Fix runtime error tls_mcdc, fixed correct MAP symbols

danielinux · danielinux · commit 3e2d55936512 · 2026-04-14T12:59:57.000+02:00
diff --git a/tests/api/test_aes.c b/tests/api/test_aes.c
@@ -6909,8 +6909,13 @@ int test_wc_AesRequirementCoverage(void)
         ExpectIntEQ(wc_AesXtsEncryptConsecutiveSectors(&xts, cipher, xtsMsg,
             XTS_TOTAL, (word64)0x12345678, XTS_SECTOR_SZ), 0);
         ExpectIntNE(XMEMCMP(cipher, xtsMsg, XTS_TOTAL), 0);
-        if (initXts) ExpectIntEQ(wc_AesXtsFree(&xts), 0);
-        initXts = 0;
+        if (initXts) {
+            int freeRet = wc_AesXtsFree(&xts);
+            if (EXPECT_SUCCESS()) {
+                ExpectIntEQ(freeRet, 0);
+            }
+            initXts = 0;
+        }
 
         ExpectIntEQ(wc_AesXtsInit(&xts, HEAP_HINT, INVALID_DEVID), 0);
         if (EXPECT_SUCCESS()) initXts = 1;
@@ -6919,7 +6924,13 @@ int test_wc_AesRequirementCoverage(void)
         ExpectIntEQ(wc_AesXtsDecryptConsecutiveSectors(&xts, plain, cipher,
             XTS_TOTAL, (word64)0x12345678, XTS_SECTOR_SZ), 0);
         ExpectIntEQ(XMEMCMP(plain, xtsMsg, XTS_TOTAL), 0);
-        if (initXts) ExpectIntEQ(wc_AesXtsFree(&xts), 0);
+        if (initXts) {
+            int freeRet = wc_AesXtsFree(&xts);
+            if (EXPECT_SUCCESS()) {
+                ExpectIntEQ(freeRet, 0);
+            }
+            initXts = 0;
+        }
     }
 #endif /* WOLFSSL_AES_XTS */
 
diff --git a/tests/api/test_tls13.c b/tests/api/test_tls13.c
@@ -3909,17 +3909,6 @@ int test_tls13_mcdc_hrr_coverage(void)
     WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
     WOLFSSL     *ssl_c = NULL, *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
-    (void)ctx_c;
-    (void)ssl_c;
-    (void)ctx_s;
-    (void)ssl_s;
-    (void)test_ctx;
-
-    /* Client offers P-384 (or P-521) key_share in CH1 but also advertises
-     * P-256 as a supported group; server prefers P-256 -> server sends HRR
-     * with key_share extension selecting P-256 -> client retries with P-256.
-     * When client_grp == server_grp both sides agree immediately; HRR is
-     * still triggered by the stateless cookie mechanism.                    */
     int server_grp = WOLFSSL_ECC_SECP256R1;
 #if defined(HAVE_ECC384) && (ECC_MIN_KEY_SZ <= 384)
     int client_grp = WOLFSSL_ECC_SECP384R1;
@@ -3940,6 +3929,11 @@ int test_tls13_mcdc_hrr_coverage(void)
     int client_grps[2] = { client_grp, 0 };
     int client_grps_cnt = 1;
 #endif
+    (void)ctx_c;
+    (void)ssl_c;
+    (void)ctx_s;
+    (void)ssl_s;
+    (void)test_ctx;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
     ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
@@ -4334,13 +4328,15 @@ int test_tls13_mcdc_batch2_post_handshake_auth(void)
     WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
     WOLFSSL     *ssl_c = NULL, *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
+    char buf[64];
+    int  err;
+    int  rounds;
+    int  ret;
     (void)ctx_c;
     (void)ssl_c;
     (void)ctx_s;
     (void)ssl_s;
     (void)test_ctx;
-    char buf[64];
-    int  err;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
     ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
@@ -4365,24 +4361,44 @@ int test_tls13_mcdc_batch2_post_handshake_auth(void)
     /* Phase 1: complete the main TLS 1.3 handshake.                         */
     ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
 
-    /* Drain any NewSessionTicket records at the client.                      */
-    ExpectIntEQ(wolfSSL_read(ssl_c, buf, sizeof(buf)), -1);
-    err = wolfSSL_get_error(ssl_c, -1);
-    ExpectTrue(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_NONE);
+    /* Drain any NewSessionTicket records at the client. */
+    rounds = 0;
+    do {
+        ret = wolfSSL_read(ssl_c, buf, sizeof(buf));
+        if (ret > 0)
+            continue;
+        err = wolfSSL_get_error(ssl_c, -1);
+        rounds++;
+    } while (err != WOLFSSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_NONE &&
+             err != WOLFSSL_ERROR_WANT_WRITE && rounds < 32 && !EXPECT_FAIL());
+    ExpectTrue(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_NONE ||
+               err == WOLFSSL_ERROR_WANT_WRITE);
 
     /* Phase 2: server sends a post-handshake CertificateRequest.             */
     ExpectIntEQ(wolfSSL_request_certificate(ssl_s), WOLFSSL_SUCCESS);
 
-    /* Pump client-side: read CertificateRequest, produce Certificate +
-     * CertificateVerify + Finished.                                          */
-    ExpectIntEQ(wolfSSL_read(ssl_c, buf, sizeof(buf)), -1);
-    err = wolfSSL_get_error(ssl_c, -1);
-    ExpectTrue(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_NONE);
+    /* Pump both sides until post-handshake auth traffic quiesces. */
+    for (rounds = 0; rounds < 32 && !EXPECT_FAIL(); rounds++) {
+        ret = wolfSSL_read(ssl_c, buf, sizeof(buf));
+        if (ret <= 0) {
+            err = wolfSSL_get_error(ssl_c, -1);
+            ExpectTrue(err == WOLFSSL_ERROR_WANT_READ ||
+                       err == WOLFSSL_ERROR_WANT_WRITE ||
+                       err == WOLFSSL_ERROR_NONE);
+        }
 
-    /* Pump server-side: receive the client certificate messages.             */
-    ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), -1);
-    err = wolfSSL_get_error(ssl_s, -1);
-    ExpectTrue(err == WOLFSSL_ERROR_WANT_READ || err == WOLFSSL_ERROR_NONE);
+        ret = wolfSSL_read(ssl_s, buf, sizeof(buf));
+        if (ret <= 0) {
+            err = wolfSSL_get_error(ssl_s, -1);
+            ExpectTrue(err == WOLFSSL_ERROR_WANT_READ ||
+                       err == WOLFSSL_ERROR_WANT_WRITE ||
+                       err == WOLFSSL_ERROR_NONE);
+        }
+
+        if (test_ctx.c_len == 0 && test_ctx.s_len == 0) {
+            break;
+        }
+    }
 
     /* App-data round-trip after post-handshake auth verifies keys intact.   */
     ExpectIntEQ(wolfSSL_write(ssl_s, "pha-ok", 6), 6);
@@ -4424,15 +4440,15 @@ int test_tls13_mcdc_batch2_early_data(void)
     WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
     WOLFSSL     *ssl_c = NULL, *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
+    WOLFSSL_SESSION *sess = NULL;
+    char msgBuf[64];
+    int  written = 0;
+    int  readSz  = 0;
     (void)ctx_c;
     (void)ssl_c;
     (void)ctx_s;
     (void)ssl_s;
     (void)test_ctx;
-    WOLFSSL_SESSION *sess = NULL;
-    char msgBuf[64];
-    int  written = 0;
-    int  readSz  = 0;
 
     /* ---- pass 1: establish session ticket -------------------------------- */
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
@@ -4803,10 +4819,9 @@ int test_tls13_mcdc_batch2_alpn(void)
     defined(WOLFSSL_TLS13) && \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
     defined(HAVE_ALPN)
-    struct test_memio_ctx test_ctx;
-    (void)test_ctx;
     WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
     WOLFSSL     *ssl_c = NULL, *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
     (void)ctx_c;
     (void)ssl_c;
     (void)ctx_s;
@@ -4815,6 +4830,7 @@ int test_tls13_mcdc_batch2_alpn(void)
     unsigned short protoSz = 0;
     char alpn_h2[] = "h2";
     char alpn_http11[] = "http/1.1";
+    (void)test_ctx;
 
     /* ---- sub-test A: matching ALPN protocol "h2" -------------------------- */
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
@@ -3169,6 +3169,7 @@ struct TLSX {
 
 #ifdef WOLFSSL_API_PREFIX_MAP
     #define TLSX_Find wolfSSL_TLSX_Find
+    #define TLSX_SupportExtensions wolfSSL_TLSX_SupportExtensions
 #endif
 WOLFSSL_TEST_VIS TLSX* TLSX_Find(TLSX* list, TLSX_Type type);
 WOLFSSL_LOCAL void  TLSX_Remove(TLSX** list, TLSX_Type type, void* heap);
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
@@ -2325,6 +2325,10 @@ WOLFSSL_API int wc_SetUnknownExtCallbackEx(DecodedCert* cert,
                                                void *ctx);
 #endif
 
+#ifdef WOLFSSL_API_PREFIX_MAP
+    #define DecodePolicyOID wolfSSL_DecodePolicyOID
+    #define DecodeAuthKeyId wolfSSL_DecodeAuthKeyId
+#endif
 WOLFSSL_TEST_VIS int DecodePolicyOID(char *out, word32 outSz, const byte *in,
                                      word32 inSz);
 WOLFSSL_LOCAL int EncodePolicyOID(byte *out, word32 *outSz,
@@ -2445,6 +2449,10 @@ WOLFSSL_LOCAL int GetTimeString(byte* date, int format, char* buf, int len,
 #if !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
     !defined(TIME_OVERRIDES) && (defined(OPENSSL_EXTRA) || \
             defined(HAVE_PKCS7) || defined(HAVE_OCSP_RESPONDER))
+#ifdef WOLFSSL_API_PREFIX_MAP
+    #define GetAsnTimeString wolfSSL_GetAsnTimeString
+    #define GetFormattedTime_ex wolfSSL_GetFormattedTime_ex
+#endif
 WOLFSSL_LOCAL int GetFormattedTime(void* currTime, byte* buf, word32 len);
 WOLFSSL_TEST_VIS int GetAsnTimeString(void* currTime, byte* buf, word32 len);
 WOLFSSL_TEST_VIS int GetFormattedTime_ex(void* currTime, byte* buf, word32 len,
@@ -2558,6 +2566,9 @@ WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output,
     byte isIndef);
 WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output);
 WOLFSSL_API word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
+#ifdef WOLFSSL_API_PREFIX_MAP
+    #define SetAlgoIDEx wolfSSL_SetAlgoIDEx
+#endif
 WOLFSSL_TEST_VIS word32 SetAlgoIDEx(int algoOID, byte* output, int type,
                                     int curveSz, byte absentParams);
 #if defined(WC_RSA_PSS) && !defined(NO_RSA)
