From 09e34b78eeb6237a87b8ae5fd1860e7a550dccbd Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Thu, 30 Sep 2021 17:19:34 +1000 Subject: [PATCH 01/17] Add header guard around malloc(0) returning NULL implementation Make it safe to import the config multiple times without having multiple definition errors. (This prevents errors in the fuzzers in a later patch.) Signed-off-by: Daniel Axtens --- tests/configs/config-wrapper-malloc-0-null.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/config-wrapper-malloc-0-null.h index e7bdbeb9e..b065c2db4 100644 --- a/tests/configs/config-wrapper-malloc-0-null.h +++ b/tests/configs/config-wrapper-malloc-0-null.h @@ -21,6 +21,8 @@ #include "mbedtls/mbedtls_config.h" #include + +#ifndef MBEDTLS_PLATFORM_STD_CALLOC static inline void *custom_calloc( size_t nmemb, size_t size ) { if( nmemb == 0 || size == 0 ) @@ -30,3 +32,4 @@ static inline void *custom_calloc( size_t nmemb, size_t size ) #define MBEDTLS_PLATFORM_MEMORY #define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc +#endif From f071024bf848eb9c67dd737091a179ee3dc8dc6c Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Thu, 28 May 2020 11:43:41 +1000 Subject: [PATCH 02/17] Do not include time.h without MBEDTLS_HAVE_TIME MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()." If that is not defined, do not attempt to include time.h. A particular problem is platform-time.h, which should only be included if MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it should be refactored to have the check inside the header. Signed-off-by: Daniel Axtens --- include/mbedtls/platform.h | 2 ++ library/x509_crl.c | 2 ++ library/x509_crt.c | 2 ++ programs/fuzz/common.c | 4 +++- programs/fuzz/common.h | 11 +++++++++++ scripts/data_files/query_config.fmt | 2 ++ 6 files changed, 22 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 11a9ca1b6..a5984345b 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -62,7 +62,9 @@ extern "C" { #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) #include #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */ diff --git a/library/x509_crl.c b/library/x509_crl.c index e6efdca5c..0cd996dab 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -52,11 +52,13 @@ #define mbedtls_snprintf snprintf #endif +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif +#endif #if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) #include diff --git a/library/x509_crt.c b/library/x509_crt.c index c8654445d..73116ea15 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -63,11 +63,13 @@ #include "mbedtls/threading.h" #endif +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif +#endif #if defined(MBEDTLS_FS_IO) #include diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index 4d5840228..1af2446db 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -5,15 +5,17 @@ #include #include "mbedtls/ctr_drbg.h" +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) { (void) time; return 0x5af2a056; } +#endif void dummy_init() { -#if defined(MBEDTLS_PLATFORM_TIME_ALT) +#if (defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_PLATFORM_TIME_ALT)) mbedtls_platform_set_time( dummy_constant_time ); #else fprintf(stderr, "Warning: fuzzing without constant time\n"); diff --git a/programs/fuzz/common.h b/programs/fuzz/common.h index 5586c06ad..37495a6f3 100644 --- a/programs/fuzz/common.h +++ b/programs/fuzz/common.h @@ -1,4 +1,13 @@ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/mbedtls_config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif +#include #include typedef struct fuzzBufferOffset @@ -8,7 +17,9 @@ typedef struct fuzzBufferOffset size_t Offset; } fuzzBufferOffset_t; +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +#endif void dummy_init(); int dummy_send( void *ctx, const unsigned char *buf, size_t len ); diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index 8b0057cb0..fa124f0da 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -67,7 +67,9 @@ #include "mbedtls/pk.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif #include "mbedtls/platform_util.h" #include "mbedtls/poly1305.h" #include "mbedtls/ripemd160.h" From 446af202f6c7ed5855f46b09f7538fec40681356 Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Wed, 2 Sep 2020 21:30:13 +1000 Subject: [PATCH 03/17] tests: prevent inclusion of time.h in baremetal compiles baremetal compiles should not include time.h, as MBEDTLS_HAVE_TIME is undefined. To test this, provide an overriding include directory that has a time.h which throws a meaningful error if included. Signed-off-by: Daniel Axtens --- tests/include/baremetal-override/time.h | 18 ++++++++++++++++++ tests/scripts/all.sh | 8 +++++++- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 tests/include/baremetal-override/time.h diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h new file mode 100644 index 000000000..40eed2d33 --- /dev/null +++ b/tests/include/baremetal-override/time.h @@ -0,0 +1,18 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0c2d9ddf6..7b2519569 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1435,9 +1435,15 @@ component_build_crypto_full () { component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal - make CFLAGS='-O1 -Werror' + make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" are_empty_libraries library/libmbedx509.* library/libmbedtls.* } +support_build_crypto_baremetal () { + # Older Glibc versions include time.h from other headers such as stdlib.h, + # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this + # problem, Ubuntu 18.04 is ok. + ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h +} component_test_depends_curves () { msg "test/build: curves.pl (gcc)" # ~ 4 min From 9ed9bc9377adfe0748e1b95ddd1c796d9b4583c0 Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Mon, 22 Jun 2020 14:08:57 +0200 Subject: [PATCH 04/17] programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens --- programs/ssl/ssl_context_info.c | 9 +++++++++ programs/ssl/ssl_server2.c | 2 ++ programs/ssl/ssl_test_lib.c | 2 ++ programs/ssl/ssl_test_lib.h | 2 ++ 4 files changed, 15 insertions(+) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 62c3cc52b..cc889d46c 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -42,7 +42,9 @@ int main( void ) #include #include #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include "mbedtls/ssl.h" #include "mbedtls/error.h" #include "mbedtls/base64.h" @@ -307,6 +309,7 @@ void print_hex( const uint8_t *b, size_t len, /* * Print the value of time_t in format e.g. 2020-01-23 13:05:59 */ +#if defined(MBEDTLS_HAVE_TIME) void print_time( const time_t *time ) { char buf[20]; @@ -322,6 +325,7 @@ void print_time( const time_t *time ) printf( "unknown\n" ); } } +#endif /* * Print the input string if the bit is set in the value @@ -608,7 +612,12 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, ( (uint64_t) ssl[7] ); ssl += 8; printf( "\tstart time : " ); +#if defined(MBEDTLS_HAVE_TIME) print_time( (time_t*) &start ); +#else + (void) start; + printf( "not supported\n" ); +#endif } CHECK_SSL_END( 2 ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 595300e85..60958e6c6 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2723,8 +2723,10 @@ int main( int argc, char *argv[] ) if( opt.cache_max != -1 ) mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); +#if defined(MBEDTLS_HAVE_TIME) if( opt.cache_timeout != -1 ) mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); +#endif mbedtls_ssl_conf_session_cache( &conf, &cache, mbedtls_ssl_cache_get, diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index 04e127a85..a28a47769 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -46,11 +46,13 @@ void my_debug( void *ctx, int level, fflush( (FILE *) ctx ); } +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) { (void) time; return 0x5af2a056; } +#endif #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) static int dummy_entropy( void *data, unsigned char *output, size_t len ) diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index ff024924f..b3c4cfa0f 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -129,7 +129,9 @@ void my_debug( void *ctx, int level, const char *file, int line, const char *str ); +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use From 814c8133c8e747b41cd10a5049e6a80ea5774aac Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Mon, 31 Aug 2020 14:22:58 +1000 Subject: [PATCH 05/17] tests: add baremetal full config build To be able to test utility programs for an absence of time.h, we need a baremetal config that is not crypto only. Add one. Signed-off-by: Daniel Axtens --- tests/scripts/all.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7b2519569..01c369a9b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1439,6 +1439,15 @@ component_build_crypto_baremetal () { are_empty_libraries library/libmbedx509.* library/libmbedtls.* } support_build_crypto_baremetal () { + support_build_baremetal "$@" +} + +component_build_baremetal () { + msg "build: make, baremetal config" + scripts/config.py baremetal + make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" +} +support_build_baremetal () { # Older Glibc versions include time.h from other headers such as stdlib.h, # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this # problem, Ubuntu 18.04 is ok. From 5b9cb9e8ca161950581bd3255d0d8fa0680f9800 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 29 Nov 2021 17:28:13 +0000 Subject: [PATCH 06/17] programs/test: fix build without MBEDTLS_HAVE_TIME Allow programs/test/udp_proxy.c to build when MBEDTLS_HAVE_TIME is not defined. In this case, do not attempt to seed the pseudo-random number generator used to sometimes produce corrupt packets and other erroneous data. Signed-off-by: David Horstmann --- programs/test/udp_proxy.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 6546e8fd0..21a5173b5 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -32,9 +32,11 @@ #else #include #include +#if defined(MBEDTLS_HAVE_TIME) #include #define mbedtls_time time #define mbedtls_time_t time_t +#endif #define mbedtls_printf printf #define mbedtls_calloc calloc #define mbedtls_free free @@ -821,6 +823,7 @@ int main( int argc, char *argv[] ) get_options( argc, argv ); +#if defined(MBEDTLS_HAVE_TIME) /* * Decisions to drop/delay/duplicate packets are pseudo-random: dropping * exactly 1 in N packets would lead to problems when a flight has exactly @@ -831,11 +834,12 @@ int main( int argc, char *argv[] ) */ if( opt.seed == 0 ) { - opt.seed = (unsigned int) time( NULL ); + opt.seed = (unsigned int) mbedtls_time( NULL ); mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); } srand( opt.seed ); +#endif /* MBEDTLS_HAVE_TIME */ /* * 0. "Connect" to the server From 4e0cc40d0f8ed24e7ab91705e85dbe272c5a23bc Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 29 Nov 2021 18:55:16 +0000 Subject: [PATCH 07/17] programs/fuzz: Use build_info.h in common.h Remove direct inclusion of mbedtls_config.h and replace with build_info.h, as is the convention in Mbed TLS 3.0. Signed-off-by: David Horstmann --- programs/fuzz/common.h | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/programs/fuzz/common.h b/programs/fuzz/common.h index 37495a6f3..7bb7b8778 100644 --- a/programs/fuzz/common.h +++ b/programs/fuzz/common.h @@ -1,8 +1,4 @@ -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/mbedtls_config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif +#include "mbedtls/build_info.h" #if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" From ca53459bed53a84ab901002e6e437a8e192c00d8 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 29 Nov 2021 18:57:10 +0000 Subject: [PATCH 08/17] programs/fuzz: Remove superfluous MBEDTLS_HAVE_TIME MBEDTLS_HAVE_TIME_ALT implies MBEDTLS_HAVE_TIME, so an extra check for MBEDTLS_HAVE_TIME is not needed. Signed-off-by: David Horstmann --- programs/fuzz/common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index 1af2446db..c6d49765e 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -15,7 +15,7 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) void dummy_init() { -#if (defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_PLATFORM_TIME_ALT)) +#if defined(MBEDTLS_PLATFORM_TIME_ALT) mbedtls_platform_set_time( dummy_constant_time ); #else fprintf(stderr, "Warning: fuzzing without constant time\n"); From 61faf665e606a573fd94e19e962bf68599f930b3 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 30 Nov 2021 11:40:54 +0000 Subject: [PATCH 09/17] Use $PWD instead of $(pwd) for consistency Change the new baremetal all.sh tests to use $PWD rather than calling pwd again directly. Signed-off-by: David Horstmann --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 01c369a9b..8a690cd9c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1435,7 +1435,7 @@ component_build_crypto_full () { component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal - make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" + make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" are_empty_libraries library/libmbedx509.* library/libmbedtls.* } support_build_crypto_baremetal () { @@ -1445,7 +1445,7 @@ support_build_crypto_baremetal () { component_build_baremetal () { msg "build: make, baremetal config" scripts/config.py baremetal - make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" + make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" } support_build_baremetal () { # Older Glibc versions include time.h from other headers such as stdlib.h, From 3475b2637555e81ea1531e77bfa45ea920e602d5 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 22 Feb 2022 07:27:08 -0500 Subject: [PATCH 10/17] Add a changelog entry Signed-off-by: Andrzej Kurek --- ChangeLog.d/timeless.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/timeless.txt diff --git a/ChangeLog.d/timeless.txt b/ChangeLog.d/timeless.txt new file mode 100644 index 000000000..84f07d64e --- /dev/null +++ b/ChangeLog.d/timeless.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests + to catch bad uses of time.h. From 108bf520e01755b3b20fcc7d17a39bcdf9a82721 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 10:55:08 -0500 Subject: [PATCH 11/17] Add a missing guard for time.h in net_sockets.c Signed-off-by: Andrzej Kurek --- library/net_sockets.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/net_sockets.c b/library/net_sockets.c index 17a9e4a57..d1700f3bb 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -107,7 +107,9 @@ static int wsa_init_done = 0; #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include From 06a00afeec09f73980ef1b70c92a437bf39d79ff Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 10:56:22 -0500 Subject: [PATCH 12/17] Fix requirement mismatch in fuzz/common.c Signed-off-by: Andrzej Kurek --- programs/fuzz/common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index c6d49765e..c554bc680 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -5,7 +5,7 @@ #include #include "mbedtls/ctr_drbg.h" -#if defined(MBEDTLS_HAVE_TIME) +#if defined(MBEDTLS_PLATFORM_TIME_ALT) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) { (void) time; From 09e803ce0d7ec5acf29ddd9421f60e4a84fadb27 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 11:20:23 -0500 Subject: [PATCH 13/17] Provide a dummy implementation of timing.c Signed-off-by: Andrzej Kurek --- library/timing.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/library/timing.c b/library/timing.c index 8a02c00de..d66e11e26 100644 --- a/library/timing.c +++ b/library/timing.c @@ -45,15 +45,15 @@ struct _hr_time #include #include -#include #include +#if defined(MBEDTLS_HAVE_TIME) #include - +#include struct _hr_time { struct timeval start; }; - +#endif #endif /* _WIN32 && !EFIX64 && !EFI32 */ /** @@ -75,6 +75,7 @@ struct _hr_time * get_timer(0) }` the value time1+time2 is only approximately * the delay since the first reset. */ +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) @@ -157,6 +158,26 @@ int mbedtls_timing_get_delay( void *data ) return( 0 ); } +#else +int mbedtls_timing_get_delay( void *data ) +{ + (void) data; + return( 0 ); +} +void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ) +{ + (void) data; + (void) int_ms; + (void) fin_ms; +} + +unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) +{ + (void) val; + (void) reset; + return( 0 ); +} +#endif /* MBEDTLS_HAVE_TIME */ #endif /* !MBEDTLS_TIMING_ALT */ #endif /* MBEDTLS_TIMING_C */ From 6056e7af4fe170085d2498f3fcdef82470a9945a Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 12:01:10 -0500 Subject: [PATCH 14/17] Fix benchmark and udp_proxy dependency on MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek --- programs/test/benchmark.c | 8 +++----- programs/test/udp_proxy.c | 2 ++ 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index d3faad91e..569f14795 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -30,10 +30,10 @@ #define mbedtls_free free #endif -#if !defined(MBEDTLS_TIMING_C) +#if !defined(MBEDTLS_HAVE_TIME) int main( void ) { - mbedtls_printf("MBEDTLS_TIMING_C not defined.\n"); + mbedtls_printf("MBEDTLS_HAVE_TIME not defined.\n"); mbedtls_exit( 0 ); } #else @@ -41,8 +41,6 @@ int main( void ) #include #include -#include "mbedtls/timing.h" - #include "mbedtls/md5.h" #include "mbedtls/ripemd160.h" #include "mbedtls/sha1.h" @@ -1304,4 +1302,4 @@ int main( int argc, char *argv[] ) mbedtls_exit( 0 ); } -#endif /* MBEDTLS_TIMING_C */ +#endif /* MBEDTLS_HAVE_TIME */ diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 21a5173b5..bc78fab86 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -73,7 +73,9 @@ int main( void ) #endif #endif /* _MSC_VER */ #else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include #include #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ From 469fa95cbc6ca4d25847b56be59990c336da9ada Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 12:13:50 -0500 Subject: [PATCH 15/17] Add the timing test dependency on MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek --- tests/suites/test_suite_timing.data | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data index de89239e7..a45ed0e99 100644 --- a/tests/suites/test_suite_timing.data +++ b/tests/suites/test_suite_timing.data @@ -1,8 +1,11 @@ Timing: get timer +depends_on:MBEDTLS_HAVE_TIME timing_get_timer: Timing: delay 0ms +depends_on:MBEDTLS_HAVE_TIME timing_delay:0: Timing: delay 100ms +depends_on:MBEDTLS_HAVE_TIME timing_delay:100: From 554b820747b62e36242670ce454a59ecfce619aa Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 12:33:24 -0500 Subject: [PATCH 16/17] Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek --- programs/ssl/ssl_server2.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 60958e6c6..11461fa64 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -317,10 +317,16 @@ int main( void ) #if defined(MBEDTLS_SSL_CACHE_C) #define USAGE_CACHE \ - " cache_max=%%d default: cache default (50)\n" \ + " cache_max=%%d default: cache default (50)\n" +#if defined(MBEDTLS_HAVE_TIME) +#define USAGE_CACHE_TIME \ " cache_timeout=%%d default: cache default (1d)\n" #else +#define USAGE_CACHE_TIME "" +#endif +#else #define USAGE_CACHE "" +#define USAGE_CACHE_TIME "" #endif /* MBEDTLS_SSL_CACHE_C */ #if defined(SNI_OPTION) @@ -509,6 +515,7 @@ int main( void ) USAGE_NSS_KEYLOG \ USAGE_NSS_KEYLOG_FILE \ USAGE_CACHE \ + USAGE_CACHE_TIME \ USAGE_MAX_FRAG_LEN \ USAGE_ALPN \ USAGE_EMS \ @@ -619,7 +626,9 @@ struct options int ticket_timeout; /* session ticket lifetime */ int ticket_aead; /* session ticket protection */ int cache_max; /* max number of session cache entries */ - int cache_timeout; /* expiration delay of session cache entries */ +#if defined(MBEDTLS_HAVE_TIME) + int cache_timeout; /* expiration delay of session cache entries*/ +#endif char *sni; /* string describing sni information */ const char *curves; /* list of supported elliptic curves */ const char *sig_algs; /* supported TLS 1.3 signature algorithms */ @@ -1549,7 +1558,9 @@ int main( int argc, char *argv[] ) opt.ticket_timeout = DFL_TICKET_TIMEOUT; opt.ticket_aead = DFL_TICKET_AEAD; opt.cache_max = DFL_CACHE_MAX; +#if defined(MBEDTLS_HAVE_TIME) opt.cache_timeout = DFL_CACHE_TIMEOUT; +#endif opt.sni = DFL_SNI; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; @@ -1945,12 +1956,14 @@ int main( int argc, char *argv[] ) if( opt.cache_max < 0 ) goto usage; } +#if defined(MBEDTLS_HAVE_TIME) else if( strcmp( p, "cache_timeout" ) == 0 ) { opt.cache_timeout = atoi( q ); if( opt.cache_timeout < 0 ) goto usage; } +#endif else if( strcmp( p, "cookies" ) == 0 ) { opt.cookies = atoi( q ); From 541318ad708cdb69ab1d12437565a1dcc68f02c3 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 28 Feb 2022 05:51:57 -0500 Subject: [PATCH 17/17] Refactor ssl_context_info time printing Signed-off-by: Andrzej Kurek --- programs/ssl/ssl_context_info.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index cc889d46c..19054eb2f 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -309,11 +309,11 @@ void print_hex( const uint8_t *b, size_t len, /* * Print the value of time_t in format e.g. 2020-01-23 13:05:59 */ -#if defined(MBEDTLS_HAVE_TIME) -void print_time( const time_t *time ) +void print_time( const uint64_t *time ) { +#if defined(MBEDTLS_HAVE_TIME) char buf[20]; - struct tm *t = gmtime( time ); + struct tm *t = gmtime( (time_t*) time ); static const char format[] = "%Y-%m-%d %H:%M:%S"; if( NULL != t ) { @@ -324,8 +324,11 @@ void print_time( const time_t *time ) { printf( "unknown\n" ); } -} +#else + (void) time; + printf( "not supported\n" ); #endif +} /* * Print the input string if the bit is set in the value @@ -612,12 +615,7 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, ( (uint64_t) ssl[7] ); ssl += 8; printf( "\tstart time : " ); -#if defined(MBEDTLS_HAVE_TIME) - print_time( (time_t*) &start ); -#else - (void) start; - printf( "not supported\n" ); -#endif + print_time( &start ); } CHECK_SSL_END( 2 );