From b1c72f56b166649c956c659bf66224675a9b1913 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 11 Jun 2019 17:18:09 +0100 Subject: [PATCH 1/7] Update library version to 2.18.0 Increase the SO versions of libmbedx509 and libmbedtls due to the addition of fields in publicly visible (non-opaque) structs: - mbedtls_ssl_config - mbedtls_ssl_context - mbedtls_x509_crt --- ChangeLog | 2 +- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/version.h | 8 ++++---- library/CMakeLists.txt | 4 ++-- library/Makefile | 4 ++-- tests/suites/test_suite_version.data | 4 ++-- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/ChangeLog b/ChangeLog index bf835b65f..6c7fce2fc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ mbed TLS ChangeLog (Sorted per branch, date) -= mbed TLS x.x.x branch released xxxx-xx-xx += mbed TLS 2.18.0 branch released 2019-06-11 Features * Add the Any Policy certificate policy oid, as defined in diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index 4eff83692..487faf8d2 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -24,7 +24,7 @@ */ /** - * @mainpage mbed TLS v2.17.0 source code documentation + * @mainpage mbed TLS v2.18.0 source code documentation * * This documentation describes the internal structure of mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index ce58d6b12..b9714c551 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -28,7 +28,7 @@ DOXYFILE_ENCODING = UTF-8 # identify the project. Note that if you do not use Doxywizard you need # to put quotes around the project name if it contains spaces. -PROJECT_NAME = "mbed TLS v2.17.0" +PROJECT_NAME = "mbed TLS v2.18.0" # The PROJECT_NUMBER tag can be used to enter a project or revision number. # This could be handy for archiving the generated documentation or diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 79b42b26c..de67db39d 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -39,7 +39,7 @@ * Major, Minor, Patchlevel */ #define MBEDTLS_VERSION_MAJOR 2 -#define MBEDTLS_VERSION_MINOR 17 +#define MBEDTLS_VERSION_MINOR 18 #define MBEDTLS_VERSION_PATCH 0 /** @@ -47,9 +47,9 @@ * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x02110000 -#define MBEDTLS_VERSION_STRING "2.17.0" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.17.0" +#define MBEDTLS_VERSION_NUMBER 0x02120000 +#define MBEDTLS_VERSION_STRING "2.18.0" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.18.0" #if defined(MBEDTLS_VERSION_C) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 1004cb30b..ea069ab86 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -172,14 +172,14 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) add_library(mbedx509 SHARED ${src_x509}) - set_target_properties(mbedx509 PROPERTIES VERSION 2.17.0 SOVERSION 0) + set_target_properties(mbedx509 PROPERTIES VERSION 2.18.0 SOVERSION 1) target_link_libraries(mbedx509 ${libs} mbedcrypto) target_include_directories(mbedx509 PUBLIC ${CMAKE_SOURCE_DIR}/include/ PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) add_library(mbedtls SHARED ${src_tls}) - set_target_properties(mbedtls PROPERTIES VERSION 2.17.0 SOVERSION 12) + set_target_properties(mbedtls PROPERTIES VERSION 2.18.0 SOVERSION 13) target_link_libraries(mbedtls ${libs} mbedx509) target_include_directories(mbedtls PUBLIC ${CMAKE_SOURCE_DIR}/include/ diff --git a/library/Makefile b/library/Makefile index 60f3ae0d3..89c41281a 100644 --- a/library/Makefile +++ b/library/Makefile @@ -35,8 +35,8 @@ LOCAL_CFLAGS += -fPIC -fpic endif endif -SOEXT_TLS=so.12 -SOEXT_X509=so.0 +SOEXT_TLS=so.13 +SOEXT_X509=so.1 SOEXT_CRYPTO=so.3 # Set AR_DASH= (empty string) to use an ar implementation that does not accept diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index a4575ab00..f83b8d3ff 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compiletime library version -check_compiletime_version:"2.17.0" +check_compiletime_version:"2.18.0" Check runtime library version -check_runtime_version:"2.17.0" +check_runtime_version:"2.18.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From eb33978fa83009508a0c231a5ea7c3387c0edb2b Mon Sep 17 00:00:00 2001 From: Ashley Duncan Date: Mon, 29 Apr 2019 20:35:06 +1200 Subject: [PATCH 2/7] Remove use of CMAKE_SOURCE_DIR Remove use of CMAKE_SOURCE_DIR in case mbedtls is built from within another CMake project. Define MBEDTLS_DIR to ${CMAKE_CURRENT_SOURCE_DIR} in the main CMakeLists.txt file and refer to that when defining target include paths to enable mbedtls to be built as a sub project. Fixes #2609 Signed-off-by: Ashley Duncan Signed-off-by: Jaeden Amero --- CMakeLists.txt | 2 ++ library/CMakeLists.txt | 16 ++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 38c800608..7bbfb201a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,6 +5,8 @@ else() project("mbed TLS" C) endif() +set(MBEDTLS_DIR ${CMAKE_CURRENT_SOURCE_DIR}) + option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF) option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index ea069ab86..c82784ee1 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -151,15 +151,15 @@ if(USE_STATIC_MBEDTLS_LIBRARY) set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) target_include_directories(${mbedx509_static_target} - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/) add_library(${mbedtls_static_target} STATIC ${src_tls}) set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) target_include_directories(${mbedtls_static_target} - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/ + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/ ) @@ -175,15 +175,15 @@ if(USE_SHARED_MBEDTLS_LIBRARY) set_target_properties(mbedx509 PROPERTIES VERSION 2.18.0 SOVERSION 1) target_link_libraries(mbedx509 ${libs} mbedcrypto) target_include_directories(mbedx509 - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/) add_library(mbedtls SHARED ${src_tls}) set_target_properties(mbedtls PROPERTIES VERSION 2.18.0 SOVERSION 13) target_link_libraries(mbedtls ${libs} mbedx509) target_include_directories(mbedtls - PUBLIC ${CMAKE_SOURCE_DIR}/include/ - PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/) + PUBLIC ${MBEDTLS_DIR}/include/ + PUBLIC ${MBEDTLS_DIR}/crypto/include/) install(TARGETS mbedtls mbedx509 DESTINATION ${LIB_INSTALL_DIR} From 3aeb13ef1c7d7d3db68b2b424caf16dd41c800ff Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 18 Jun 2019 17:27:20 +0100 Subject: [PATCH 3/7] ChangeLog: Enable builds as a CMake subproject --- ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ChangeLog b/ChangeLog index 6c7fce2fc..273d4bc9f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ mbed TLS ChangeLog (Sorted per branch, date) += mbed TLS 2.18.1 branch released 2019-07-12 + +Changes + * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by + Ashley Duncan in #2609. + = mbed TLS 2.18.0 branch released 2019-06-11 Features From 3a24c28305dfdff0b36ddb92a52ab66da177bc5b Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 Jun 2019 17:26:29 +0100 Subject: [PATCH 4/7] README: Enable builds as a CMake subproject Update the README with information on a newly supported feature: the ability to build Mbed TLS as a subproject of another CMake project. --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 5b0160351..be26f56f8 100644 --- a/README.md +++ b/README.md @@ -146,6 +146,12 @@ Regarding variables, also note that if you set CFLAGS when invoking cmake, your value of CFLAGS doesn't override the content provided by cmake (depending on the build mode as seen above), it's merely prepended to it. +#### Mbed TLS as a subproject + +Mbed TLS, like Mbed Crypto, supports being built as a CMake subproject. One can +use `add_subdirectory()` from a parent CMake project to include Mbed TLS as a +subproject. + ### Microsoft Visual Studio The build files for Microsoft Visual Studio are generated for Visual Studio 2010. From 7ab9e24ee47b6503f98890014757e9c023b53e0e Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 Jun 2019 17:38:22 +0100 Subject: [PATCH 5/7] CMake: Add a subdirectory build regression test If we have a regression with the "build Mbed TLS as a subdirectory with CMake" feature and fail to build, fail the test. --- programs/test/cmake_subproject/.gitignore | 3 + programs/test/cmake_subproject/CMakeLists.txt | 19 +++++++ .../test/cmake_subproject/cmake_subproject.c | 56 +++++++++++++++++++ tests/scripts/all.sh | 18 ++++++ 4 files changed, 96 insertions(+) create mode 100644 programs/test/cmake_subproject/.gitignore create mode 100644 programs/test/cmake_subproject/CMakeLists.txt create mode 100644 programs/test/cmake_subproject/cmake_subproject.c diff --git a/programs/test/cmake_subproject/.gitignore b/programs/test/cmake_subproject/.gitignore new file mode 100644 index 000000000..464833b93 --- /dev/null +++ b/programs/test/cmake_subproject/.gitignore @@ -0,0 +1,3 @@ +build +Makefile +cmake_subproject diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt new file mode 100644 index 000000000..f5f4191c2 --- /dev/null +++ b/programs/test/cmake_subproject/CMakeLists.txt @@ -0,0 +1,19 @@ +cmake_minimum_required(VERSION 2.6) + +# We use the parent Mbed TLS directory as the MBEDTLS_DIR for this test. Other +# projects that use Mbed TLS as a subproject are likely to add by their own +# relative paths. +set(MBEDTLS_DIR ../../../) + +# Add Mbed TLS as a subdirectory. +add_subdirectory(${MBEDTLS_DIR} build) + +# Link against all the Mbed TLS libraries. +set(libs + mbedtls + mbedcrypto + mbedx509 +) + +add_executable(cmake_subproject cmake_subproject.c) +target_link_libraries(cmake_subproject ${libs}) diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c new file mode 100644 index 000000000..ca899bcaf --- /dev/null +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -0,0 +1,56 @@ +/* + * Simple program to test that CMake builds with Mbed TLS as a subdirectory + * work correctly. + * + * Copyright (C) 2006-2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_PLATFORM_C) +#include "mbedtls/platform.h" +#else +#include +#include +#define mbedtls_fprintf fprintf +#define mbedtls_printf printf +#define mbedtls_exit exit +#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE +#endif /* MBEDTLS_PLATFORM_C */ + +#include "mbedtls/version.h" + +/* The main reason to build this is for testing the CMake build, so the program + * doesn't need to do very much. It calls a single library function to ensure + * linkage works, but that is all. */ +int main() +{ + /* This version string is 18 bytes long, as advised by version.h. */ + char version[18]; + + mbedtls_version_get_string_full( version ); + + mbedtls_printf( "Built against %s\n", version ); + + return( 0 ); +} diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 22579fc71..544187f26 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -242,6 +242,11 @@ cleanup() git checkout -- Makefile library/Makefile programs/Makefile tests/Makefile cd .. + # Remove any artifacts from the component_test_cmake_as_subdirectory test. + rm -rf programs/test/cmake_subproject/build + rm -f programs/test/cmake_subproject/Makefile + rm -f programs/test/cmake_subproject/cmake_subproject + if [ -f "$CONFIG_BAK" ]; then mv "$CONFIG_BAK" "$CONFIG_H" fi @@ -1248,6 +1253,19 @@ component_test_cmake_out_of_source () { unset MBEDTLS_ROOT_DIR } +component_test_cmake_as_subdirectory () { + msg "build: cmake 'as-subdirectory' build" + MBEDTLS_ROOT_DIR="$PWD" + + cd programs/test/cmake_subproject + cmake . + make + if_build_succeeded ./cmake_subproject + + cd "$MBEDTLS_ROOT_DIR" + unset MBEDTLS_ROOT_DIR +} + component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by # different combinations of compilers and optimization flags by using an From 09984c0cc47a36101c1900034a87e527cb1cdbaa Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Tue, 18 Jun 2019 17:31:57 +0100 Subject: [PATCH 6/7] Update Mbed Crypto to contain mbed-crypto#152 Update Mbed Crypto to a commit on its development branch that contains the merged [mbed-crypto#152 PR](https://github.com/ARMmbed/mbed-crypto/pull/152). --- crypto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto b/crypto index 47f2de132..b6229e304 160000 --- a/crypto +++ b/crypto @@ -1 +1 @@ -Subproject commit 47f2de132936905d97a93e2ddf7f5237ab232fbe +Subproject commit b6229e304e69e672dec653700467c696d32d19ae From ded319d17194b11d59790467166bcb242bc77a8c Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 30 May 2019 13:18:24 +0100 Subject: [PATCH 7/7] platform: Include stdarg.h where needed Windows builds also need stdarg.h included when using variadic functions. Fixes #2656 --- ChangeLog | 4 ++++ include/mbedtls/platform.h | 1 + 2 files changed, 5 insertions(+) diff --git a/ChangeLog b/ChangeLog index 273d4bc9f..8667c9eee 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,10 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS 2.18.1 branch released 2019-07-12 +Bugfix + * Fix build failure when building with mingw on Windows by including + stdarg.h where needed. Fixes #2656. + Changes * Enable building of Mbed TLS as a CMake subproject. Suggested and fixed by Ashley Duncan in #2609. diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 801a948bc..363d6b3db 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -256,6 +256,7 @@ int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, * the destination buffer is too short. */ #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_VSNPRINTF) +#include /* For Older Windows (inc. MSYS2), we provide our own fixed implementation */ int mbedtls_platform_win32_vsnprintf( char *s, size_t n, const char *fmt, va_list arg ); #endif