Merge pull request #7013 from gilles-peskine-arm/build-without-certs-2.28.2

2.28 only: Fix the build without MBEDTLS_CERTS_C
2025-08-08 17:42:09 +03:00 · 2023-02-06 11:39:01 +00:00
parent 9f63cb72d3 50bc9750df
commit b028531a3b
8 changed files with 58 additions and 32 deletions
--- a/programs/fuzz/fuzz_client.c
+++ b/programs/fuzz/fuzz_client.c
@@ -46,7 +46,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
    uint16_t options;

    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
        mbedtls_x509_crt_init(&cacert);
        if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
                                   mbedtls_test_cas_pem_len) != 0) {
--- a/programs/fuzz/fuzz_dtlsclient.c
+++ b/programs/fuzz/fuzz_dtlsclient.c
@@ -43,7 +43,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
    fuzzBufferOffset_t biomemfuzz;

    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
        mbedtls_x509_crt_init(&cacert);
        if (mbedtls_x509_crt_parse(&cacert, (const unsigned char *) mbedtls_test_cas_pem,
                                   mbedtls_test_cas_pem_len) != 0) {
--- a/programs/fuzz/fuzz_dtlsserver.c
+++ b/programs/fuzz/fuzz_dtlsserver.c
@@ -47,7 +47,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
    fuzzBufferOffset_t biomemfuzz;

    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
        mbedtls_x509_crt_init(&srvcert);
        mbedtls_pk_init(&pkey);
        if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
--- a/programs/fuzz/fuzz_server.c
+++ b/programs/fuzz/fuzz_server.c
@@ -55,7 +55,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
    options = Data[Size - 1];

    if (initialized == 0) {
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C) && \
+        defined(MBEDTLS_CERTS_C)
        mbedtls_x509_crt_init(&srvcert);
        mbedtls_pk_init(&pkey);
        if (mbedtls_x509_crt_parse(&srvcert, (const unsigned char *) mbedtls_test_srv_crt,
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2358,7 +2358,7 @@ usage:
 #if !defined(MBEDTLS_CERTS_C)
        mbedtls_printf("Not certificated or key provided, and \nMBEDTLS_CERTS_C not defined!\n");
        goto exit;
-#else
+#else /* MBEDTLS_CERTS_C */
 #if defined(MBEDTLS_RSA_C)
        if ((ret = mbedtls_x509_crt_parse(&srvcert,
                                          (const unsigned char *) mbedtls_test_srv_crt_rsa,
@@ -2393,6 +2393,7 @@ usage:
        }
        key_cert_init2 = 2;
 #endif /* MBEDTLS_ECDSA_C */
+#endif /* MBEDTLS_CERTS_C */
    }

 #if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -2418,11 +2419,10 @@ usage:
        }
    }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
-#endif /* MBEDTLS_CERTS_C */

-        mbedtls_printf(" ok (key types: %s - %s)\n",
-                       mbedtls_pk_get_name(&pkey),
-                       mbedtls_pk_get_name(&pkey2));
+    mbedtls_printf(" ok (key types: %s - %s)\n",
+                   mbedtls_pk_get_name(&pkey),
+                   mbedtls_pk_get_name(&pkey2));
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */

 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)