;
bh=FwX/7vCBxX+jXGI1GaQ3SvhG4LDE3dAmeoJo7kP24Sw=;
b=btN1Z2JmZP2q3ZphynudKB32qZgupSQ1kTnzTXjYAgxuHJW9NPfibRZQFKJQfa43Dc
2hFj62flPZD32FLocRrATfG1RkGtP06DGb5gbBTP7l7eTyhN787cw3hza3UFyAnXan/0
fXOXFJZBpya4wISp6cAbQ5UfCXZZq0nis/Zl0jpMEDDPg0J2tQMIdEyZJDyuWyUttrFa
ykr9ODO23g3zwQVX5v+W7G80epGYk36ddDUU1VgLU0CkcoRIadWTc0pKgD8Lf3Z63ohW
gB9pmq+lf6wIW2a2NwHAqoaZidb+y98owP/KZt3KB54U5RfAmE+IcoZWza1ZzJoPjey9
grpw==
X-Gm-Message-State: AOJu0Yy5GcTzgJVPm3plSkcXE2Cc1HnPZhFhK3ZyXWw9OExhdZuLyVT3
eSp8rEuJH2SLB8DoEBUyHQ+FonZhhgx/RVPoNlH4Izkb72cOwIBxqUJh+zLXuiShi94WmtlCzN0
rlRg=
X-Google-Smtp-Source:
AGHT+IECePhWi+XHUtJaCZ6YuizxfgKXjo4xMOPsdzvlUi/4QsJMeeu/HA9Xf3+7FCgr9ebYKQP9pg==
X-Received: by 2002:a2e:9dc2:0:b0:2d8:5815:4479 with SMTP id
x2-20020a2e9dc2000000b002d858154479mr78118ljj.44.1712254629735;
Thu, 04 Apr 2024 11:17:09 -0700 (PDT)
Received: from localhost.localdomain ([82.118.30.15])
by smtp.gmail.com with ESMTPSA id
dh26-20020a0564021d3a00b0056e0b358e86sm1976349edb.97.2024.04.04.11.17.08
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 04 Apr 2024 11:17:09 -0700 (PDT)
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
To: hostap@lists.infradead.org
Cc: Juliusz Sosinowicz <juliusz@wolfssl.com>
Subject: [PATCH 14/24] wolfssl: remove unnecessary WOLFSSL_X509_STORE
manipulation
Date: Thu, 4 Apr 2024 20:16:20 +0200
Message-Id: <20240404181630.2431991-14-juliusz@wolfssl.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com>
References: <20240404181630.2431991-1-juliusz@wolfssl.com>
MIME-Version: 1.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3
X-CRM114-CacheID: sfid-20240404_111712_386360_5443B775
X-CRM114-Status: GOOD ( 11.44 )
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software,
running on the system "bombadil.infradead.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Setting a new WOLFSSL_X509_STORE is not necessary when
calling
wolfSSL_CTX_load_verify_locations(). Signed-off-by: Juliusz Sosinowicz
<juliusz@wolfssl.com>
--- src/crypto/tls_wolfssl.c | 12 +++--------- 1 file changed,
3 insertions(+),
9 deletions(-)
Content analysis details: (0.0 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no
trust
[2a00:1450:4864:20:0:0:0:136 listed in]
[list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
-0.1 DKIM_VALID Message has at least one valid DKIM or DK
signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
<mailto:hostap-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
|
| Series |
[01/24] wolfssl: simplify tls_get_cipher
|
expand
|
diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index 4016b6a46b..f126c37479 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -1383,15 +1383,8 @@ static int tls_connection_ca_cert(void *tls_ctx, struct tls_connection *conn, } if (ca_cert || ca_path) { - WOLFSSL_X509_STORE *cm = wolfSSL_X509_STORE_new(); - - if (!cm) { - wpa_printf(MSG_INFO, - "SSL: failed to create certificate store"); - return -1; - } - wolfSSL_CTX_set_cert_store(ctx, cm); - + wpa_printf(MSG_DEBUG, "SSL: loading CA's from '%s' and '%s'", + ca_cert ? ca_cert : "N/A", ca_path ? ca_path : "N/A"); if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, ca_path) != SSL_SUCCESS) { wpa_printf(MSG_INFO, @@ -1408,6 +1401,7 @@ static int tls_connection_ca_cert(void *tls_ctx, struct tls_connection *conn, return -1; } } + wpa_printf(MSG_DEBUG, "SSL: Loaded ca_cert or ca_path"); return 0; }
Setting a new WOLFSSL_X509_STORE is not necessary when calling wolfSSL_CTX_load_verify_locations(). Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- src/crypto/tls_wolfssl.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-)