src/internal.c: in wolfSSL_ERR_reason_error_string(), remove handling…

… for -WOLFSSL_X509_V_ERR_*, and make corresponding changes in wolfssl/error-ssl.h and tests/api.c.
wolfSSL · Aug 30, 2024 · 255465a · 255465a
1 parent 17870d4
commit 255465a
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 80 deletions.
diff --git a/src/internal.c b/src/internal.c
@@ -25680,54 +25680,6 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
     case WOLFSSL_FATAL_ERROR:
         return "fatal error";
 
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
-    defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
-
-    /* TODO: -WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE. Conflicts with
-     *       -WOLFSSL_ERROR_WANT_CONNECT.
-     */
-
-    case -WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID:
-        return "certificate not yet valid";
-
-    case -WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED:
-        return "certificate has expired";
-
-    case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-        return "certificate signature failure";
-
-    case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-        return "format error in certificate's notAfter field";
-
-    case -WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-        return "self-signed certificate in certificate chain";
-
-    case -WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-        return "unable to get local issuer certificate";
-
-    case -WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-        return "unable to verify the first certificate";
-
-    case -WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG:
-        return "certificate chain too long";
-
-    case -WOLFSSL_X509_V_ERR_CERT_REVOKED:
-        return "certificate revoked";
-
-    case -WOLFSSL_X509_V_ERR_INVALID_CA:
-        return "invalid CA certificate";
-
-    case -WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED:
-        return "path length constraint exceeded";
-
-    case -WOLFSSL_X509_V_ERR_CERT_REJECTED:
-        return "certificate rejected";
-
-    case -WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
-        return "subject issuer mismatch";
-
-#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER || HAVE_MEMCACHED */
-
     default :
         return "unknown error number";
     }

diff --git a/tests/api.c b/tests/api.c
@@ -83187,17 +83187,7 @@ static int error_test(void)
 #ifndef OPENSSL_EXTRA
         { 0, 0 },
 #endif
-
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
-    defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
-        { -11, -12 },
-        { -15, -17 },
-        { -19, -19 },
-        { -26, -27 },
-        { -30, WC_FIRST_E+1 },
-#else
         { -9, WC_FIRST_E+1 },
-#endif
         { -124, -124 },
         { -166, -169 },
         { -300, -300 },

diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h
@@ -46,28 +46,6 @@ enum wolfSSL_ErrorCodes {
     WOLFSSL_ERROR_WANT_CONNECT_E =   -7,
     WOLFSSL_ERROR_WANT_ACCEPT_E  =   -8,
 
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
-    defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
-
-    WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE_E  = -7, /* note conflict with
-                                              * WOLFSSL_ERROR_WANT_CONNECT_E
-                                                        */
-    WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID_E      = -9,
-    WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED_E        = -10,
-    WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD_E = -13,
-    WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD_E = -14,
-    WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT_E = -18,
-    WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY_E = -20,
-    WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE_E = -21,
-    WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG_E     = -22,
-    WOLFSSL_X509_V_ERR_CERT_REVOKED_E            = -23,
-    WOLFSSL_X509_V_ERR_INVALID_CA_E              = -24,
-    WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED_E    = -25,
-    WOLFSSL_X509_V_ERR_CERT_REJECTED_E           = -28,
-    WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH_E = -29,
-
-#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER || HAVE_MEMCACHED */
-
     WOLFSSL_FIRST_E              = -301,   /* start of native TLS codes */
 
     INPUT_CASE_ERROR             = -301,   /* process input state error */