AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix some dependencies and warnings in small config

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-09-18 17:18:34 +02:00
parent 5ad403f5b5
commit 1032c1d3ec
5 changed files with 28 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
include/polarssl/config.h
View File

@ -287,7 +287,8 @@
* *
* Enable the RSA-PSK based ciphersuite modes in SSL / TLS * Enable the RSA-PSK based ciphersuite modes in SSL / TLS
* (NOT YET IMPLEMENTED) * (NOT YET IMPLEMENTED)
* Requires: POLARSSL_RSA_C, POLARSSL_X509_CRT_PARSE_C, POLARSSL_PKCS1_V15 * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
* POLARSSL_X509_CRT_PARSE_C, POLARSSL_X509_CRL_PARSE_C
* *
* This enables the following ciphersuites (if other requisites are * This enables the following ciphersuites (if other requisites are
* enabled as well): * enabled as well):
@ -307,7 +308,8 @@
* *
* Enable the RSA-only based ciphersuite modes in SSL / TLS * Enable the RSA-only based ciphersuite modes in SSL / TLS
* *
* Requires: POLARSSL_RSA_C, POLARSSL_X509_CRT_PARSE_C, POLARSSL_PKCS1_V15 * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
* POLARSSL_X509_CRT_PARSE_C, POLARSSL_X509_CRL_PARSE_C
* *
* This enables the following ciphersuites (if other requisites are * This enables the following ciphersuites (if other requisites are
* enabled as well): * enabled as well):
@ -332,8 +334,8 @@
* *
* Enable the DHE-RSA based ciphersuite modes in SSL / TLS * Enable the DHE-RSA based ciphersuite modes in SSL / TLS
* *
* Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_X509_CRT_PARSE_C, * Requires: POLARSSL_DHM_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
* POLARSSL_PKCS1_V15 * POLARSSL_X509_CRT_PARSE_C, POLARSSL_X509_CRL_PARSE_C
* *
* This enables the following ciphersuites (if other requisites are * This enables the following ciphersuites (if other requisites are
* enabled as well): * enabled as well):
@ -354,8 +356,8 @@
* *
* Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS
* *
* Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_X509_CRT_PARSE_C, * Requires: POLARSSL_ECDH_C, POLARSSL_RSA_C, POLARSSL_PKCS1_V15,
* POLARSSL_PKCS1_V15 * POLARSSL_X509_CRT_PARSE_C, POLARSSL_X509_CRL_PARSE_C
* *
* This enables the following ciphersuites (if other requisites are * This enables the following ciphersuites (if other requisites are
* enabled as well): * enabled as well):
@ -377,7 +379,8 @@
* *
* Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS
* *
* Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C * Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_CRT_PARSE_C,
* POLARSSL_X509_CRL_PARSE_C
* *
* This enables the following ciphersuites (if other requisites are * This enables the following ciphersuites (if other requisites are
* enabled as well): * enabled as well):
@ -1636,31 +1639,34 @@
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \ ( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) || \
!defined(POLARSSL_X509_CRL_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites" #error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \ ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) || \
!defined(POLARSSL_X509_CRL_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" #error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \ ( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) ) !defined(POLARSSL_X509_CRT_PARSE_C) || \
!defined(POLARSSL_X509_CRL_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" #error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) ) !defined(POLARSSL_PKCS1_V15) || !defined(POLARSSL_X509_CRL_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" #error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\ ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) ) !defined(POLARSSL_PKCS1_V15) || !defined(POLARSSL_X509_CRL_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" #error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
#endif #endif

2
include/polarssl/ssl.h
View File

@ -954,6 +954,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl,
int major, int minor ); int major, int minor );
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(POLARSSL_X509_CRL_PARSE_C)
/** /**
* \brief Set the data required to verify peer certificate * \brief Set the data required to verify peer certificate
* *
@ -964,6 +965,7 @@ void ssl_set_ciphersuites_for_version( ssl_context *ssl,
*/ */
void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain, void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain,
x509_crl *ca_crl, const char *peer_cn ); x509_crl *ca_crl, const char *peer_cn );
#endif /* POLARSSL_X509_CRL_PARSE_C */
/** /**
* \brief Set own certificate chain and private key * \brief Set own certificate chain and private key

2
include/polarssl/x509_crt.h
View File

@ -198,6 +198,7 @@ int x509_crt_parse_path( x509_crt *chain, const char *path );
int x509_crt_info( char *buf, size_t size, const char *prefix, int x509_crt_info( char *buf, size_t size, const char *prefix,
const x509_crt *crt ); const x509_crt *crt );
#if defined(POLARSSL_X509_CRL_PARSE_C)
/** /**
* \brief Verify the certificate signature * \brief Verify the certificate signature
* *
@ -241,7 +242,6 @@ int x509_crt_verify( x509_crt *crt,
int (*f_vrfy)(void *, x509_crt *, int, int *), int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy ); void *p_vrfy );
#if defined(POLARSSL_X509_CRL_PARSE_C)
/** /**
* \brief Verify the certificate signature * \brief Verify the certificate signature
* *

3
library/pkparse.c
View File

@ -745,7 +745,10 @@ static int pk_parse_key_pkcs8_encrypted_der(
} }
else else
#endif /* POLARSSL_PKCS5_C */ #endif /* POLARSSL_PKCS5_C */
{
((void) pwd);
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
}
return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) ); return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) );
} }

6
library/ssl_cli.c
View File

@ -740,13 +740,15 @@ static int ssl_parse_supported_point_formats_ext( ssl_context *ssl,
static int ssl_parse_server_hello( ssl_context *ssl ) static int ssl_parse_server_hello( ssl_context *ssl )
{ {
uint32_t t;
int ret, i, comp; int ret, i, comp;
size_t n; size_t n;
size_t ext_len = 0; size_t ext_len = 0;
unsigned char *buf, *ext; unsigned char *buf, *ext;
int renegotiation_info_seen = 0; int renegotiation_info_seen = 0;
int handshake_failure = 0; int handshake_failure = 0;
#if defined(POLARSSL_DEBUG_C)
uint32_t t;
#endif
SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) );
@ -807,13 +809,13 @@ static int ssl_parse_server_hello( ssl_context *ssl )
| ( (uint32_t) buf[7] << 16 ) | ( (uint32_t) buf[7] << 16 )
| ( (uint32_t) buf[8] << 8 ) | ( (uint32_t) buf[8] << 8 )
| ( (uint32_t) buf[9] ); | ( (uint32_t) buf[9] );
SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
#endif #endif
memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 );
n = buf[38]; n = buf[38];
SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 );
if( n > 32 ) if( n > 32 )