From b3f25b06e0ae2821e7b9b6f6a10fb0a51b7f2445 Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Tue, 22 Feb 2022 07:50:47 -0500 Subject: [PATCH 01/16] Add header guard around malloc(0) returning NULL implementation Make it safe to import the config multiple times without having multiple definition errors. (This prevents errors in the fuzzers in a later patch.) Signed-off-by: Daniel Axtens --- tests/configs/config-wrapper-malloc-0-null.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/configs/config-wrapper-malloc-0-null.h b/tests/configs/config-wrapper-malloc-0-null.h index 69a9578c6..add1a787b 100644 --- a/tests/configs/config-wrapper-malloc-0-null.h +++ b/tests/configs/config-wrapper-malloc-0-null.h @@ -24,6 +24,8 @@ #include "mbedtls/config.h" #include + +#ifndef MBEDTLS_PLATFORM_STD_CALLOC static inline void *custom_calloc( size_t nmemb, size_t size ) { if( nmemb == 0 || size == 0 ) @@ -33,5 +35,6 @@ static inline void *custom_calloc( size_t nmemb, size_t size ) #define MBEDTLS_PLATFORM_MEMORY #define MBEDTLS_PLATFORM_STD_CALLOC custom_calloc +#endif #endif /* MBEDTLS_CONFIG_H */ From 301db669542abbd585189dd907db014cd237a4cf Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Thu, 28 May 2020 11:43:41 +1000 Subject: [PATCH 02/16] Do not include time.h without MBEDTLS_HAVE_TIME MBEDTLS_HAVE_TIME is documented as: "System has time.h and time()." If that is not defined, do not attempt to include time.h. A particular problem is platform-time.h, which should only be included if MBEDTLS_HAVE_TIME is defined, which makes everything messier. Maybe it should be refactored to have the check inside the header. Signed-off-by: Daniel Axtens --- include/mbedtls/platform.h | 2 ++ library/x509_crl.c | 2 ++ library/x509_crt.c | 2 ++ programs/fuzz/common.c | 4 +++- programs/fuzz/common.h | 11 +++++++++++ programs/test/query_config.c | 2 ++ scripts/data_files/query_config.fmt | 2 ++ 7 files changed, 24 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 0bd633b68..06dd192ea 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -70,7 +70,9 @@ extern "C" { #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) #include #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF) #if defined(MBEDTLS_PLATFORM_HAS_NON_CONFORMING_SNPRINTF) #define MBEDTLS_PLATFORM_STD_SNPRINTF mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use. */ diff --git a/library/x509_crl.c b/library/x509_crl.c index ac4fc75de..d2d804202 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -52,11 +52,13 @@ #define mbedtls_snprintf snprintf #endif +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif +#endif #if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32) #include diff --git a/library/x509_crt.c b/library/x509_crt.c index a6cccf814..911644b7d 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -63,11 +63,13 @@ #include "mbedtls/threading.h" #endif +#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #include #else #include #endif +#endif #if defined(MBEDTLS_FS_IO) #include diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index e12ee3b8a..15ddf0782 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -5,15 +5,17 @@ #include #include "mbedtls/ctr_drbg.h" +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) { (void) time; return 0x5af2a056; } +#endif void dummy_init() { -#if defined(MBEDTLS_PLATFORM_TIME_ALT) +#if (defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_PLATFORM_TIME_ALT)) mbedtls_platform_set_time( dummy_constant_time ); #else fprintf(stderr, "Warning: fuzzing without constant time\n"); diff --git a/programs/fuzz/common.h b/programs/fuzz/common.h index 5586c06ad..7757ee3f1 100644 --- a/programs/fuzz/common.h +++ b/programs/fuzz/common.h @@ -1,4 +1,13 @@ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif +#include #include typedef struct fuzzBufferOffset @@ -8,7 +17,9 @@ typedef struct fuzzBufferOffset size_t Offset; } fuzzBufferOffset_t; +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +#endif void dummy_init(); int dummy_send( void *ctx, const unsigned char *buf, size_t len ); diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 88db08e15..10b01dd6c 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -81,7 +81,9 @@ #include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif #include "mbedtls/platform_util.h" #include "mbedtls/poly1305.h" #include "mbedtls/ripemd160.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index cf22635b7..04c546614 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -81,7 +81,9 @@ #include "mbedtls/pkcs11.h" #include "mbedtls/pkcs12.h" #include "mbedtls/pkcs5.h" +#if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" +#endif #include "mbedtls/platform_util.h" #include "mbedtls/poly1305.h" #include "mbedtls/ripemd160.h" From 6f63cc71888990761aa852ffeb33ba324de83a4a Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Wed, 2 Sep 2020 21:30:13 +1000 Subject: [PATCH 03/16] tests: prevent inclusion of time.h in baremetal compiles baremetal compiles should not include time.h, as MBEDTLS_HAVE_TIME is undefined. To test this, provide an overriding include directory that has a time.h which throws a meaningful error if included. Signed-off-by: Daniel Axtens --- tests/include/baremetal-override/time.h | 18 ++++++++++++++++++ tests/scripts/all.sh | 8 +++++++- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 tests/include/baremetal-override/time.h diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h new file mode 100644 index 000000000..40eed2d33 --- /dev/null +++ b/tests/include/baremetal-override/time.h @@ -0,0 +1,18 @@ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c43bc5805..ba906d1b2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1507,9 +1507,15 @@ component_build_crypto_full () { component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal - make CFLAGS='-O1 -Werror' + make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" are_empty_libraries library/libmbedx509.* library/libmbedtls.* } +support_build_crypto_baremetal () { + # Older Glibc versions include time.h from other headers such as stdlib.h, + # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this + # problem, Ubuntu 18.04 is ok. + ! grep -q -F time.h /usr/include/x86_64-linux-gnu/sys/types.h +} component_test_depends_curves () { msg "test/build: curves.pl (gcc)" # ~ 4 min From 2db000feb6b5553e63332b8e96866c514aa162fb Mon Sep 17 00:00:00 2001 From: Raoul Strackx Date: Mon, 22 Jun 2020 14:08:57 +0200 Subject: [PATCH 04/16] programs/ssl: Fix compile errors when MBEDTLS_HAVE_TIME is not defined Signed-off-by: Raoul Strackx [dja: add some more fixes, tweak title] Signed-off-by: Daniel Axtens --- programs/ssl/ssl_context_info.c | 9 +++++++++ programs/ssl/ssl_server2.c | 2 ++ programs/ssl/ssl_test_lib.c | 2 ++ programs/ssl/ssl_test_lib.h | 2 ++ 4 files changed, 15 insertions(+) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 7018080d4..349e755ed 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -44,7 +44,9 @@ int main( void ) #include #include #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include "mbedtls/ssl.h" #include "mbedtls/error.h" #include "mbedtls/base64.h" @@ -310,6 +312,7 @@ void print_hex( const uint8_t *b, size_t len, /* * Print the value of time_t in format e.g. 2020-01-23 13:05:59 */ +#if defined(MBEDTLS_HAVE_TIME) void print_time( const time_t *time ) { char buf[20]; @@ -325,6 +328,7 @@ void print_time( const time_t *time ) printf( "unknown\n" ); } } +#endif /* * Print the input string if the bit is set in the value @@ -609,7 +613,12 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, ( (uint64_t) ssl[7] ); ssl += 8; printf( "\tstart time : " ); +#if defined(MBEDTLS_HAVE_TIME) print_time( (time_t*) &start ); +#else + (void) start; + printf( "not supported\n" ); +#endif } CHECK_SSL_END( 2 ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 4db64a59f..4bf6ef0fd 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2705,8 +2705,10 @@ int main( int argc, char *argv[] ) if( opt.cache_max != -1 ) mbedtls_ssl_cache_set_max_entries( &cache, opt.cache_max ); +#if defined(MBEDTLS_HAVE_TIME) if( opt.cache_timeout != -1 ) mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout ); +#endif mbedtls_ssl_conf_session_cache( &conf, &cache, mbedtls_ssl_cache_get, diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index 1bb9d6162..70cddfa75 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -44,11 +44,13 @@ void my_debug( void *ctx, int level, fflush( (FILE *) ctx ); } +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) { (void) time; return 0x5af2a056; } +#endif #if !defined(MBEDTLS_TEST_USE_PSA_CRYPTO_RNG) static int dummy_entropy( void *data, unsigned char *output, size_t len ) diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index 98751a0f0..b1a24087d 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -138,7 +138,9 @@ void my_debug( void *ctx, int level, const char *file, int line, const char *str ); +#if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ); +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) /* If MBEDTLS_TEST_USE_PSA_CRYPTO_RNG is defined, the SSL test programs will use From 1a021afd7d52b3c12a331a42c89de7a069d09999 Mon Sep 17 00:00:00 2001 From: Daniel Axtens Date: Mon, 31 Aug 2020 14:22:58 +1000 Subject: [PATCH 05/16] tests: add baremetal full config build To be able to test utility programs for an absence of time.h, we need a baremetal config that is not crypto only. Add one. Signed-off-by: Daniel Axtens --- tests/scripts/all.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ba906d1b2..37b0e30da 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1511,6 +1511,15 @@ component_build_crypto_baremetal () { are_empty_libraries library/libmbedx509.* library/libmbedtls.* } support_build_crypto_baremetal () { + support_build_baremetal "$@" +} + +component_build_baremetal () { + msg "build: make, baremetal config" + scripts/config.py baremetal + make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" +} +support_build_baremetal () { # Older Glibc versions include time.h from other headers such as stdlib.h, # which makes the no-time.h-in-baremetal check fail. Ubuntu 16.04 has this # problem, Ubuntu 18.04 is ok. From 0e4a1aa2f14e1d382a7e24a5b4310b684f53105e Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 29 Nov 2021 17:28:13 +0000 Subject: [PATCH 06/16] programs/test: fix build without MBEDTLS_HAVE_TIME Allow programs/test/udp_proxy.c to build when MBEDTLS_HAVE_TIME is not defined. In this case, do not attempt to seed the pseudo-random number generator used to sometimes produce corrupt packets and other erroneous data. Signed-off-by: David Horstmann --- programs/test/udp_proxy.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 11fe9bf42..6dfe446a1 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -34,9 +34,11 @@ #else #include #include +#if defined(MBEDTLS_HAVE_TIME) #include #define mbedtls_time time #define mbedtls_time_t time_t +#endif #define mbedtls_printf printf #define mbedtls_calloc calloc #define mbedtls_free free @@ -823,6 +825,7 @@ int main( int argc, char *argv[] ) get_options( argc, argv ); +#if defined(MBEDTLS_HAVE_TIME) /* * Decisions to drop/delay/duplicate packets are pseudo-random: dropping * exactly 1 in N packets would lead to problems when a flight has exactly @@ -833,11 +836,12 @@ int main( int argc, char *argv[] ) */ if( opt.seed == 0 ) { - opt.seed = (unsigned int) time( NULL ); + opt.seed = (unsigned int) mbedtls_time( NULL ); mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); } srand( opt.seed ); +#endif /* MBEDTLS_HAVE_TIME */ /* * 0. "Connect" to the server From 11d0a6feb6dd9e4e6f7524b4c82c29128fc753bd Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 29 Nov 2021 18:57:10 +0000 Subject: [PATCH 07/16] programs/fuzz: Remove superfluous MBEDTLS_HAVE_TIME MBEDTLS_HAVE_TIME_ALT implies MBEDTLS_HAVE_TIME, so an extra check for MBEDTLS_HAVE_TIME is not needed. Signed-off-by: David Horstmann --- programs/fuzz/common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index 15ddf0782..269c2e3e1 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -15,7 +15,7 @@ mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) void dummy_init() { -#if (defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_PLATFORM_TIME_ALT)) +#if defined(MBEDTLS_PLATFORM_TIME_ALT) mbedtls_platform_set_time( dummy_constant_time ); #else fprintf(stderr, "Warning: fuzzing without constant time\n"); From 3cb5e9bf5a61b62fb225dac431024f9eb220f4f2 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 30 Nov 2021 11:40:54 +0000 Subject: [PATCH 08/16] Use $PWD instead of $(pwd) for consistency Change the new baremetal all.sh tests to use $PWD rather than calling pwd again directly. Signed-off-by: David Horstmann --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 37b0e30da..50199daba 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1507,7 +1507,7 @@ component_build_crypto_full () { component_build_crypto_baremetal () { msg "build: make, crypto only, baremetal config" scripts/config.py crypto_baremetal - make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" + make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" are_empty_libraries library/libmbedx509.* library/libmbedtls.* } support_build_crypto_baremetal () { @@ -1517,7 +1517,7 @@ support_build_crypto_baremetal () { component_build_baremetal () { msg "build: make, baremetal config" scripts/config.py baremetal - make CFLAGS="-O1 -Werror -I$(pwd)/tests/include/baremetal-override/" + make CFLAGS="-O1 -Werror -I$PWD/tests/include/baremetal-override/" } support_build_baremetal () { # Older Glibc versions include time.h from other headers such as stdlib.h, From c84150882b411a38a0f4ce8966b2c77573f8236b Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Tue, 22 Feb 2022 07:27:08 -0500 Subject: [PATCH 09/16] Add a changelog entry Signed-off-by: Andrzej Kurek --- ChangeLog.d/timeless.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/timeless.txt diff --git a/ChangeLog.d/timeless.txt b/ChangeLog.d/timeless.txt new file mode 100644 index 000000000..84f07d64e --- /dev/null +++ b/ChangeLog.d/timeless.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix compile errors when MBEDTLS_HAVE_TIME is not defined. Add tests + to catch bad uses of time.h. From 516e1b07006eaca4257f5c1d69d15ca53fea3eca Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 10:55:08 -0500 Subject: [PATCH 10/16] Add a missing guard for time.h in net_sockets.c Signed-off-by: Andrzej Kurek --- library/net_sockets.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/net_sockets.c b/library/net_sockets.c index 5fbe1f764..8c765e1c8 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -107,7 +107,9 @@ static int wsa_init_done = 0; #include +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include From 448cf48e18744385377a19775272def6c76c7f09 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 10:56:22 -0500 Subject: [PATCH 11/16] Fix requirement mismatch in fuzz/common.c Signed-off-by: Andrzej Kurek --- programs/fuzz/common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c index 269c2e3e1..bea9f9efe 100644 --- a/programs/fuzz/common.c +++ b/programs/fuzz/common.c @@ -5,7 +5,7 @@ #include #include "mbedtls/ctr_drbg.h" -#if defined(MBEDTLS_HAVE_TIME) +#if defined(MBEDTLS_PLATFORM_TIME_ALT) mbedtls_time_t dummy_constant_time( mbedtls_time_t* time ) { (void) time; From 77daaad19847088ca0cdb17811dbf36aa8f4700b Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 4 Mar 2022 15:10:06 -0500 Subject: [PATCH 12/16] Provide a dummy implementation of timing.c Also move the self test implementation guards so that alternate implementations must provide their own. Signed-off-by: Andrzej Kurek --- library/timing.c | 48 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 44 insertions(+), 4 deletions(-) diff --git a/library/timing.c b/library/timing.c index eb4146132..a5a55d66c 100644 --- a/library/timing.c +++ b/library/timing.c @@ -56,17 +56,18 @@ struct _hr_time #include #include -#include #include +#if defined(MBEDTLS_HAVE_TIME) #include - +#include struct _hr_time { struct timeval start; }; - +#endif #endif /* _WIN32 && !EFIX64 && !EFI32 */ +#if defined(MBEDTLS_HAVE_TIME) #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__) @@ -364,7 +365,6 @@ int mbedtls_timing_get_delay( void *data ) return( 0 ); } -#endif /* !MBEDTLS_TIMING_ALT */ #if defined(MBEDTLS_SELF_TEST) @@ -527,4 +527,44 @@ hard_test_done: #endif /* MBEDTLS_SELF_TEST */ +#else +volatile int mbedtls_timing_alarmed = 0; +int mbedtls_timing_get_delay( void *data ) +{ + (void) data; + return( 0 ); +} + +void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ) +{ + (void) data; + (void) int_ms; + (void) fin_ms; +} + +unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) +{ + (void) val; + (void) reset; + return( 0 ); +} + +unsigned long mbedtls_timing_hardclock( void ) +{ + return( 0 ); +} + +void mbedtls_set_alarm( int seconds ) +{ + (void) seconds; +} +#if defined(MBEDTLS_SELF_TEST) +int mbedtls_timing_self_test( int verbose ) +{ + (void) verbose; + return( 0 ); +} +#endif /* MBEDTLS_SELF_TEST */ +#endif /* MBEDTLS_HAVE_TIME */ +#endif /* !MBEDTLS_TIMING_ALT */ #endif /* MBEDTLS_TIMING_C */ From 65f93d5567d508de729d4881d22d28599e0d6c7d Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Fri, 4 Mar 2022 15:18:09 -0500 Subject: [PATCH 13/16] Fix udp_proxy dependency on MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek --- programs/test/udp_proxy.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 6dfe446a1..9a6087c72 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -75,7 +75,9 @@ int main( void ) #endif #endif /* _MSC_VER */ #else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ +#if defined(MBEDTLS_HAVE_TIME) #include +#endif #include #include #endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */ From 161005b2be6d66678ce957464392c1ee399574e7 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 12:13:50 -0500 Subject: [PATCH 14/16] Add the timing test dependency on MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek --- tests/suites/test_suite_timing.data | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data index 2522da1ea..b7b089c44 100644 --- a/tests/suites/test_suite_timing.data +++ b/tests/suites/test_suite_timing.data @@ -1,17 +1,23 @@ Timing: hardclock +depends_on:MBEDTLS_HAVE_TIME timing_hardclock: Timing: get timer +depends_on:MBEDTLS_HAVE_TIME timing_get_timer: Timing: set alarm with no delay +depends_on:MBEDTLS_HAVE_TIME timing_set_alarm:0: Timing: set alarm with 1s delay +depends_on:MBEDTLS_HAVE_TIME timing_set_alarm:1: Timing: delay 0ms +depends_on:MBEDTLS_HAVE_TIME timing_delay:0: Timing: delay 100ms +depends_on:MBEDTLS_HAVE_TIME timing_delay:100: From 388ee8a07283614f6bb65663550d8304e5b7f714 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Wed, 2 Mar 2022 12:33:24 -0500 Subject: [PATCH 15/16] Guard cache_timeout in ssl_server2 with MBEDTLS_HAVE_TIME Signed-off-by: Andrzej Kurek --- programs/ssl/ssl_server2.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 4bf6ef0fd..2cce7551b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -310,10 +310,16 @@ int main( void ) #if defined(MBEDTLS_SSL_CACHE_C) #define USAGE_CACHE \ - " cache_max=%%d default: cache default (50)\n" \ + " cache_max=%%d default: cache default (50)\n" +#if defined(MBEDTLS_HAVE_TIME) +#define USAGE_CACHE_TIME \ " cache_timeout=%%d default: cache default (1d)\n" #else +#define USAGE_CACHE_TIME "" +#endif +#else #define USAGE_CACHE "" +#define USAGE_CACHE_TIME "" #endif /* MBEDTLS_SSL_CACHE_C */ #if defined(SNI_OPTION) @@ -494,6 +500,7 @@ int main( void ) USAGE_NSS_KEYLOG \ USAGE_NSS_KEYLOG_FILE \ USAGE_CACHE \ + USAGE_CACHE_TIME \ USAGE_MAX_FRAG_LEN \ USAGE_TRUNC_HMAC \ USAGE_ALPN \ @@ -593,7 +600,9 @@ struct options int tickets; /* enable / disable session tickets */ int ticket_timeout; /* session ticket lifetime */ int cache_max; /* max number of session cache entries */ - int cache_timeout; /* expiration delay of session cache entries */ +#if defined(MBEDTLS_HAVE_TIME) + int cache_timeout; /* expiration delay of session cache entries*/ +#endif char *sni; /* string describing sni information */ const char *curves; /* list of supported elliptic curves */ const char *alpn_string; /* ALPN supported protocols */ @@ -1512,7 +1521,9 @@ int main( int argc, char *argv[] ) opt.tickets = DFL_TICKETS; opt.ticket_timeout = DFL_TICKET_TIMEOUT; opt.cache_max = DFL_CACHE_MAX; +#if defined(MBEDTLS_HAVE_TIME) opt.cache_timeout = DFL_CACHE_TIMEOUT; +#endif opt.sni = DFL_SNI; opt.alpn_string = DFL_ALPN_STRING; opt.curves = DFL_CURVES; @@ -1896,12 +1907,14 @@ int main( int argc, char *argv[] ) if( opt.cache_max < 0 ) goto usage; } +#if defined(MBEDTLS_HAVE_TIME) else if( strcmp( p, "cache_timeout" ) == 0 ) { opt.cache_timeout = atoi( q ); if( opt.cache_timeout < 0 ) goto usage; } +#endif else if( strcmp( p, "cookies" ) == 0 ) { opt.cookies = atoi( q ); From 478181d1f3b6955b3d2d89b2634b01317a217155 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 28 Feb 2022 05:51:57 -0500 Subject: [PATCH 16/16] Refactor ssl_context_info time printing Signed-off-by: Andrzej Kurek --- programs/ssl/ssl_context_info.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 349e755ed..bb84f5294 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -312,11 +312,11 @@ void print_hex( const uint8_t *b, size_t len, /* * Print the value of time_t in format e.g. 2020-01-23 13:05:59 */ -#if defined(MBEDTLS_HAVE_TIME) -void print_time( const time_t *time ) +void print_time( const uint64_t *time ) { +#if defined(MBEDTLS_HAVE_TIME) char buf[20]; - struct tm *t = gmtime( time ); + struct tm *t = gmtime( (time_t*) time ); static const char format[] = "%Y-%m-%d %H:%M:%S"; if( NULL != t ) { @@ -327,8 +327,11 @@ void print_time( const time_t *time ) { printf( "unknown\n" ); } -} +#else + (void) time; + printf( "not supported\n" ); #endif +} /* * Print the input string if the bit is set in the value @@ -613,12 +616,7 @@ void print_deserialized_ssl_session( const uint8_t *ssl, uint32_t len, ( (uint64_t) ssl[7] ); ssl += 8; printf( "\tstart time : " ); -#if defined(MBEDTLS_HAVE_TIME) - print_time( (time_t*) &start ); -#else - (void) start; - printf( "not supported\n" ); -#endif + print_time( &start ); } CHECK_SSL_END( 2 );