From 9a99480d5cdcf02914afe3df6affe2e4954f93b3 Mon Sep 17 00:00:00 2001
From: Hayden Roche <haydenroche5@gmail.com>
Date: Thu, 9 Dec 2021 17:24:54 -0800
Subject: [PATCH] Improve make_optional_func_list and make renegotiation
 functions optional.

`make_optional_func_list` will fall back to using `nm` to determine if a
function is provided by libwolfssl if libwolfssl is a static library. This
commit makes it so we first check if `nm` is available. If it's not available,
the function will print a warning and assume all optional functions are
available.
---
 src/wolfssl/_build_ffi.py | 20 +++++++++++++++-----
 src/wolfssl/_openssl.py   |  1 -
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/src/wolfssl/_build_ffi.py b/src/wolfssl/_build_ffi.py
index ccb6661..ef0f292 100644
--- a/src/wolfssl/_build_ffi.py
+++ b/src/wolfssl/_build_ffi.py
@@ -43,12 +43,19 @@ def make_optional_func_list(libwolfssl_path, funcs):
             except AttributeError as _:
                 pass
     # Can't discover functions in a static library with ctypes. Need to fall
-    # back to running nm as a subprocess.
+    # back to running nm, if available, as a subprocess.
     else:
-        nm_cmd = "nm --defined-only {}".format(libwolfssl_path)
-        result = subprocess.run(shlex.split(nm_cmd), capture_output=True)
-        nm_stdout = result.stdout.decode()
-        defined = [func for func in funcs if func.name in nm_stdout]
+        which_cmd = "which nm"
+        result = subprocess.run(shlex.split(which_cmd))
+        if result.returncode == 0:
+            nm_cmd = "nm --defined-only {}".format(libwolfssl_path)
+            result = subprocess.run(shlex.split(nm_cmd), capture_output=True)
+            nm_stdout = result.stdout.decode()
+            defined = [func for func in funcs if func.name in nm_stdout]
+        else:
+            print(("WARNING: Can't determine available libwolfssl functions."
+                   " Assuming all optional functions are available."))
+            defined = funcs
 
     return defined
 
@@ -63,6 +70,9 @@ def make_optional_func_list(libwolfssl_path, funcs):
 # Depending on how wolfSSL was configured, the functions below may or may not be
 # defined.
 optional_funcs = [
+    WolfFunction("wolfSSL_Rehandshake",
+                 "int wolfSSL_Rehandshake(WOLFSSL*)",
+                 "int SSL_renegotiate(SSL*)"),
     WolfFunction("wolfSSL_ERR_func_error_string",
                  "const char* wolfSSL_ERR_func_error_string(unsigned long)",
                  "const char* ERR_func_error_string(unsigned long)"),
diff --git a/src/wolfssl/_openssl.py b/src/wolfssl/_openssl.py
index 2e09519..0b9f708 100644
--- a/src/wolfssl/_openssl.py
+++ b/src/wolfssl/_openssl.py
@@ -230,7 +230,6 @@ def construct_cdef(optional_funcs):
         X509*         SSL_get_peer_certificate(SSL*);
         const char*   SSL_alert_type_string_long(int);
         const char*   SSL_alert_desc_string_long(int);
-        int           SSL_renegotiate(SSL*);
         void          SSL_get0_next_proto_negotiated(const SSL*,
                           const unsigned char**, unsigned*);
         const char*   SSL_get_servername(SSL*, unsigned char);