1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-07 06:42:56 +03:00

Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188

Fix build of v3.6 (issues #9186 and #9188)
This commit is contained in:
Gilles Peskine
2024-08-12 09:34:17 +00:00
committed by GitHub
64 changed files with 428 additions and 394 deletions

View File

@@ -597,8 +597,8 @@ static int my_verify(void *data, mbedtls_x509_crt *crt,
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
static int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
{
int ret;
unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];

View File

@@ -111,12 +111,12 @@ const char buf_ln_err[] = "Buffer does not have enough data to complete the pars
/*
* Basic printing functions
*/
void print_version(void)
static void print_version(void)
{
printf("%s v%d.%d\n", PROG_NAME, VER_MAJOR, VER_MINOR);
}
void print_usage(void)
static void print_usage(void)
{
print_version();
printf("\nThis program is used to deserialize an Mbed TLS SSL session from the base64 code provided\n"
@@ -138,7 +138,7 @@ void print_usage(void)
);
}
void printf_dbg(const char *str, ...)
static void printf_dbg(const char *str, ...)
{
if (debug) {
va_list args;
@@ -151,7 +151,7 @@ void printf_dbg(const char *str, ...)
}
MBEDTLS_PRINTF_ATTRIBUTE(1, 2)
void printf_err(const char *str, ...)
static void printf_err(const char *str, ...)
{
va_list args;
va_start(args, str);
@@ -165,7 +165,7 @@ void printf_err(const char *str, ...)
/*
* Exit from the program in case of error
*/
void error_exit(void)
static void error_exit(void)
{
if (NULL != b64_file) {
fclose(b64_file);
@@ -176,7 +176,7 @@ void error_exit(void)
/*
* This function takes the input arguments of this program
*/
void parse_arguments(int argc, char *argv[])
static void parse_arguments(int argc, char *argv[])
{
int i = 1;
@@ -223,7 +223,7 @@ void parse_arguments(int argc, char *argv[])
/*
* This function prints base64 code to the stdout
*/
void print_b64(const uint8_t *b, size_t len)
static void print_b64(const uint8_t *b, size_t len)
{
size_t i = 0;
const uint8_t *end = b + len;
@@ -247,8 +247,8 @@ void print_b64(const uint8_t *b, size_t len)
* /p in_line number of bytes in one line
* /p prefix prefix for the new lines
*/
void print_hex(const uint8_t *b, size_t len,
const size_t in_line, const char *prefix)
static void print_hex(const uint8_t *b, size_t len,
const size_t in_line, const char *prefix)
{
size_t i = 0;
const uint8_t *end = b + len;
@@ -271,7 +271,7 @@ void print_hex(const uint8_t *b, size_t len,
/*
* Print the value of time_t in format e.g. 2020-01-23 13:05:59
*/
void print_time(const uint64_t *time)
static void print_time(const uint64_t *time)
{
#if defined(MBEDTLS_HAVE_TIME)
char buf[20];
@@ -292,7 +292,7 @@ void print_time(const uint64_t *time)
/*
* Print the input string if the bit is set in the value
*/
void print_if_bit(const char *str, int bit, int val)
static void print_if_bit(const char *str, int bit, int val)
{
if (bit & val) {
printf("\t%s\n", str);
@@ -302,7 +302,7 @@ void print_if_bit(const char *str, int bit, int val)
/*
* Return pointer to hardcoded "enabled" or "disabled" depending on the input value
*/
const char *get_enabled_str(int is_en)
static const char *get_enabled_str(int is_en)
{
return (is_en) ? "enabled" : "disabled";
}
@@ -310,7 +310,7 @@ const char *get_enabled_str(int is_en)
/*
* Return pointer to hardcoded MFL string value depending on the MFL code at the input
*/
const char *get_mfl_str(int mfl_code)
static const char *get_mfl_str(int mfl_code)
{
switch (mfl_code) {
case MBEDTLS_SSL_MAX_FRAG_LEN_NONE:
@@ -343,7 +343,7 @@ const char *get_mfl_str(int mfl_code)
* \retval number of bytes written in to the b64 buffer or 0 in case no more
* data was found
*/
size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
static size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
{
int valid_balance = 0; /* balance between valid and invalid characters */
size_t len = 0;
@@ -443,7 +443,7 @@ size_t read_next_b64_code(uint8_t **b64, size_t *max_len)
* /p ssl pointer to serialized certificate
* /p len number of bytes in the buffer
*/
void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
static void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
{
enum { STRLEN = 4096 };
mbedtls_x509_crt crt;
@@ -509,8 +509,8 @@ void print_deserialized_ssl_cert(const uint8_t *ssl, uint32_t len)
* /p len number of bytes in the buffer
* /p session_cfg_flag session configuration flags
*/
void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
int session_cfg_flag)
static void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
int session_cfg_flag)
{
const struct mbedtls_ssl_ciphersuite_t *ciphersuite_info;
int ciphersuite_id;
@@ -746,7 +746,7 @@ void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
* /p ssl pointer to serialized session
* /p len number of bytes in the buffer
*/
void print_deserialized_ssl_context(const uint8_t *ssl, size_t len)
static void print_deserialized_ssl_context(const uint8_t *ssl, size_t len)
{
const uint8_t *end = ssl + len;
uint32_t session_len;

View File

@@ -756,7 +756,7 @@ struct _sni_entry {
sni_entry *next;
};
void sni_free(sni_entry *head)
static void sni_free(sni_entry *head)
{
sni_entry *cur = head, *next;
@@ -786,7 +786,7 @@ void sni_free(sni_entry *head)
*
* Modifies the input string! This is not production quality!
*/
sni_entry *sni_parse(char *sni_string)
static sni_entry *sni_parse(char *sni_string)
{
sni_entry *cur = NULL, *new = NULL;
char *p = sni_string;
@@ -878,8 +878,8 @@ error:
/*
* SNI callback.
*/
int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
static int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
{
const sni_entry *cur = (const sni_entry *) p_info;
@@ -909,7 +909,7 @@ int sni_callback(void *p_info, mbedtls_ssl_context *ssl,
/*
* server certificate selection callback.
*/
int cert_callback(mbedtls_ssl_context *ssl)
static int cert_callback(mbedtls_ssl_context *ssl)
{
const sni_entry *cur = (sni_entry *) mbedtls_ssl_get_user_data_p(ssl);
if (cur != NULL) {
@@ -954,7 +954,7 @@ struct _psk_entry {
/*
* Free a list of psk_entry's
*/
int psk_free(psk_entry *head)
static int psk_free(psk_entry *head)
{
psk_entry *next;
@@ -985,7 +985,7 @@ int psk_free(psk_entry *head)
*
* Modifies the input string! This is not production quality!
*/
psk_entry *psk_parse(char *psk_string)
static psk_entry *psk_parse(char *psk_string)
{
psk_entry *cur = NULL, *new = NULL;
char *p = psk_string;
@@ -1027,8 +1027,8 @@ error:
/*
* PSK callback
*/
int psk_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
static int psk_callback(void *p_info, mbedtls_ssl_context *ssl,
const unsigned char *name, size_t name_len)
{
psk_entry *cur = (psk_entry *) p_info;
@@ -1055,7 +1055,7 @@ static mbedtls_net_context listen_fd, client_fd;
/* Interruption handler to ensure clean exit (for valgrind testing) */
#if !defined(_WIN32)
static int received_sigterm = 0;
void term_handler(int sig)
static void term_handler(int sig)
{
((void) sig);
received_sigterm = 1;
@@ -1105,11 +1105,11 @@ typedef struct {
void *p_rng;
} ssl_async_key_context_t;
int ssl_async_set_key(ssl_async_key_context_t *ctx,
mbedtls_x509_crt *cert,
mbedtls_pk_context *pk,
int pk_take_ownership,
unsigned delay)
static int ssl_async_set_key(ssl_async_key_context_t *ctx,
mbedtls_x509_crt *cert,
mbedtls_pk_context *pk,
int pk_take_ownership,
unsigned delay)
{
if (ctx->slots_used >= sizeof(ctx->slots) / sizeof(*ctx->slots)) {
return -1;
@@ -1332,8 +1332,8 @@ static psa_status_t psa_setup_psk_key_slot(mbedtls_svc_key_id_t *slot,
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
static int report_cid_usage(mbedtls_ssl_context *ssl,
const char *additional_description)
{
int ret;
unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
@@ -1376,16 +1376,17 @@ int report_cid_usage(mbedtls_ssl_context *ssl,
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_HAVE_TIME)
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) && \
defined(MBEDTLS_HAVE_TIME)
static inline void put_unaligned_uint32(void *p, uint32_t x)
{
memcpy(p, &x, sizeof(x));
}
/* Functions for session ticket tests */
int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session,
unsigned char *start, const unsigned char *end,
size_t *tlen, uint32_t *ticket_lifetime)
static int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session,
unsigned char *start, const unsigned char *end,
size_t *tlen, uint32_t *ticket_lifetime)
{
int ret;
unsigned char *p = start;
@@ -1410,8 +1411,8 @@ int dummy_ticket_write(void *p_ticket, const mbedtls_ssl_session *session,
return 0;
}
int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
unsigned char *buf, size_t len)
static int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
unsigned char *buf, size_t len)
{
int ret;
((void) p_ticket);
@@ -1467,9 +1468,9 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session,
return ret;
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_HAVE_TIME */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C && MBEDTLS_HAVE_TIME */
int parse_cipher(char *buf)
static int parse_cipher(char *buf)
{
if (strcmp(buf, "AES-128-CCM")) {
return MBEDTLS_CIPHER_AES_128_CCM;

View File

@@ -12,13 +12,13 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
void eap_tls_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
static void eap_tls_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
{
eap_tls_keys *keys = (eap_tls_keys *) p_expkey;
@@ -36,13 +36,13 @@ void eap_tls_key_derivation(void *p_expkey,
keys->tls_prf_type = tls_prf_type;
}
void nss_keylog_export(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
static void nss_keylog_export(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
{
char nss_keylog_line[200];
size_t const client_random_len = 32;
@@ -106,13 +106,13 @@ exit:
}
#if defined(MBEDTLS_SSL_DTLS_SRTP)
void dtls_srtp_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
static void dtls_srtp_key_derivation(void *p_expkey,
mbedtls_ssl_key_export_type secret_type,
const unsigned char *secret,
size_t secret_len,
const unsigned char client_random[32],
const unsigned char server_random[32],
mbedtls_tls_prf_types tls_prf_type)
{
dtls_srtp_keys *keys = (dtls_srtp_keys *) p_expkey;
@@ -131,8 +131,8 @@ void dtls_srtp_key_derivation(void *p_expkey,
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
int ssl_check_record(mbedtls_ssl_context const *ssl,
unsigned char const *buf, size_t len)
static int ssl_check_record(mbedtls_ssl_context const *ssl,
unsigned char const *buf, size_t len)
{
int my_ret = 0, ret_cr1, ret_cr2;
unsigned char *tmp_buf;
@@ -195,7 +195,7 @@ cleanup:
return my_ret;
}
int recv_cb(void *ctx, unsigned char *buf, size_t len)
static int recv_cb(void *ctx, unsigned char *buf, size_t len)
{
io_ctx_t *io_ctx = (io_ctx_t *) ctx;
size_t recv_len;
@@ -223,8 +223,8 @@ int recv_cb(void *ctx, unsigned char *buf, size_t len)
return (int) recv_len;
}
int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout)
static int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
uint32_t timeout)
{
io_ctx_t *io_ctx = (io_ctx_t *) ctx;
int ret;
@@ -248,7 +248,7 @@ int recv_timeout_cb(void *ctx, unsigned char *buf, size_t len,
return (int) recv_len;
}
int send_cb(void *ctx, unsigned char const *buf, size_t len)
static int send_cb(void *ctx, unsigned char const *buf, size_t len)
{
io_ctx_t *io_ctx = (io_ctx_t *) ctx;
@@ -319,8 +319,8 @@ uint16_t ssl_sig_algs_for_test[] = {
/** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function
* for more info.
*/
int x509_crt_verify_info(char *buf, size_t size, const char *prefix,
uint32_t flags)
static int x509_crt_verify_info(char *buf, size_t size, const char *prefix,
uint32_t flags)
{
#if !defined(MBEDTLS_X509_REMOVE_INFO)
return mbedtls_x509_crt_verify_info(buf, size, prefix, flags);
@@ -352,7 +352,8 @@ int x509_crt_verify_info(char *buf, size_t size, const char *prefix,
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_print_supported_sig_algs(void)
#if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED)
static void mbedtls_print_supported_sig_algs(void)
{
mbedtls_printf("supported signature algorithms:\n");
mbedtls_printf("\trsa_pkcs1_sha256 ");
@@ -373,3 +374,4 @@ void mbedtls_print_supported_sig_algs(void)
mbedtls_printf("ecdsa_sha1\n");
mbedtls_printf("\n");
}
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */