From 85b6600ab262e5fcd1682ffadd974ffcda95d7d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 23 Mar 2015 12:03:49 +0100 Subject: [PATCH 1/5] Suppress clang warning we don't want --- library/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 1116a5821..57ebf8347 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -82,7 +82,7 @@ if(CMAKE_COMPILER_IS_GNUCC) endif(CMAKE_COMPILER_IS_GNUCC) if(CMAKE_COMPILER_IS_CLANG) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wunreachable-code") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") endif(CMAKE_COMPILER_IS_CLANG) if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) From c70581c272dd8b01d5caacab5e42dadcd1e9367f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 23 Mar 2015 13:58:27 +0100 Subject: [PATCH 2/5] Add POLARSSL_DEPRECATED_{WARNING,REMOVED} --- include/polarssl/check_config.h | 5 +++++ include/polarssl/cipher.h | 10 +++++++++- include/polarssl/config.h | 28 ++++++++++++++++++++++++++++ include/polarssl/md.h | 10 +++++++++- include/polarssl/memory.h | 10 ++++++++++ include/polarssl/pbkdf2.h | 12 ++++++++++-- include/polarssl/ssl.h | 12 ++++++++++-- include/polarssl/x509.h | 12 ++++++++++-- library/cipher.c | 3 ++- library/md.c | 2 ++ library/pbkdf2.c | 4 ++++ library/ssl_tls.c | 2 ++ library/x509.c | 4 ++++ 13 files changed, 105 insertions(+), 9 deletions(-) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index 106243462..a668cf8b1 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -30,6 +30,11 @@ #ifndef POLARSSL_CHECK_CONFIG_H #define POLARSSL_CHECK_CONFIG_H +#if defined(POLARSSL_DEPRECATED_WARNING) && \ + !defined(__GCC__) && !defined(__clang__) +#error "POLARSSL_DEPRECATED_WARNING only works with GCC and Clang" +#endif + #if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM) #error "POLARSSL_AESNI_C defined, but not all prerequisites" #endif diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index 6773f61c6..ef8d2811f 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -372,6 +372,12 @@ void cipher_free( cipher_context_t *ctx ); */ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Free the cipher-specific context of ctx. Freeing ctx * itself remains the responsibility of the caller. @@ -382,7 +388,9 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); * * \returns 0 */ -int cipher_free_ctx( cipher_context_t *ctx ); +int cipher_free_ctx( cipher_context_t *ctx ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ /** * \brief Returns the block size of the given cipher. diff --git a/include/polarssl/config.h b/include/polarssl/config.h index be7da2850..63db5ee05 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -179,6 +179,34 @@ //#define POLARSSL_PLATFORM_FPRINTF_ALT //#define POLARSSL_PLATFORM_PRINTF_ALT //#define POLARSSL_PLATFORM_SNPRINTF_ALT + +/** + * \def POLARSSL_DEPRECATED_WARNING + * + * Mark deprecated functions so that they generate a warning if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * This only works with GCC and Clang. With other compilers, you may want to + * use POLARSSL_DEPRECATED_REMOVED + * + * Uncomment to get warnings on using deprecated functions. + */ +//#define POLARSSL_DEPRECATED_WARNING + +/** + * \def POLARSSL_DEPRECATED_REMOVED + * + * Remove deprecated functions so that they generate an error if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * Uncomment to get errors on using deprecated functions. + */ +//#define POLARSSL_DEPRECATED_REMOVED + /* \} name SECTION: System support */ /** diff --git a/include/polarssl/md.h b/include/polarssl/md.h index 95da80be8..303aee820 100644 --- a/include/polarssl/md.h +++ b/include/polarssl/md.h @@ -200,6 +200,12 @@ void md_free( md_context_t *ctx ); */ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Free the message-specific context of ctx. Freeing ctx itself * remains the responsibility of the caller. @@ -210,7 +216,9 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); * * \returns 0 */ -int md_free_ctx( md_context_t *ctx ); +int md_free_ctx( md_context_t *ctx ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ /** * \brief Returns the size of the message digest output. diff --git a/include/polarssl/memory.h b/include/polarssl/memory.h index 8312beb95..8b8ac5dc4 100644 --- a/include/polarssl/memory.h +++ b/include/polarssl/memory.h @@ -37,16 +37,26 @@ #include "platform.h" #include "memory_buffer_alloc.h" +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Set malloc() / free() callback * * \deprecated Use platform_set_malloc_free instead */ +int memory_set_own( void * (*malloc_func)( size_t ), + void (*free_func)( void * ) ) DEPRECATED; int memory_set_own( void * (*malloc_func)( size_t ), void (*free_func)( void * ) ) { return platform_set_malloc_free( malloc_func, free_func ); } +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* memory.h */ diff --git a/include/polarssl/pbkdf2.h b/include/polarssl/pbkdf2.h index e842c838a..28987b3f7 100644 --- a/include/polarssl/pbkdf2.h +++ b/include/polarssl/pbkdf2.h @@ -45,6 +45,12 @@ typedef UINT32 uint32_t; extern "C" { #endif +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief PKCS#5 PBKDF2 using HMAC * @@ -64,7 +70,7 @@ extern "C" { int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, - uint32_t key_length, unsigned char *output ); + uint32_t key_length, unsigned char *output ) DEPRECATED; /** * \brief Checkup routine @@ -73,7 +79,9 @@ int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, * * \return 0 if successful, or 1 if the test failed */ -int pbkdf2_self_test( int verbose ); +int pbkdf2_self_test( int verbose ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ #ifdef __cplusplus } diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 8e8213797..cd9f770e9 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -1213,6 +1213,12 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain, int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, pk_context *pk_key ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif #if defined(POLARSSL_RSA_C) /** * \brief Set own certificate chain and private RSA key @@ -1230,7 +1236,7 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, * \return 0 on success, or a specific error code. */ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, - rsa_context *rsa_key ); + rsa_context *rsa_key ) DEPRECATED; #endif /* POLARSSL_RSA_C */ /** @@ -1261,7 +1267,9 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, void *rsa_key, rsa_decrypt_func rsa_decrypt, rsa_sign_func rsa_sign, - rsa_key_len_func rsa_key_len ); + rsa_key_len_func rsa_key_len ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* POLARSSL_X509_CRT_PARSE_C */ #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 9dda082a5..0dece0634 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -225,6 +225,12 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ); */ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Give an known OID, return its descriptive string. * @@ -237,7 +243,7 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); * \return Return a string if the OID is known, * or NULL otherwise. */ -const char *x509_oid_get_description( x509_buf *oid ); +const char *x509_oid_get_description( x509_buf *oid ) DEPRECATED; /** * \brief Give an OID, return a string version of its OID number. @@ -251,7 +257,9 @@ const char *x509_oid_get_description( x509_buf *oid ); * \return Length of the string written (excluding final NULL) or * POLARSSL_ERR_OID_BUF_TO_SMALL in case of error */ -int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ); +int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ /** * \brief Check a given x509_time against the system time and check diff --git a/library/cipher.c b/library/cipher.c index 516fa0084..b69d33106 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -165,13 +165,14 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ) return( 0 ); } -/* compatibility wrapper */ +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int cipher_free_ctx( cipher_context_t *ctx ) { cipher_free( ctx ); return( 0 ); } +#endif int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int key_length, const operation_t operation ) diff --git a/library/md.c b/library/md.c index fbdab9117..cf4d7e334 100644 --- a/library/md.c +++ b/library/md.c @@ -203,12 +203,14 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) return( 0 ); } +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int md_free_ctx( md_context_t *ctx ) { md_free( ctx ); return( 0 ); } +#endif int md_starts( md_context_t *ctx ) { diff --git a/library/pbkdf2.c b/library/pbkdf2.c index b4ef19500..783e4a8be 100644 --- a/library/pbkdf2.c +++ b/library/pbkdf2.c @@ -41,6 +41,7 @@ #include "polarssl/pbkdf2.h" #include "polarssl/pkcs5.h" +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, @@ -49,12 +50,15 @@ int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count, key_length, output ); } +#endif #if defined(POLARSSL_SELF_TEST) +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int pbkdf2_self_test( int verbose ) { return pkcs5_self_test( verbose ); } +#endif #endif /* POLARSSL_SELF_TEST */ #endif /* POLARSSL_PBKDF2_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 77bb9adb2..515b90355 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3976,6 +3976,7 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, return( 0 ); } +#if ! defined(POLARSSL_DEPRECATED_REMOVED) #if defined(POLARSSL_RSA_C) int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, rsa_context *rsa_key ) @@ -4033,6 +4034,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, return( 0 ); } +#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* POLARSSL_X509_CRT_PARSE_C */ #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) diff --git a/library/x509.c b/library/x509.c index b35663d8c..922f023db 100644 --- a/library/x509.c +++ b/library/x509.c @@ -880,6 +880,7 @@ int x509_key_size_helper( char *buf, size_t size, const char *name ) /* * Return an informational string describing the given OID */ +#if ! defined(POLARSSL_DEPRECATED_REMOVED) const char *x509_oid_get_description( x509_buf *oid ) { const char *desc = NULL; @@ -892,12 +893,15 @@ const char *x509_oid_get_description( x509_buf *oid ) return( desc ); } +#endif /* Return the x.y.z.... style numeric string for the given OID */ +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) { return oid_get_numeric_string( buf, size, oid ); } +#endif /* * Return 0 if the x509_time is still valid, or 1 otherwise. From e46c6c38c9a77c6808961372092daca363055ea0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 23 Mar 2015 13:59:10 +0100 Subject: [PATCH 3/5] Fix tests to work with DEPRECATED_REMOVED --- programs/test/selftest.c | 9 ++++----- tests/scripts/generate_code.pl | 3 ++- tests/suites/test_suite_pbkdf2.function | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 280e3b7c8..a9aef59fe 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -203,17 +203,16 @@ int main( int argc, char *argv[] ) return( ret ); #endif -/* Slow tests last */ - -#if defined(POLARSSL_PBKDF2_C) +#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_DEPRECATED_REMOVED) if( ( ret = pbkdf2_self_test( v ) ) != 0 ) return( ret ); -#else +#endif #if defined(POLARSSL_PKCS5_C) if( ( ret = pkcs5_self_test( v ) ) != 0 ) return( ret ); #endif -#endif + +/* Slow tests last */ /* Not stable enough on Windows and FreeBSD yet */ #if __linux__ && defined(POLARSSL_TIMING_C) diff --git a/tests/scripts/generate_code.pl b/tests/scripts/generate_code.pl index ba7473816..81c454cdb 100755 --- a/tests/scripts/generate_code.pl +++ b/tests/scripts/generate_code.pl @@ -50,8 +50,9 @@ my %mapping_values; while (@var_req_arr) { my $req = shift @var_req_arr; + $req =~ s/(!?)(.*)/$1defined($2)/; - $suite_pre_code .= "#ifdef $req\n"; + $suite_pre_code .= "#if $req\n"; $suite_post_code .= "#endif /* $req */\n"; } diff --git a/tests/suites/test_suite_pbkdf2.function b/tests/suites/test_suite_pbkdf2.function index f99cb6d1b..73dbd15b8 100644 --- a/tests/suites/test_suite_pbkdf2.function +++ b/tests/suites/test_suite_pbkdf2.function @@ -3,7 +3,7 @@ /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:POLARSSL_PBKDF2_C + * depends_on:POLARSSL_PBKDF2_C:!POLARSSL_DEPRECATED_REMOVED * END_DEPENDENCIES */ From f7dbedb7dbc732c2b9385ecd35921b973c51a9d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 23 Mar 2015 14:20:04 +0100 Subject: [PATCH 4/5] Update Changelog for deprecation config flags --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index c750144da..95821f261 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,10 @@ Features speed and RAM (heap only for now) usage. * New script memory.sh helps measuring the ROM and RAM requirements of two reduced configurations (PSK-CCM and NSA suite B). + * Add config flags POLARSSL_DEPRECATED_WARNING (off by default) to produce + warnings on use of deprecated functions (with GCC and Clang only). + * Add config flags POLARSSL_DEPRECATED_REMOVED (off by default) to produce + errors on use of deprecated functions. Bugfix * Fix hardclock() (only used in the benchmarking program) with some From bf8f7febd8f25cac34acf0f7feaef00b38248ca9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 23 Mar 2015 14:24:06 +0100 Subject: [PATCH 5/5] Update generated file --- library/version_features.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/version_features.c b/library/version_features.c index 4ec1e8794..aa30da556 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -78,6 +78,12 @@ static const char *features[] = { #if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) "POLARSSL_PLATFORM_SNPRINTF_ALT", #endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ +#if defined(POLARSSL_DEPRECATED_WARNING) + "POLARSSL_DEPRECATED_WARNING", +#endif /* POLARSSL_DEPRECATED_WARNING */ +#if defined(POLARSSL_DEPRECATED_REMOVED) + "POLARSSL_DEPRECATED_REMOVED", +#endif /* POLARSSL_DEPRECATED_REMOVED */ #if defined(POLARSSL_TIMING_ALT) "POLARSSL_TIMING_ALT", #endif /* POLARSSL_TIMING_ALT */