Merge pull request #9570 from kareem-wolfssl/variousFixes

Add SSL_get_rfd and SSL_get_wfd.  Various documentation updates.

Author: dgarske

doc/dox_comments/header_files/coding.h

@@ -46,6 +46,8 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out,
     traditional ‘\n’ line endings, instead of escaped %0A line endings. Upon
     successfully completing, this function also sets outLen to the number
     of bytes written to the output buffer.
+    If there is enough room in out to store an extra byte, a NULL terminator
+    will be added.  This will NOT be included in outLen.
 
     \return 0 Returned upon successfully decoding the Base64 encoded input
     \return BAD_FUNC_ARG Returned if the output buffer is too small to
@@ -203,6 +205,8 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
     \ingroup Base_Encoding
 
     \brief Encode input to base16 output.
+    If there is enough room in out to store an extra byte, a NULL terminator
+    will be added and included in outLen.
 
     \return 0 Success
     \return BAD_FUNC_ARG Returns if in, out, or outLen is null or if outLen is

doc/dox_comments/header_files/ssl.h

@@ -1742,6 +1742,7 @@ int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx,
     \param method pointer to the desired WOLFSSL_METHOD to use for the SSL
     context. This is created using one of the wolfSSLvXX_XXXX_method()
     functions to specify SSL/TLS/DTLS protocol level.
+    This function frees the passed in WOLFSSL_METHOD struct on failure.
 
     _Example_
     \code
@@ -15935,3 +15936,51 @@ WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
 */
 int wolfSSL_get_sigalg_info(byte first, byte second,
         int* hashAlgo, int* sigAlgo);
+
+/*!
+    \brief This function will set the password callback in the provided CTX.
+    This callback is used when loading an encrypted cert or key which requires
+    a password.
+
+    \param ctx a pointer to a WOLFSSL_CTX structure, created with
+    wolfSSL_CTX_new().
+    \param cb a function pointer to (*wc_pem_password_cb) that is set to the
+    passwd_cb member of the WOLFSSL_CTX.
+
+    _Example_
+    \code
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
+    int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) {
+
+    }
+    …
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+    \endcode
+
+    \sa wolfSSL_CTX_set_default_passwd_cb_userdata
+*/
+void wolfSSL_CTX_set_default_passwd_cb(WOLFSSL_CTX* ctx,
+                                        wc_pem_password_cb* cb);
+
+/*!
+    \brief This function will set the userdata argument to the passwd_userdata
+    member of the WOLFSSL_CTX structure.
+    This member is passed into the CTX's password callback when called.
+
+    \param ctx a pointer to a WOLFSSL_CTX structure, created with
+    wolfSSL_CTX_new().
+    \param userdata a pointer to userdata which is passed into the
+    password callback.
+
+    _Example_
+    \code
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
+    int data;
+    …
+    wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&data);
+    \endcode
+
+    \sa wolfSSL_CTX_set_default_passwd_cb
+*/
+void wolfSSL_CTX_set_default_passwd_cb_userdata(WOLFSSL_CTX* ctx,
+                                                   void* userdata);

src/internal.c

@@ -26979,7 +26979,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
         return "Certificate context does not match request or not empty";
 
     case BAD_KEY_SHARE_DATA:
-        return "The Key Share data contains group that wasn't in Client Hello";
+        return "The Key Share data contains a group which is invalid";
 
     case MISSING_HANDSHAKE_DATA:
         return "The handshake message is missing required data";

wolfssl/openssl/ssl.h

@@ -346,6 +346,8 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
 #define SSL_new                         wolfSSL_new
 #define SSL_set_fd                      wolfSSL_set_fd
 #define SSL_get_fd                      wolfSSL_get_fd
+#define SSL_get_rfd                     wolfSSL_get_fd
+#define SSL_get_wfd                     wolfSSL_get_wfd
 #define SSL_connect                     wolfSSL_connect
 #define SSL_clear                       wolfSSL_clear
 #define SSL_state                       wolfSSL_state