wolfSSL: Fix wrong types in tls_wolfssl.c

wolfSSL_X509_get_ext_d2i() returns STACK_OF(GENERAL_NAME)* for
ALT_NAMES_OID therefore wolfSSL_sk_value needs to expect a
WOLFSSL_GENERAL_NAME*.

In addition, explicitly check for NULL return from wolfSSL_sk_value().

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>

diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 11e658220589509526ca270414e5307a77057d90..b8a7665fd6e9ce3024ee7ceacd94d4d010c76484 100644 (file)
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -19,6 +19,7 @@
 #include <wolfssl/ssl.h>
 #include <wolfssl/error-ssl.h>
 #include <wolfssl/wolfcrypt/asn.h>
+#include <wolfssl/openssl/x509v3.h>
 
 #if defined(EAP_FAST) || defined(EAP_FAST_DYNAMIC) || defined(EAP_SERVER_FAST)
 #define HAVE_AESGCM
@@ -576,7 +577,7 @@ static int tls_connection_private_key(void *tls_ctx,
 static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type,
                                           const char *value, size_t len)
 {
-       WOLFSSL_ASN1_OBJECT *gen;
+       WOLFSSL_GENERAL_NAME *gen;
        void *ext;
        int found = 0;
        int i;
@@ -585,14 +586,15 @@ static int tls_match_alt_subject_component(WOLFSSL_X509 *cert, int type,
 
        for (i = 0; ext && i < wolfSSL_sk_num(ext); i++) {
                gen = wolfSSL_sk_value(ext, i);
-               if (gen->type != type)
+               if (!gen || gen->type != type)
                        continue;
-               if (os_strlen((char *) gen->obj) == len &&
-                   os_memcmp(value, gen->obj, len) == 0)
+               if ((size_t) wolfSSL_ASN1_STRING_length(gen->d.ia5) == len &&
+                   os_memcmp(value, wolfSSL_ASN1_STRING_data(gen->d.ia5),
+                             len) == 0)
                        found++;
        }
 
-       wolfSSL_sk_ASN1_OBJECT_free(ext);
+       wolfSSL_sk_GENERAL_NAME_free(ext);
 
        return found;
 }
@@ -676,7 +678,7 @@ static int domain_suffix_match(const char *val, size_t len, const char *match,
 static int tls_match_suffix_helper(WOLFSSL_X509 *cert, const char *match,
                                   size_t match_len, int full)
 {
-       WOLFSSL_ASN1_OBJECT *gen;
+       WOLFSSL_GENERAL_NAME *gen;
        void *ext;
        int i;
        int j;
@@ -690,21 +692,23 @@ static int tls_match_suffix_helper(WOLFSSL_X509 *cert, const char *match,
 
        for (j = 0; ext && j < wolfSSL_sk_num(ext); j++) {
                gen = wolfSSL_sk_value(ext, j);
-               if (gen->type != ASN_DNS_TYPE)
+               if (!gen || gen->type != ASN_DNS_TYPE)
                        continue;
                dns_name++;
                wpa_hexdump_ascii(MSG_DEBUG, "TLS: Certificate dNSName",
-                                 gen->obj, os_strlen((char *)gen->obj));
-               if (domain_suffix_match((const char *) gen->obj,
-                                       os_strlen((char *) gen->obj), match,
-                                       match_len, full) == 1) {
+                                 wolfSSL_ASN1_STRING_data(gen->d.ia5),
+                                 wolfSSL_ASN1_STRING_length(gen->d.ia5));
+               if (domain_suffix_match(
+                           (const char *) wolfSSL_ASN1_STRING_data(gen->d.ia5),
+                           wolfSSL_ASN1_STRING_length(gen->d.ia5), match,
+                           match_len, full) == 1) {
                        wpa_printf(MSG_DEBUG, "TLS: %s in dNSName found",
                                   full ? "Match" : "Suffix match");
                        wolfSSL_sk_ASN1_OBJECT_free(ext);
                        return 1;
                }
        }
-       wolfSSL_sk_ASN1_OBJECT_free(ext);
+       wolfSSL_sk_GENERAL_NAME_free(ext);
 
        if (dns_name) {
                wpa_printf(MSG_DEBUG, "TLS: None of the dNSName(s) matched");
@@ -858,7 +862,7 @@ static void wolfssl_tls_cert_event(struct tls_connection *conn,
        struct tls_context *context = conn->context;
        char *alt_subject[TLS_MAX_ALT_SUBJECT];
        int alt, num_alt_subject = 0;
-       WOLFSSL_ASN1_OBJECT *gen;
+       WOLFSSL_GENERAL_NAME *gen;
        void *ext;
        int i;
 #ifdef CONFIG_SHA256
@@ -899,12 +903,14 @@ static void wolfssl_tls_cert_event(struct tls_connection *conn,
                if (num_alt_subject == TLS_MAX_ALT_SUBJECT)
                        break;
                gen = wolfSSL_sk_value((void *) ext, i);
-               if (gen->type != GEN_EMAIL &&
-                   gen->type != GEN_DNS &&
-                   gen->type != GEN_URI)
+               if (!gen ||
+                   (gen->type != GEN_EMAIL &&
+                    gen->type != GEN_DNS &&
+                    gen->type != GEN_URI))
                        continue;
 
-               pos = os_malloc(10 + os_strlen((char *) gen->obj) + 1);
+               pos = os_malloc(10 + wolfSSL_ASN1_STRING_length(gen->d.ia5) +
+                               1);
                if (!pos)
                        break;
                alt_subject[num_alt_subject++] = pos;
@@ -924,11 +930,12 @@ static void wolfssl_tls_cert_event(struct tls_connection *conn,
                        break;
                }
 
-               os_memcpy(pos, gen->obj, os_strlen((char *)gen->obj));
-               pos += os_strlen((char *)gen->obj);
+               os_memcpy(pos, wolfSSL_ASN1_STRING_data(gen->d.ia5),
+                         wolfSSL_ASN1_STRING_length(gen->d.ia5));
+               pos += wolfSSL_ASN1_STRING_length(gen->d.ia5);
                *pos = '\0';
        }
-       wolfSSL_sk_ASN1_OBJECT_free(ext);
+       wolfSSL_sk_GENERAL_NAME_free(ext);
 
        for (alt = 0; alt < num_alt_subject; alt++)
                ev.peer_cert.altsubject[alt] = alt_subject[alt];