Skip to content

Commit b41bbac

Browse files
committed
OpenSSL compatibility for libpq
1 parent 18c9684 commit b41bbac

6 files changed

Lines changed: 105 additions & 3 deletions

File tree

src/internal.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2642,6 +2642,12 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
26422642

26432643
XMEMSET(ctx, 0, sizeof(WOLFSSL_CTX));
26442644

2645+
#ifdef WOLFSSL_VERIFY_NONE_DEFAULT
2646+
/* OpenSSL compat: default to SSL_VERIFY_NONE unless the app
2647+
* sets SSL_VERIFY_PEER. */
2648+
ctx->verifyNone = 1;
2649+
#endif
2650+
26452651
ctx->method = method;
26462652
if (heap == NULL) {
26472653
ctx->heap = ctx; /* defaults to self */

wolfssl/openssl/bio.h

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -188,6 +188,37 @@
188188
#define BIO_meth_set_create wolfSSL_BIO_meth_set_create
189189
#define BIO_meth_set_destroy wolfSSL_BIO_meth_set_destroy
190190

191+
#define WOLFSSL_BIO_TYPE_DESCRIPTOR 0x0100
192+
#define WOLFSSL_BIO_TYPE_SOURCE_SINK 0x0400
193+
194+
/* OpenSSL allocates a fresh BIO type index per call; wolfSSL
195+
* untracked, so return a fixed app-range index. */
196+
static WC_INLINE int wolfSSL_BIO_get_new_index(void) { return 1000; }
197+
198+
/* wolfSSL does not store these BIO method callbacks; getters
199+
* report none, set_callback_ctrl is a no-op. */
200+
static WC_INLINE void *
201+
wolfSSL_BIO_meth_get_gets(WOLFSSL_BIO_METHOD *m)
202+
{ (void)m; return NULL; }
203+
static WC_INLINE void *
204+
wolfSSL_BIO_meth_get_puts(WOLFSSL_BIO_METHOD *m)
205+
{ (void)m; return NULL; }
206+
static WC_INLINE void *
207+
wolfSSL_BIO_meth_get_ctrl(WOLFSSL_BIO_METHOD *m)
208+
{ (void)m; return NULL; }
209+
static WC_INLINE void *
210+
wolfSSL_BIO_meth_get_create(WOLFSSL_BIO_METHOD *m)
211+
{ (void)m; return NULL; }
212+
static WC_INLINE void *
213+
wolfSSL_BIO_meth_get_destroy(WOLFSSL_BIO_METHOD *m)
214+
{ (void)m; return NULL; }
215+
static WC_INLINE void *
216+
wolfSSL_BIO_meth_get_callback_ctrl(WOLFSSL_BIO_METHOD *m)
217+
{ (void)m; return NULL; }
218+
static WC_INLINE int
219+
wolfSSL_BIO_meth_set_callback_ctrl(WOLFSSL_BIO_METHOD *m, void *cb)
220+
{ (void)m; (void)cb; return 1; }
221+
191222
#define BIO_snprintf XSNPRINTF
192223

193224
/* BIO CTRL */

wolfssl/openssl/err.h

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,10 +38,21 @@
3838
#define WOLFSSL_SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 2
3939
#define WOLFSSL_SSL_F_SSL_USE_PRIVATEKEY 3
4040
#define WOLFSSL_EC_F_EC_GFP_SIMPLE_POINT2OCT 4
41+
#define WOLFSSL_SSL_F_SSL_SET_FD 5
4142

4243
/* reasons */
4344
#define WOLFSSL_ERR_R_SYS_LIB 1
4445
#define WOLFSSL_PKCS12_R_MAC_VERIFY_FAILURE 2
46+
#define WOLFSSL_ERR_R_BUF_LIB 0
47+
#define WOLFSSL_SSL_R_UNKNOWN_PROTOCOL 252
48+
#define WOLFSSL_SSL_R_WRONG_VERSION_NUMBER 267
49+
#define WOLFSSL_SSL_R_UNSUPPORTED_PROTOCOL 258
50+
#define WOLFSSL_SSL_R_NO_PROTOCOLS_AVAILABLE 194
51+
#define WOLFSSL_SSL_R_BAD_PROTOCOL_VERSION_NUMBER 182
52+
#define WOLFSSL_SSL_R_UNKNOWN_SSL_VERSION 254
53+
#define WOLFSSL_SSL_R_UNSUPPORTED_SSL_VERSION 259
54+
#define WOLFSSL_SSL_R_WRONG_SSL_VERSION 266
55+
#define WOLFSSL_SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
4556

4657
#ifndef OPENSSL_COEXIST
4758

wolfssl/openssl/hmac.h

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,12 @@
3737

3838
#include <wolfssl/openssl/compat_types.h>
3939
#include <wolfssl/openssl/opensslv.h>
40+
/* OpenSSL's hmac.h pulls in evp.h; mirror it, but only on standalone
41+
* include (WOLFSSL_SSL_H unset) to avoid an include cycle during
42+
* wolfssl/ssl.h's own parse. */
43+
#ifndef WOLFSSL_SSL_H
44+
#include <wolfssl/openssl/evp.h>
45+
#endif
4046

4147
#ifdef __cplusplus
4248
extern "C" {

wolfssl/openssl/objects.h

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,20 @@
7474
#define NID_ad_OCSP WC_NID_ad_OCSP
7575
#define NID_ad_ca_issuers WC_NID_ad_ca_issuers
7676

77+
/* OBJ_find_sigid_algs(): report SHA-256 / RSA for libpq's
78+
* RSA-with-SHA-256 channel binding. Literal NIDs (672, 6) is for
79+
* ASN is disabled. */
80+
#ifndef BUILDING_WOLFSSL
81+
static WC_INLINE int
82+
wolfSSL_OBJ_find_sigid_algs(int sigid, int *pdig, int *ppkey)
83+
{
84+
(void)sigid;
85+
if (pdig != NULL) *pdig = 672; /* NID_sha256 */
86+
if (ppkey != NULL) *ppkey = 6; /* NID_rsaEncryption */
87+
return 1;
88+
}
89+
#endif
90+
7791
#endif /* !OPENSSL_COEXIST */
7892

7993
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */

wolfssl/openssl/ssl.h

Lines changed: 37 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@
4444
#include <wolfssl/openssl/evp.h>
4545
#endif
4646
#include <wolfssl/openssl/bio.h>
47+
#include <wolfssl/openssl/err.h>
4748
#ifdef OPENSSL_EXTRA
4849
#include <wolfssl/openssl/crypto.h>
4950
#endif
@@ -1568,6 +1569,12 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
15681569
#define SSL_get_state wolfSSL_get_state
15691570
#define SSL_state_string_long wolfSSL_state_string_long
15701571

1572+
#define WOLFSSL_TLS_ST_OK 16
1573+
#define WOLFSSL_SSL_ST_OK WOLFSSL_TLS_ST_OK
1574+
#define TLS_ST_OK WOLFSSL_TLS_ST_OK
1575+
#define SSL_ST_OK WOLFSSL_SSL_ST_OK
1576+
#define SSL_F_SSL_SET_FD WOLFSSL_SSL_F_SSL_SET_FD
1577+
15711578
#define GENERAL_NAME_new wolfSSL_GENERAL_NAME_new
15721579
#define GENERAL_NAME_free wolfSSL_GENERAL_NAME_free
15731580
#define GENERAL_NAME_dup wolfSSL_GENERAL_NAME_dup
@@ -1738,16 +1745,43 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
17381745
#define SSL_R_DATA_LENGTH_TOO_LONG BUFFER_ERROR
17391746
#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG BUFFER_ERROR
17401747
#define SSL_R_BAD_LENGTH BUFFER_ERROR
1741-
#define SSL_R_UNKNOWN_PROTOCOL VERSION_ERROR
1742-
#define SSL_R_WRONG_VERSION_NUMBER VERSION_ERROR
1748+
#define SSL_R_UNKNOWN_PROTOCOL WOLFSSL_SSL_R_UNKNOWN_PROTOCOL
1749+
#define SSL_R_WRONG_VERSION_NUMBER WOLFSSL_SSL_R_WRONG_VERSION_NUMBER
17431750
#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC ENCRYPT_ERROR
17441751
#define SSL_R_HTTPS_PROXY_REQUEST PARSE_ERROR
17451752
#define SSL_R_HTTP_REQUEST PARSE_ERROR
1746-
#define SSL_R_UNSUPPORTED_PROTOCOL VERSION_ERROR
1753+
#define SSL_R_UNSUPPORTED_PROTOCOL WOLFSSL_SSL_R_UNSUPPORTED_PROTOCOL
1754+
#define SSL_R_NO_PROTOCOLS_AVAILABLE \
1755+
WOLFSSL_SSL_R_NO_PROTOCOLS_AVAILABLE
1756+
#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER \
1757+
WOLFSSL_SSL_R_BAD_PROTOCOL_VERSION_NUMBER
1758+
#define SSL_R_UNKNOWN_SSL_VERSION WOLFSSL_SSL_R_UNKNOWN_SSL_VERSION
1759+
#define SSL_R_UNSUPPORTED_SSL_VERSION \
1760+
WOLFSSL_SSL_R_UNSUPPORTED_SSL_VERSION
1761+
#define SSL_R_WRONG_SSL_VERSION WOLFSSL_SSL_R_WRONG_SSL_VERSION
1762+
#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION \
1763+
WOLFSSL_SSL_R_TLSV1_ALERT_PROTOCOL_VERSION
17471764
#define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR
17481765
#define SSL_R_CERT_CB_ERROR CLIENT_CERT_CB_ERROR
17491766
#define SSL_R_NULL_SSL_METHOD_PASSED BAD_FUNC_ARG
17501767
#define SSL_R_CCS_RECEIVED_EARLY OUT_OF_ORDER_E
1768+
#define ERR_R_BUF_LIB WOLFSSL_ERR_R_BUF_LIB
1769+
#define BIO_TYPE_DESCRIPTOR WOLFSSL_BIO_TYPE_DESCRIPTOR
1770+
#define BIO_TYPE_SOURCE_SINK WOLFSSL_BIO_TYPE_SOURCE_SINK
1771+
#define BIO_get_app_data(bio) wolfSSL_BIO_get_data(bio)
1772+
#define BIO_set_app_data(bio, data) \
1773+
wolfSSL_BIO_set_data((bio), (data))
1774+
#define BIO_get_new_index wolfSSL_BIO_get_new_index
1775+
#define BIO_meth_get_gets wolfSSL_BIO_meth_get_gets
1776+
#define BIO_meth_get_puts wolfSSL_BIO_meth_get_puts
1777+
#define BIO_meth_get_ctrl wolfSSL_BIO_meth_get_ctrl
1778+
#define BIO_meth_get_create wolfSSL_BIO_meth_get_create
1779+
#define BIO_meth_get_destroy wolfSSL_BIO_meth_get_destroy
1780+
#define BIO_meth_get_callback_ctrl wolfSSL_BIO_meth_get_callback_ctrl
1781+
#define BIO_meth_set_callback_ctrl wolfSSL_BIO_meth_set_callback_ctrl
1782+
#ifndef BUILDING_WOLFSSL
1783+
#define OBJ_find_sigid_algs wolfSSL_OBJ_find_sigid_algs
1784+
#endif
17511785

17521786
#ifdef HAVE_SESSION_TICKET
17531787
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72

0 commit comments

Comments
 (0)