Topic: Bad documentation for wolfSSL_UseSNI
There is no documentation on the website that I can find (search returns "no matches").
However, there is documentation in the source tree (doc/dox_comments/header_files/ssl.h) for `wolfSSL_UseSNI` which states:
\return SSL_SUCCESS upon success
followed by example code:
ret = wolfSSL_UseSNI(ssl, WOLFSSL_SNI_HOST_NAME, "www.yassl.com", strlen("www.yassl.com"));
if (ret != 0) {
// sni usage failed
}
Note that `SSL_SUCCESS` is a (deprecated?) old name, at most defined to be `WOLFSSL_SUCCESS` which is equal 1, not 0.
Looking at the actual code,
`wolfSSL_UseSNI` returns `TLSX_UseSNI` which returns, upon errors, the negative values BAD_FUNC_ARG or MEMORY_E but also contains the code:
if (ret != 0) {
TLSX_SNI_Free(sni, heap);
return ret;
}
...
return WOLFSSL_SUCCESS;
The last line matches the documentation (but not the example) but the first line feels error prone.
Looking more closely to the actual code and functions called, we can establish that this won't
return the value 1 (WOLFSSL_SUCCESS) after just having freed sni... But it doesn't look very
robust to me.
There seems to be a duality in the code on what the meaning of the return value '0' means.
Sometimes it means 'success' and sometimes it means WOLFSSL_FAILURE.
Proof that this is bad is the fact that the documentation contains examples that confuse the two.