diff --git a/CMakeLists.txt b/CMakeLists.txt index b001bb70a1..8444917787 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -39,6 +39,8 @@ else() project("Mbed TLS" C) endif() +include(GNUInstallDirs) + # Set the project root directory. set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) @@ -259,8 +261,7 @@ if(CMAKE_BUILD_TYPE STREQUAL "Coverage") endif(CMAKE_BUILD_TYPE STREQUAL "Coverage") if(LIB_INSTALL_DIR) -else() - set(LIB_INSTALL_DIR lib) + set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") endif() if(ENABLE_ZLIB_SUPPORT) @@ -278,6 +279,8 @@ list(APPEND libs ${thirdparty_lib}) add_subdirectory(library) +add_subdirectory(pkgconfig) + # # The C files in tests/src directory contain test code shared among test suites # and programs. This shared test code is compiled and linked to test suites and diff --git a/ChangeLog.d/cmake_use_GnuInstallDirs.txt b/ChangeLog.d/cmake_use_GnuInstallDirs.txt new file mode 100644 index 0000000000..d8487555d1 --- /dev/null +++ b/ChangeLog.d/cmake_use_GnuInstallDirs.txt @@ -0,0 +1,5 @@ +Changes + * cmake: Use GnuInstallDirs to customize install directories + Replace custom LIB_INSTALL_DIR variable with standard CMAKE_INSTALL_LIBDIR + variable. For backward compatibility, set CMAKE_INSTALL_LIBDIR if + LIB_INSTALL_DIR is set. diff --git a/ChangeLog.d/fix-alpn-negotiating-bug.txt b/ChangeLog.d/fix-alpn-negotiating-bug.txt new file mode 100644 index 0000000000..3bceb37f38 --- /dev/null +++ b/ChangeLog.d/fix-alpn-negotiating-bug.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix the restoration of the ALPN when loading serialized connection with + * the mbedtls_ssl_context_load() API. diff --git a/ChangeLog.d/pkg-config-files-addition.txt b/ChangeLog.d/pkg-config-files-addition.txt new file mode 100644 index 0000000000..5df6ffb3be --- /dev/null +++ b/ChangeLog.d/pkg-config-files-addition.txt @@ -0,0 +1,3 @@ +Features + * Add pc files for pkg-config. eg.: + pkg-config --cflags --libs (mbedtls|mbedcrypto|mbedx509) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 24613c41e0..5a9352c1cf 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -241,7 +241,7 @@ foreach(target IN LISTS target_libraries) PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() install(TARGETS ${target} - DESTINATION ${LIB_INSTALL_DIR} + DESTINATION ${CMAKE_INSTALL_LIBDIR} PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) endforeach(target) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 235959a9ee..c667a2923b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6680,7 +6680,7 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, /* alpn_chosen should point to an item in the configured list */ for (cur = ssl->conf->alpn_list; *cur != NULL; cur++) { if (strlen(*cur) == alpn_len && - memcmp(p, cur, alpn_len) == 0) { + memcmp(p, *cur, alpn_len) == 0) { ssl->alpn_chosen = *cur; break; } diff --git a/pkgconfig/CMakeLists.txt b/pkgconfig/CMakeLists.txt new file mode 100644 index 0000000000..6def088d2e --- /dev/null +++ b/pkgconfig/CMakeLists.txt @@ -0,0 +1,28 @@ +if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) + include(JoinPaths.cmake) + join_paths(PKGCONFIG_INCLUDEDIR "\${prefix}" "${CMAKE_INSTALL_INCLUDEDIR}") + join_paths(PKGCONFIG_LIBDIR "\${prefix}" "${CMAKE_INSTALL_LIBDIR}") + + #define these manually since minimum CMAKE version is not 3.9 for DESCRIPTION and 3.12 for HOMEPAGE_URL usage in project() below. + # Prefix with something that won't clash with newer versions of CMAKE. + set(PKGCONFIG_PROJECT_DESCRIPTION "Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.") + set(PKGCONFIG_PROJECT_HOMEPAGE_URL "https://www.trustedfirmware.org/projects/mbed-tls/") + + # Following the conventsion for DESCRIPTION and HOMEPAGE_URL, VERSION wasn't added until 3.0 and depends on policy CMP0048 + set(PKGCONFIG_VERSION 2.28.7) + + configure_file(mbedcrypto.pc.in mbedcrypto.pc @ONLY) + install(FILES + ${CMAKE_CURRENT_BINARY_DIR}/mbedcrypto.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) + + configure_file(mbedtls.pc.in mbedtls.pc @ONLY) + install(FILES + ${CMAKE_CURRENT_BINARY_DIR}/mbedtls.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) + + configure_file(mbedx509.pc.in mbedx509.pc @ONLY) + install(FILES + ${CMAKE_CURRENT_BINARY_DIR}/mbedx509.pc + DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) +endif() diff --git a/pkgconfig/JoinPaths.cmake b/pkgconfig/JoinPaths.cmake new file mode 100644 index 0000000000..193caed76a --- /dev/null +++ b/pkgconfig/JoinPaths.cmake @@ -0,0 +1,27 @@ +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# This module provides function for joining paths +# known from most languages +# +# Copyright The Mbed TLS Contributors +# +# This script originates from: +# - https://github.com/jtojnar/cmake-snips +# Jan has provided re-licensing under Apache 2.0 and GPL 2.0+ and +# allowed for the change of Copyright. +# +# Modelled after Python’s os.path.join +# https://docs.python.org/3.7/library/os.path.html#os.path.join +# Windows not supported +function(join_paths joined_path first_path_segment) + set(temp_path "${first_path_segment}") + foreach(current_segment IN LISTS ARGN) + if(NOT ("${current_segment}" STREQUAL "")) + if(IS_ABSOLUTE "${current_segment}") + set(temp_path "${current_segment}") + else() + set(temp_path "${temp_path}/${current_segment}") + endif() + endif() + endforeach() + set(${joined_path} "${temp_path}" PARENT_SCOPE) +endfunction() diff --git a/pkgconfig/mbedcrypto.pc.in b/pkgconfig/mbedcrypto.pc.in new file mode 100644 index 0000000000..d8f6750f1d --- /dev/null +++ b/pkgconfig/mbedcrypto.pc.in @@ -0,0 +1,10 @@ +prefix=@CMAKE_INSTALL_PREFIX@ +includedir=@PKGCONFIG_INCLUDEDIR@ +libdir=@PKGCONFIG_LIBDIR@ + +Name: @PROJECT_NAME@ +Description: @PKGCONFIG_PROJECT_DESCRIPTION@ +URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@ +Version: @PKGCONFIG_VERSION@ +Cflags: -I"${includedir}" +Libs: -L"${libdir}" -lmbedcrypto diff --git a/pkgconfig/mbedtls.pc.in b/pkgconfig/mbedtls.pc.in new file mode 100644 index 0000000000..3802f6a4a3 --- /dev/null +++ b/pkgconfig/mbedtls.pc.in @@ -0,0 +1,11 @@ +prefix=@CMAKE_INSTALL_PREFIX@ +includedir=@PKGCONFIG_INCLUDEDIR@ +libdir=@PKGCONFIG_LIBDIR@ + +Name: @PROJECT_NAME@ +Description: @PKGCONFIG_PROJECT_DESCRIPTION@ +URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@ +Version: @PKGCONFIG_VERSION@ +Requires.private: mbedcrypto mbedx509 +Cflags: -I"${includedir}" +Libs: -L"${libdir}" -lmbedtls diff --git a/pkgconfig/mbedx509.pc.in b/pkgconfig/mbedx509.pc.in new file mode 100644 index 0000000000..12509470b4 --- /dev/null +++ b/pkgconfig/mbedx509.pc.in @@ -0,0 +1,11 @@ +prefix=@CMAKE_INSTALL_PREFIX@ +includedir=@PKGCONFIG_INCLUDEDIR@ +libdir=@PKGCONFIG_LIBDIR@ + +Name: @PROJECT_NAME@ +Description: @PKGCONFIG_PROJECT_DESCRIPTION@ +URL: @PKGCONFIG_PROJECT_HOMEPAGE_URL@ +Version: @PKGCONFIG_VERSION@ +Requires.private: mbedcrypto +Cflags: -I"${includedir}" +Libs: -L"${libdir}" -lmbedx509 diff --git a/programs/test/metatest.c b/programs/test/metatest.c index a082621915..21120048f2 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -86,6 +86,41 @@ void meta_test_fail(const char *name) mbedtls_test_fail("Forced test failure", __LINE__, __FILE__); } +void meta_test_not_equal(const char *name) +{ + int left = 20; + int right = 10; + + (void) name; + + TEST_EQUAL(left, right); +exit: + ; +} + +void meta_test_not_le_s(const char *name) +{ + int left = 20; + int right = 10; + + (void) name; + + TEST_LE_S(left, right); +exit: + ; +} + +void meta_test_not_le_u(const char *name) +{ + size_t left = 20; + size_t right = 10; + + (void) name; + + TEST_LE_U(left, right); +exit: + ; +} /****************************************************************/ /* Platform features */ @@ -360,6 +395,9 @@ typedef struct { */ metatest_t metatests[] = { { "test_fail", "any", meta_test_fail }, + { "test_not_equal", "any", meta_test_not_equal }, + { "test_not_le_s", "any", meta_test_not_le_s }, + { "test_not_le_u", "any", meta_test_not_le_u }, { "null_dereference", "any", null_pointer_dereference }, { "null_call", "any", null_pointer_call }, { "read_after_free", "asan", read_after_free }, diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 926e497b4e..5c8e55d6d0 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -67,6 +67,10 @@ then exit 1 fi +[ $VERBOSE ] && echo "Bumping PKGCONFIG_VERSION in pkgconfig/CMakeLists.txt" +sed -e "s/PKGCONFIG_VERSION [0-9.]\{1,\}/PKGCONFIG_VERSION $VERSION/g" < pkgconfig/CMakeLists.txt > tmp +mv tmp pkgconfig/CMakeLists.txt + [ $VERBOSE ] && echo "Bumping VERSION in library/CMakeLists.txt" sed -e "s/ VERSION [0-9.]\{1,\}/ VERSION $VERSION/g" < library/CMakeLists.txt > tmp mv tmp library/CMakeLists.txt diff --git a/tests/scripts/quiet/cmake b/tests/scripts/quiet/cmake index 930931d539..a34365bea6 100755 --- a/tests/scripts/quiet/cmake +++ b/tests/scripts/quiet/cmake @@ -12,8 +12,8 @@ # export VERBOSE_LOGS=1 # don't silence invocations containing these arguments -export NO_SILENCE=" --version " +NO_SILENCE=" --version " -export TOOL="cmake" +TOOL="cmake" -exec "$(dirname "$0")/quiet.sh" "$@" +. "$(dirname "$0")/quiet.sh" diff --git a/tests/scripts/quiet/make b/tests/scripts/quiet/make index d022551df1..920e5b875f 100755 --- a/tests/scripts/quiet/make +++ b/tests/scripts/quiet/make @@ -12,8 +12,8 @@ # export VERBOSE_LOGS=1 # don't silence invocations containing these arguments -export NO_SILENCE=" --version | test " +NO_SILENCE=" --version | test " -export TOOL="make" +TOOL="make" -exec "$(dirname "$0")/quiet.sh" "$@" +. "$(dirname "$0")/quiet.sh" diff --git a/tests/scripts/quiet/quiet.sh b/tests/scripts/quiet/quiet.sh old mode 100755 new mode 100644 index 30ee569a22..0f26184d0d --- a/tests/scripts/quiet/quiet.sh +++ b/tests/scripts/quiet/quiet.sh @@ -22,9 +22,13 @@ # be silenced, e.g. " --version | test ". In this example, "make lib test" will # not be silent, but "make lib" will be. -# Locate original tool -TOOL_WITH_PATH=$(dirname "$0")/$TOOL -ORIGINAL_TOOL=$(type -ap "${TOOL}" | grep -v -Fx "$TOOL_WITH_PATH" | head -n1) +# Identify path to original tool. There is an edge-case here where the quiet wrapper is on the path via +# a symlink or relative path, but "type -ap" yields the wrapper with it's normalised path. We use +# the -ef operator to compare paths, to avoid picking the wrapper in this case (to avoid infinitely +# recursing). +while IFS= read -r ORIGINAL_TOOL; do + if ! [[ $ORIGINAL_TOOL -ef "$0" ]]; then break; fi +done < <(type -ap -- "$TOOL") print_quoted_args() { # similar to printf '%q' "$@"