Merge pull request #7638 from AndrzejKurek/cert-apps-use-ips

Use better IP parsing in x509 apps
2023-06-20 17:21:04 +01:00 · 2023-06-20 17:21:04 +01:00 · 458b96b1a7
commit 458b96b1a7
parent cd70070c25 c6beb3a741
6 changed files with 48 additions and 92 deletions
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@ -49,7 +49,6 @@
 #include "mbedtls/psa_util.h"
 #include "md_psa.h"
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
-#include "x509_invasive.h"
 #include "pk_internal.h"

 #include "mbedtls/platform.h"
@ -2862,7 +2861,6 @@ static int x509_inet_pton_ipv4(const char *src, void *dst)

 #endif /* !AF_INET6 || MBEDTLS_TEST_SW_INET_PTON */ //no-check-names

-MBEDTLS_STATIC_TESTABLE
 size_t mbedtls_x509_crt_parse_cn_inet_pton(const char *cn, void *dst)
 {
    return strchr(cn, ':') == NULL
--- a/library/x509_invasive.h
+++ b/library/x509_invasive.h
@ -1,53 +0,0 @@
-/**
- * \file x509_invasive.h
- *
- * \brief x509 module: interfaces for invasive testing only.
- *
- * The interfaces in this file are intended for testing purposes only.
- * They SHOULD NOT be made available in library integrations except when
- * building the library for testing.
- */
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#ifndef MBEDTLS_X509_INVASIVE_H
-#define MBEDTLS_X509_INVASIVE_H
-
-#include "common.h"
-
-#if defined(MBEDTLS_TEST_HOOKS)
-
-/**
- * \brief          This function parses a CN string as an IP address.
- *
- * \param cn       The CN string to parse. CN string MUST be NUL-terminated.
- * \param dst      The target buffer to populate with the binary IP address.
- *                 The buffer MUST be 16 bytes to save IPv6, and should be
- *                 4-byte aligned if the result will be used as struct in_addr.
- *                 e.g. uint32_t dst[4]
- *
- * \note           \cn is parsed as an IPv6 address if string contains ':',
- *                 else \cn is parsed as an IPv4 address.
- *
- * \return         Length of binary IP address; num bytes written to target.
- * \return         \c 0 on failure to parse CN string as an IP address.
- */
-size_t mbedtls_x509_crt_parse_cn_inet_pton(const char *cn, void *dst);
-
-#endif /* MBEDTLS_TEST_HOOKS */
-
-#endif /* MBEDTLS_X509_INVASIVE_H */