Regression testing fixes

configure.ac

@@ -12316,7 +12316,7 @@ AM_CONDITIONAL([BUILD_MLDSA],[test "x$ENABLED_MLDSA" != "xno" || test "x$ENABLED
 AM_CONDITIONAL([BUILD_ECCSI],[test "x$ENABLED_ECCSI" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_SAKKE],[test "x$ENABLED_SAKKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_MEMORY],[test "x$ENABLED_MEMORY" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
-AM_CONDITIONAL([BUILD_MEMUSE],[test "x$ENABLED_ENTROPY_MEMUSE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_MEMUSE],[test "x$ENABLED_ENTROPY_MEMUSE" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_RNG_BANK],[test "$ENABLED_RNG_BANK" = "yes" || test "$ENABLED_USERSETTINGS" = "yes"])
 AM_CONDITIONAL([BUILD_RSA],[test "x$ENABLED_RSA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_DH],[test "x$ENABLED_DH" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])

src/internal.c

@@ -7329,6 +7329,9 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
 #endif
 #else
     if (ctx->privateKey != NULL) {
+        if (ssl->buffers.key != NULL) {
+            FreeDer(&ssl->buffers.key);
+        }
         ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
             ctx->privateKey->length, ctx->privateKey->type,
             ctx->privateKey->heap);

src/ssl.c

@@ -3294,7 +3294,8 @@ int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name)
 #if defined(NO_TLS)
     return WOLFSSL_FAILURE;
 #else
-    return TLSX_UseSupportedCurve(&ssl->extensions, name, ssl->heap);
+    return TLSX_UseSupportedCurve(&ssl->extensions, name, ssl->heap,
+                                  ssl->options.side);
 #endif /* NO_TLS */
 }
 
@@ -3308,7 +3309,8 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name)
 #if defined(NO_TLS)
     return WOLFSSL_FAILURE;
 #else
-    return TLSX_UseSupportedCurve(&ctx->extensions, name, ctx->heap);
+    return TLSX_UseSupportedCurve(&ctx->extensions, name, ctx->heap,
+                                  ctx->method->side);
 #endif /* NO_TLS */
 }
 
@@ -16071,6 +16073,9 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
 #endif
 #else
     if (ctx->privateKey != NULL) {
+        if (ssl->buffers.key != NULL && ssl->buffers.weOwnKey) {
+            FreeDer(&ssl->buffers.key);
+        }
         ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
             ctx->privateKey->length, ctx->privateKey->type,
             ctx->privateKey->heap);

src/ssl_asn1.c

@@ -3760,8 +3760,6 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
  * ASN1_TIME APIs
  ******************************************************************************/
 
-#ifndef NO_ASN_TIME
-
 #ifdef OPENSSL_EXTRA
 /* Allocate a new ASN.1 TIME object.
  *
@@ -3811,6 +3809,7 @@ WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *a, time_t t)
 }
 #endif /* !NO_WOLFSSL_STUB */
 
+#ifndef NO_ASN_TIME
 /* Convert time to Unix time (GMT).
  *
  * @param [in] sec     Second in minute. 0-59.
@@ -4005,6 +4004,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME* a, time_t t,
     return ret;
 }
 #endif /* !USER_TIME && !TIME_OVERRIDES */
+#endif /* !NO_ASN_TIME */
 
 /* Get the length of the ASN.1 TIME data.
  *
@@ -4048,6 +4048,7 @@ unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t)
     return data;
 }
 
+#ifndef NO_ASN_TIME
 /* Check format of string in ASN.1 TIME object.
  *
  * @param [in] a  ASN.1 TIME object.
@@ -4069,6 +4070,7 @@ int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
 
     return ret;
 }
+#endif /* !NO_ASN_TIME */
 
 /* Set the time as a string into ASN.1 TIME object.
  *
@@ -4112,6 +4114,7 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
     return ret;
 }
 
+#ifndef NO_ASN_TIME
 int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t, const char *str)
 {
     int ret = WOLFSSL_SUCCESS;
@@ -4126,6 +4129,7 @@ int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t, const char *str)
         ret = wolfSSL_ASN1_TIME_check(t);
     return ret;
 }
+#endif /* !NO_ASN_TIME */
 
 /* Convert ASN.1 TIME object to ASN.1 GENERALIZED TIME object.
  *
@@ -4199,7 +4203,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
     return ret;
 }
 
-#if !defined(USER_TIME) && !defined(TIME_OVERRIDES)
+#if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
 WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t)
 {
     WOLFSSL_ASN1_TIME* ret = s;
@@ -4228,7 +4232,8 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t)
 #endif /* !USER_TIME && !TIME_OVERRIDES */
 #endif /* OPENSSL_EXTRA */
 
-#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA)
+#if !defined(NO_ASN_TIME) && \
+    (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA))
 /* Get string from ASN.1 TIME object.
  *
  * Not an OpenSSL compatibility API.
@@ -4607,9 +4612,9 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
 }
 #endif /* !NO_BIO */
 
-#endif /* WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA */
+#endif /* !NO_ASN_TIME && (WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA) */
 
-#ifdef OPENSSL_EXTRA
+#if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
 
 #ifndef NO_BIO
 /* Print the ASN.1 UTC TIME object as a string to BIO.
@@ -4647,9 +4652,7 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
 }
 #endif /* !NO_BIO */
 
-#endif /* OPENSSL_EXTRA */
-
-#endif /* !NO_ASN_TIME */
+#endif /* !NO_ASN_TIME && OPENSSL_EXTRA */
 
 /*******************************************************************************
  * ASN1_TYPE APIs