/* empties out the error queue into the file */ void wc_ERR_print_errors_fp(FILE* fp) { WOLFSSL_ENTER("wc_ERR_print_errors_fp"); if (wc_LockMutex(&debug_mutex) != 0) { WOLFSSL_MSG("Lock debug mutex failed"); } else { /* free all nodes from error queue and print them to file */ { struct wc_error_queue* current; struct wc_error_queue* next; current = (struct wc_error_queue*)wc_errors; while (current != NULL) { next = current->next; fprintf(fp, "%s\n", current->error); XFREE(current, current->heap, DYNAMIC_TYPE_LOG); current = next; } /* set global pointers to match having been freed */ wc_errors = NULL; wc_last_node = NULL; } wc_UnLockMutex(&debug_mutex); } }
static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request, OcspEntry** entry) { WOLFSSL_ENTER("GetOcspEntry"); *entry = NULL; if (wc_LockMutex(&ocsp->ocspLock) != 0) { WOLFSSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E); return BAD_MUTEX_E; } for (*entry = ocsp->ocspList; *entry; *entry = (*entry)->next) if (XMEMCMP((*entry)->issuerHash, request->issuerHash, OCSP_DIGEST_SIZE) == 0 && XMEMCMP((*entry)->issuerKeyHash, request->issuerKeyHash, OCSP_DIGEST_SIZE) == 0) break; if (*entry == NULL) { *entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), ocsp->cm->heap, DYNAMIC_TYPE_OCSP_ENTRY); if (*entry) { InitOcspEntry(*entry, request); (*entry)->next = ocsp->ocspList; ocsp->ocspList = *entry; } } wc_UnLockMutex(&ocsp->ocspLock); return *entry ? 0 : MEMORY_ERROR; }
/*********** Invoke Forground Command *********************/ static void command_invoke(void *args) { void (*func)(void * ) ; int i,iteration ; func = (void(*)(void *))((func_args *)args)->argv[0] ; #ifdef HAVE_KEIL_RTX wc_LockMutex((wolfSSL_Mutex *)&command_mutex) ; #endif iteration = for_iteration ; for(i=0; i< iteration; i++) { if(iteration > 1) printf("--- Start for %d ---->\n", i) ; #if defined(HAVE_KEIL_RTX) stack_fill(command_stack, COMMAND_STACK_SIZE) ; #endif func(args) ; /* invoke command */ #if defined(HAVE_KEIL_RTX) stack_check(command_stack, COMMAND_STACK_SIZE) ; #endif } if(iteration > 1) for_iteration = 1 ; #ifdef HAVE_KEIL_RTX wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ; os_tsk_delete_self() ; #endif }
/* Add Decoded CRL, 0 on success */ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl) { CRL_Entry* crle; WOLFSSL_ENTER("AddCRL"); crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), crl->heap, DYNAMIC_TYPE_CRL_ENTRY); if (crle == NULL) { WOLFSSL_MSG("alloc CRL Entry failed"); return -1; } if (InitCRL_Entry(crle, dcrl) < 0) { WOLFSSL_MSG("Init CRL Entry failed"); XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); return -1; } if (wc_LockMutex(&crl->crlLock) != 0) { WOLFSSL_MSG("wc_LockMutex failed"); FreeCRL_Entry(crle, crl->heap); XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY); return BAD_MUTEX_E; } crle->next = crl->crlList; crl->crlList = crle; wc_UnLockMutex(&crl->crlLock); return 0; }
/*********** Invoke Forground Command *********************/ static void command_invoke(void const *args) { void (*func)(void const * ) ; int i,iteration ; func = (void(*)(void const *))((func_args *)args)->argv[0] ; #if defined(HAVE_KEIL_RTX) wc_LockMutex((wolfSSL_Mutex *)&command_mutex) ; #endif iteration = for_iteration ; for(i=0; i< iteration; i++) { if(iteration > 1) printf("--- Start for %d ---->\n", i) ; #if defined(HAVE_KEIL_RTX) && !defined(WOLFSSL_CMSIS_RTOS) stack_fill(command_stack, COMMAND_STACK_SIZE) ; #endif func(args) ; /* invoke command */ #if defined(HAVE_KEIL_RTX)&& !defined(WOLFSSL_CMSIS_RTOS) stack_check(command_stack, COMMAND_STACK_SIZE) ; #endif } if(iteration > 1) for_iteration = 1 ; osDelay(20000) ; #ifdef HAVE_KEIL_RTX wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ; #ifdef WOLFSSL_CMSIS_RTOS osThreadTerminate(osThreadGetId()) ; #else os_tsk_delete_self() ; #endif #endif }
/* Removes the error node at the specified index. * idx : if -1 then the most recent node is looked at, otherwise search * through queue for node at the given index */ void wc_RemoveErrorNode(int idx) { struct wc_error_queue* current; if (wc_LockMutex(&debug_mutex) != 0) { WOLFSSL_MSG("Lock debug mutex failed"); return; } if (idx == -1) current = wc_last_node; else { current = (struct wc_error_queue*)wc_errors; for (; current != NULL && idx > 0; idx--) current = current->next; } if (current != NULL) { if (current->prev != NULL) current->prev->next = current->next; if (wc_last_node == current) wc_last_node = current->prev; if (wc_errors == current) wc_errors = current->next; XFREE(current, current->heap, DYNAMIC_TYPE_LOG); } wc_UnLockMutex(&debug_mutex); }
static THREAD_RETURN WOLFSSH_THREAD server_worker(void* vArgs) { int ret = 0; thread_ctx_t* threadCtx = (thread_ctx_t*)vArgs; if (!threadCtx->nonBlock) ret = wolfSSH_accept(threadCtx->ssh); else ret = NonBlockSSH_accept(threadCtx->ssh); switch (ret) { case WS_SCP_COMPLETE: printf("scp file transfer completed\n"); ret = 0; break; case WS_SFTP_COMPLETE: #ifdef WOLFSSH_SFTP ret = sftp_worker(threadCtx); #else err_sys("SFTP not compiled in. Please use --enable-sftp"); #endif break; case WS_SUCCESS: ret = ssh_worker(threadCtx); break; } if (ret == WS_FATAL_ERROR && wolfSSH_get_error(threadCtx->ssh) == WS_VERSION_E) { ret = 0; /* don't break out of loop with version miss match */ printf("Unsupported version error\n"); } if (wolfSSH_shutdown(threadCtx->ssh) != WS_SUCCESS) { fprintf(stderr, "Error with SSH shutdown.\n"); } WCLOSESOCKET(threadCtx->fd); wolfSSH_free(threadCtx->ssh); if (ret != 0) { fprintf(stderr, "Error [%d] \"%s\" with handling connection.\n", ret, wolfSSH_ErrorToName(ret)); #ifndef WOLFSSH_NO_EXIT wc_LockMutex(&doneLock); quit = 1; wc_UnLockMutex(&doneLock); #endif } free(threadCtx); return 0; }
int wc_SetLoggingHeap(void* h) { if (wc_LockMutex(&debug_mutex) != 0) { WOLFSSL_MSG("Lock debug mutex failed"); return BAD_MUTEX_E; } wc_error_heap = h; wc_UnLockMutex(&debug_mutex); return 0; }
int wolfSSL_CryptHwMutexLock(void) { int ret = BAD_MUTEX_E; /* Make sure HW Mutex has been initialized */ wolfSSL_CryptHwMutexInit(); if(wcCryptHwMutexInit) { ret = wc_LockMutex(&wcCryptHwMutex); } return ret; }
/********* SHEULL MAIN LOOP ***********************************/ void shell_main(void) { int i ; func_args args ; int bf_flg ; i = BackGround ; /* Dummy for avoiding warning: BackGround is defined but not used. */ #if defined(HAVE_KEIL_RTX) wc_InitMutex(&command_mutex) ; #endif printf("Starting Shell\n") ; while(1) { if(getline(line, LINESIZE, &args, &bf_flg) > 0) { for(i=0; commandTable[i].func != NULL; i++) { if(strcmp(commandTable[i].command, args.argv[0]) == 0) { args.argv[0] = (char *) commandTable[i].func ; if(bf_flg == FORGROUND) { #ifdef HAVE_KEIL_RTX wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ; os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7, command_stack, COMMAND_STACK_SIZE, &args) ; #else command_invoke(&args) ; #endif #ifdef HAVE_KEIL_RTX wc_LockMutex((wolfSSL_Mutex *)&command_mutex) ; #endif } else { #if (!defined(NO_SIMPLE_SERVER) && \ !defined(NO_ECHOSERVER)) && \ defined(HAVE_KEIL_RTX) if(BackGround != 0) { printf("Multiple background servers not supported.\n") ; } else { printf("\"%s\" is running with the background mode.\n", commandTable[i].command) ; os_tsk_create_user_ex( (void(*)(void *))&bg_job_invoke, 6, bg_job_stack, BG_JOB_STACK_SIZE, &args) ; } #else printf("Invalid Command: no background job\n") ; #endif } break ; } } if(commandTable[i].func == NULL) printf("Command not found\n") ; } } }
/* peek at an error node * * idx : if -1 then the most recent node is looked at, otherwise search * through queue for node at the given index * file : pointer to internal file string * reason : pointer to internal error reason * line : line number that error happened at * * Returns a negative value in error case, on success returns the nodes error * value which is positve (absolute value) */ int wc_PeekErrorNode(int idx, const char **file, const char **reason, int *line) { struct wc_error_queue* err; if (wc_LockMutex(&debug_mutex) != 0) { WOLFSSL_MSG("Lock debug mutex failed"); return BAD_MUTEX_E; } if (idx < 0) { err = wc_last_node; if (err == NULL) { WOLFSSL_MSG("No Errors in queue"); wc_UnLockMutex(&debug_mutex); return BAD_STATE_E; } } else { int i; err = (struct wc_error_queue*)wc_errors; for (i = 0; i < idx; i++) { if (err == NULL) { WOLFSSL_MSG("Error node not found. Bad index?"); wc_UnLockMutex(&debug_mutex); return BAD_FUNC_ARG; } err = err->next; } } if (file != NULL) { *file = err->file; } if (reason != NULL) { *reason = err->error; } if (line != NULL) { *line = err->line; } wc_UnLockMutex(&debug_mutex); return err->value; }
static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request, OcspEntry* entry, CertStatus** status, buffer* responseBuffer) { int ret = OCSP_INVALID_STATUS; WOLFSSL_ENTER("GetOcspStatus"); *status = NULL; if (wc_LockMutex(&ocsp->ocspLock) != 0) { WOLFSSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E); return BAD_MUTEX_E; } for (*status = entry->status; *status; *status = (*status)->next) if ((*status)->serialSz == request->serialSz && !XMEMCMP((*status)->serial, request->serial, (*status)->serialSz)) break; if (responseBuffer && *status && !(*status)->rawOcspResponse) { /* force fetching again */ ret = OCSP_INVALID_STATUS; } else if (*status) { if (ValidateDate((*status)->thisDate, (*status)->thisDateFormat, BEFORE) && ((*status)->nextDate[0] != 0) && ValidateDate((*status)->nextDate, (*status)->nextDateFormat, AFTER)) { ret = xstat2err((*status)->status); if (responseBuffer) { responseBuffer->buffer = (byte*)XMALLOC( (*status)->rawOcspResponseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (responseBuffer->buffer) { responseBuffer->length = (*status)->rawOcspResponseSz; XMEMCPY(responseBuffer->buffer, (*status)->rawOcspResponse, (*status)->rawOcspResponseSz); } } } } wc_UnLockMutex(&ocsp->ocspLock); return ret; }
/* Start Monitoring the CRL path(s) in a thread */ static int StartMonitorCRL(WOLFSSL_CRL* crl) { int ret = SSL_SUCCESS; WOLFSSL_ENTER("StartMonitorCRL"); if (crl == NULL) return BAD_FUNC_ARG; if (crl->tid != 0) { WOLFSSL_MSG("Monitor thread already running"); return ret; /* that's ok, someone already started */ } if (pthread_create(&crl->tid, NULL, DoMonitor, crl) != 0) { WOLFSSL_MSG("Thread creation error"); return THREAD_CREATE_E; } /* wait for setup to complete */ if (wc_LockMutex(&crl->crlLock) != 0) { WOLFSSL_MSG("wc_LockMutex crlLock error"); return BAD_MUTEX_E; } while (crl->setup == 0) { if (pthread_cond_wait(&crl->cond, &crl->crlLock) != 0) { ret = BAD_COND_E; break; } } if (crl->setup < 0) ret = crl->setup; /* store setup error */ wc_UnLockMutex(&crl->crlLock); if (ret < 0) { WOLFSSL_MSG("DoMonitor setup failure"); crl->tid = 0; /* thread already done */ } return ret; }
/* Signal Monitor thread is setup, save status to setup flag, 0 on success */ static int SignalSetup(WOLFSSL_CRL* crl, int status) { int ret; /* signal to calling thread we're setup */ if (wc_LockMutex(&crl->crlLock) != 0) { WOLFSSL_MSG("wc_LockMutex crlLock failed"); return BAD_MUTEX_E; } crl->setup = status; ret = pthread_cond_signal(&crl->cond); wc_UnLockMutex(&crl->crlLock); if (ret != 0) return BAD_COND_E; return 0; }
/* Clears out the list of error nodes. */ void wc_ClearErrorNodes(void) { if (wc_LockMutex(&debug_mutex) != 0) { WOLFSSL_MSG("Lock debug mutex failed"); return; } /* free all nodes from error queue */ { struct wc_error_queue* current; struct wc_error_queue* next; current = (struct wc_error_queue*)wc_errors; while (current != NULL) { next = current->next; XFREE(current, current->heap, DYNAMIC_TYPE_LOG); current = next; } } wc_errors = NULL; wc_last_node = NULL; wc_UnLockMutex(&debug_mutex); }
void WOLFSSL_ERROR(int error) #endif { #if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_NGINX) if (loggingEnabled && error != WC_PENDING_E) #endif { char buffer[80]; #if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) (void)usrCtx; /* a user ctx for future flexibility */ (void)func; if (wc_LockMutex(&debug_mutex) != 0) { WOLFSSL_MSG("Lock debug mutex failed"); sprintf(buffer, "wolfSSL error occurred, error = %d", error); } else { if (error < 0) error = error - (2*error); /*get absolute value*/ sprintf(buffer, "wolfSSL error occurred, error = %d line:%d file:%s", error, line, file); if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) { WOLFSSL_MSG("Error creating logging node"); /* with void function there is no return here, continue on * to unlock mutex and log what buffer was created. */ } wc_UnLockMutex(&debug_mutex); } #else sprintf(buffer, "wolfSSL error occurred, error = %d", error); #endif #ifdef DEBUG_WOLFSSL wolfssl_log(ERROR_LOG , buffer); #endif } }
static THREAD_RET readInput(void* in) { byte buf[256]; int bufSz = sizeof(buf); thread_args* args = (thread_args*)in; int ret = 0; word32 sz = 0; #ifdef USE_WINDOWS_API HANDLE stdinHandle = GetStdHandle(STD_INPUT_HANDLE); #endif while (ret >= 0) { WMEMSET(buf, 0, bufSz); #ifdef USE_WINDOWS_API /* Using A version to avoid potential 2 byte chars */ ret = ReadConsoleA(stdinHandle, (void*)buf, bufSz - 1, (DWORD*)&sz, NULL); #else ret = (int)read(STDIN_FILENO, buf, bufSz -1); sz = (word32)ret; #endif if (ret <= 0) { err_sys("Error reading stdin"); } /* lock SSH structure access */ wc_LockMutex(&args->lock); ret = wolfSSH_stream_send(args->ssh, buf, sz); wc_UnLockMutex(&args->lock); if (ret <= 0) err_sys("Couldn't send data"); } #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif return THREAD_RET_SUCCESS; }
/* 0 on success */ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest, buffer* responseBuffer) { OcspEntry* entry = NULL; CertStatus* status = NULL; byte* request = NULL; int requestSz = 2048; int responseSz = 0; byte* response = NULL; const char* url = NULL; int urlSz = 0; int ret = -1; int validated = 0; /* ocsp validation flag */ #ifdef WOLFSSL_SMALL_STACK CertStatus* newStatus; OcspResponse* ocspResponse; #else CertStatus newStatus[1]; OcspResponse ocspResponse[1]; #endif WOLFSSL_ENTER("CheckOcspRequest"); if (responseBuffer) { responseBuffer->buffer = NULL; responseBuffer->length = 0; } ret = GetOcspEntry(ocsp, ocspRequest, &entry); if (ret != 0) return ret; ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer); if (ret != OCSP_INVALID_STATUS) return ret; if (ocsp->cm->ocspUseOverrideURL) { url = ocsp->cm->ocspOverrideURL; if (url != NULL && url[0] != '\0') urlSz = (int)XSTRLEN(url); else return OCSP_NEED_URL; } else if (ocspRequest->urlSz != 0 && ocspRequest->url != NULL) { url = (const char *)ocspRequest->url; urlSz = ocspRequest->urlSz; } else { /* cert doesn't have extAuthInfo, assuming CERT_GOOD */ return 0; } request = (byte*)XMALLOC(requestSz, ocsp->cm->heap, DYNAMIC_TYPE_OCSP); if (request == NULL) { WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR); return MEMORY_ERROR; } #ifdef WOLFSSL_SMALL_STACK newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, DYNAMIC_TYPE_TMP_BUFFER); ocspResponse = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL, DYNAMIC_TYPE_TMP_BUFFER); if (newStatus == NULL || ocspResponse == NULL) { if (newStatus) XFREE(newStatus, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (ocspResponse) XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(request, NULL, DYNAMIC_TYPE_OCSP); WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR); return MEMORY_E; } #endif requestSz = EncodeOcspRequest(ocspRequest, request, requestSz); if (requestSz > 0 && ocsp->cm->ocspIOCb) { responseSz = ocsp->cm->ocspIOCb(ocsp->cm->ocspIOCtx, url, urlSz, request, requestSz, &response); } if (responseSz >= 0 && response) { XMEMSET(newStatus, 0, sizeof(CertStatus)); InitOcspResponse(ocspResponse, newStatus, response, responseSz); if (OcspResponseDecode(ocspResponse, ocsp->cm, ocsp->cm->heap) != 0) { WOLFSSL_MSG("OcspResponseDecode failed"); } else if (ocspResponse->responseStatus != OCSP_SUCCESSFUL) { WOLFSSL_MSG("OcspResponse status bad"); } else { if (CompareOcspReqResp(ocspRequest, ocspResponse) == 0) { if (responseBuffer) { responseBuffer->buffer = (byte*)XMALLOC(responseSz, ocsp->cm->heap, DYNAMIC_TYPE_TMP_BUFFER); if (responseBuffer->buffer) { responseBuffer->length = responseSz; XMEMCPY(responseBuffer->buffer, response, responseSz); } } /* only way to get to good state */ ret = xstat2err(ocspResponse->status->status); if (ret == 0) { validated = 1; } if (wc_LockMutex(&ocsp->ocspLock) != 0) ret = BAD_MUTEX_E; else { if (status != NULL) { if (status->rawOcspResponse) XFREE(status->rawOcspResponse, ocsp->cm->heap, DYNAMIC_TYPE_OCSP_STATUS); /* Replace existing certificate entry with updated */ XMEMCPY(status, newStatus, sizeof(CertStatus)); } else { /* Save new certificate entry */ status = (CertStatus*)XMALLOC(sizeof(CertStatus), ocsp->cm->heap, DYNAMIC_TYPE_OCSP_STATUS); if (status != NULL) { XMEMCPY(status, newStatus, sizeof(CertStatus)); status->next = entry->status; entry->status = status; entry->totalStatus++; } } if (status && responseBuffer && responseBuffer->buffer) { status->rawOcspResponse = (byte*)XMALLOC( responseBuffer->length, ocsp->cm->heap, DYNAMIC_TYPE_OCSP_STATUS); if (status->rawOcspResponse) { status->rawOcspResponseSz = responseBuffer->length; XMEMCPY(status->rawOcspResponse, responseBuffer->buffer, responseBuffer->length); } } wc_UnLockMutex(&ocsp->ocspLock); } } } } #ifdef WOLFSSL_SMALL_STACK XFREE(newStatus, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(ocspResponse, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif if (response != NULL && ocsp->cm->ocspRespFreeCb) ocsp->cm->ocspRespFreeCb(ocsp->cm->ocspIOCtx, response); if (ret == 0 && validated == 1) { WOLFSSL_MSG("New OcspResponse validated"); } else { ret = OCSP_LOOKUP_FAIL; } WOLFSSL_LEAVE("CheckOcspRequest", ret); return ret; }
/* Is the cert ok with CRL, return 0 on success */ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert) { CRL_Entry* crle; int foundEntry = 0; int ret = 0; WOLFSSL_ENTER("CheckCertCRL"); if (wc_LockMutex(&crl->crlLock) != 0) { WOLFSSL_MSG("wc_LockMutex failed"); return BAD_MUTEX_E; } crle = crl->crlList; while (crle) { if (XMEMCMP(crle->issuerHash, cert->issuerHash, CRL_DIGEST_SIZE) == 0) { int doNextDate = 1; WOLFSSL_MSG("Found CRL Entry on list"); WOLFSSL_MSG("Checking next date validity"); #ifdef WOLFSSL_NO_CRL_NEXT_DATE if (crle->nextDateFormat == ASN_OTHER_TYPE) doNextDate = 0; /* skip */ #endif if (doNextDate && !ValidateDate(crle->nextDate, crle->nextDateFormat, AFTER)) { WOLFSSL_MSG("CRL next date is no longer valid"); ret = ASN_AFTER_DATE_E; } else foundEntry = 1; break; } crle = crle->next; } if (foundEntry) { RevokedCert* rc = crle->certs; while (rc) { if (XMEMCMP(rc->serialNumber, cert->serial, rc->serialSz) == 0) { WOLFSSL_MSG("Cert revoked"); ret = CRL_CERT_REVOKED; break; } rc = rc->next; } } wc_UnLockMutex(&crl->crlLock); if (foundEntry == 0) { WOLFSSL_MSG("Couldn't find CRL for status check"); ret = CRL_MISSING; if (crl->cm->cbMissingCRL) { char url[256]; WOLFSSL_MSG("Issuing missing CRL callback"); url[0] = '\0'; if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) { XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz); url[cert->extCrlInfoSz] = '\0'; } else { WOLFSSL_MSG("CRL url too long"); } crl->cm->cbMissingCRL(url); } } return ret; }
/* read in new CRL entries and save new list */ static int SwapLists(WOLFSSL_CRL* crl) { int ret; CRL_Entry* newList; #ifdef WOLFSSL_SMALL_STACK WOLFSSL_CRL* tmp; #else WOLFSSL_CRL tmp[1]; #endif #ifdef WOLFSSL_SMALL_STACK tmp = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), NULL, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) return MEMORY_E; #endif if (InitCRL(tmp, crl->cm) < 0) { WOLFSSL_MSG("Init tmp CRL failed"); #ifdef WOLFSSL_SMALL_STACK XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return -1; } if (crl->monitors[0].path) { ret = LoadCRL(tmp, crl->monitors[0].path, SSL_FILETYPE_PEM, 0); if (ret != SSL_SUCCESS) { WOLFSSL_MSG("PEM LoadCRL on dir change failed"); FreeCRL(tmp, 0); #ifdef WOLFSSL_SMALL_STACK XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return -1; } } if (crl->monitors[1].path) { ret = LoadCRL(tmp, crl->monitors[1].path, SSL_FILETYPE_ASN1, 0); if (ret != SSL_SUCCESS) { WOLFSSL_MSG("DER LoadCRL on dir change failed"); FreeCRL(tmp, 0); #ifdef WOLFSSL_SMALL_STACK XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return -1; } } if (wc_LockMutex(&crl->crlLock) != 0) { WOLFSSL_MSG("wc_LockMutex failed"); FreeCRL(tmp, 0); #ifdef WOLFSSL_SMALL_STACK XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return -1; } newList = tmp->crlList; /* swap lists */ tmp->crlList = crl->crlList; crl->crlList = newList; wc_UnLockMutex(&crl->crlLock); FreeCRL(tmp, 0); #ifdef WOLFSSL_SMALL_STACK XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif return 0; }
static THREAD_RET readPeer(void* in) { byte buf[80]; int bufSz = sizeof(buf); thread_args* args = (thread_args*)in; int ret = 0; int fd = wolfSSH_get_fd(args->ssh); word32 bytes; #ifdef USE_WINDOWS_API HANDLE stdoutHandle = GetStdHandle(STD_OUTPUT_HANDLE); #endif fd_set readSet; fd_set errSet; FD_ZERO(&readSet); FD_ZERO(&errSet); FD_SET(fd, &readSet); FD_SET(fd, &errSet); while (ret >= 0) { bytes = select(fd + 1, &readSet, NULL, &errSet, NULL); wc_LockMutex(&args->lock); while (bytes > 0 && (FD_ISSET(fd, &readSet) || FD_ISSET(fd, &errSet))) { /* there is something to read off the wire */ WMEMSET(buf, 0, bufSz); ret = wolfSSH_stream_read(args->ssh, buf, bufSz - 1); if (ret == WS_EXTDATA) { /* handle extended data */ do { WMEMSET(buf, 0, bufSz); ret = wolfSSH_extended_data_read(args->ssh, buf, bufSz - 1); if (ret < 0) err_sys("Extended data read failed."); buf[bufSz - 1] = '\0'; fprintf(stderr, "%s", buf); } while (ret > 0); } else if (ret <= 0) { if (ret != WS_EOF) { err_sys("Stream read failed."); } } else { buf[bufSz - 1] = '\0'; #ifdef USE_WINDOWS_API if (args->rawMode == 0) { ret = wolfSSH_ConvertConsole(args->ssh, stdoutHandle, buf, ret); if (ret != WS_SUCCESS && ret != WS_WANT_READ) { err_sys("issue with print out"); } if (ret == WS_WANT_READ) { ret = 0; } } else { printf("%s", buf); fflush(stdout); } #else printf("%s", buf); fflush(stdout); #endif } if (wolfSSH_stream_peek(args->ssh, buf, bufSz) <= 0) { bytes = 0; /* read it all */ } } wc_UnLockMutex(&args->lock); } #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) wc_ecc_fp_free(); /* free per thread cache */ #endif return THREAD_RET_SUCCESS; }
void wolfSSL_TI_lockCCM(void) { #ifndef TI_DUMMY_BUILD wc_LockMutex(&TI_CCM_Mutex); #endif }