From 8b0cf2e76fa372ba6a0443ea4ee68469742aae57 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 14 Feb 2018 16:02:41 +0200 Subject: [PATCH 1/2] Include configuration file to headers Add inclusion to configration file in header files, instead of relying on other header files to include the configuration file. This issue resolves #1371 --- ChangeLog | 5 +++++ include/mbedtls/aesni.h | 6 ++++++ include/mbedtls/asn1write.h | 6 ++++++ include/mbedtls/bn_mul.h | 6 ++++++ include/mbedtls/ccm.h | 6 ++++++ include/mbedtls/certs.h | 6 ++++++ include/mbedtls/cmac.h | 6 ++++++ include/mbedtls/compat-1.3.h | 6 ++++++ include/mbedtls/ctr_drbg.h | 6 ++++++ include/mbedtls/ecdsa.h | 6 ++++++ include/mbedtls/ecjpake.h | 5 +++++ include/mbedtls/ecp.h | 6 ++++++ include/mbedtls/ecp_internal.h | 6 ++++++ include/mbedtls/gcm.h | 6 ++++++ include/mbedtls/hmac_drbg.h | 6 ++++++ include/mbedtls/net.h | 5 +++++ include/mbedtls/padlock.h | 6 ++++++ include/mbedtls/pem.h | 6 ++++++ include/mbedtls/ssl_ciphersuites.h | 6 ++++++ include/mbedtls/ssl_cookie.h | 6 ++++++ include/mbedtls/ssl_internal.h | 6 ++++++ include/mbedtls/ssl_ticket.h | 6 ++++++ 22 files changed, 129 insertions(+) diff --git a/ChangeLog b/ChangeLog index 43dfb9977..167a4767b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -52,6 +52,11 @@ Bugfix * Fix double initialization of ECC hardware that made some accelerators hang. +Changes + * Include configuration file in all header files that use configuration, + instead of relying on other header files that they include. + Inserted as an enhancement for #1371 + = mbed TLS 2.14.0 branch released 2018-11-19 Security diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h index 746baa0e1..7b16b4bad 100644 --- a/include/mbedtls/aesni.h +++ b/include/mbedtls/aesni.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "aes.h" #define MBEDTLS_AESNI_AES 0x02000000u diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 76c1780b5..360540a00 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "asn1.h" #define MBEDTLS_ASN1_CHK_ADD(g, f) \ diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index 2f7b72fe4..ac1e3f986 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -38,6 +38,12 @@ #ifndef MBEDTLS_BN_MUL_H #define MBEDTLS_BN_MUL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "bignum.h" #if defined(MBEDTLS_HAVE_ASM) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index dfb1b5e56..483a67a03 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -49,6 +49,12 @@ #ifndef MBEDTLS_CCM_H #define MBEDTLS_CCM_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h index 8dab7b5ce..b7c5708f8 100644 --- a/include/mbedtls/certs.h +++ b/include/mbedtls/certs.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include #ifdef __cplusplus diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index c19679353..9d42b3f20 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -28,6 +28,12 @@ #ifndef MBEDTLS_CMAC_H #define MBEDTLS_CMAC_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #ifdef __cplusplus diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h index 213b69140..a58b47243 100644 --- a/include/mbedtls/compat-1.3.h +++ b/include/mbedtls/compat-1.3.h @@ -25,6 +25,12 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #if ! defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 10f9389d9..838f5f162 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -36,6 +36,12 @@ #ifndef MBEDTLS_CTR_DRBG_H #define MBEDTLS_CTR_DRBG_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "aes.h" #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 4057828d4..6d99b974c 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -32,6 +32,12 @@ #ifndef MBEDTLS_ECDSA_H #define MBEDTLS_ECDSA_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ecp.h" #include "md.h" diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 59d12f080..010f24a48 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -40,6 +40,11 @@ * The payloads are serialized in a way suitable for use in TLS, but could * also be use outside TLS. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif #include "ecp.h" #include "md.h" diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 1c372980e..e20d9e0e2 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -36,6 +36,12 @@ #ifndef MBEDTLS_ECP_H #define MBEDTLS_ECP_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "bignum.h" /* diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h index 18040697a..7625ed48e 100644 --- a/include/mbedtls/ecp_internal.h +++ b/include/mbedtls/ecp_internal.h @@ -61,6 +61,12 @@ #ifndef MBEDTLS_ECP_INTERNAL_H #define MBEDTLS_ECP_INTERNAL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #if defined(MBEDTLS_ECP_INTERNAL_ALT) /** diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 93d15ee80..16092fa25 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -33,6 +33,12 @@ #ifndef MBEDTLS_GCM_H #define MBEDTLS_GCM_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #include diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 146367b9d..7eae32bbd 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "md.h" #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h index 6c13b53fb..8cead58e5 100644 --- a/include/mbedtls/net.h +++ b/include/mbedtls/net.h @@ -23,6 +23,11 @@ * * This file is part of mbed TLS (https://tls.mbed.org) */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif #if !defined(MBEDTLS_DEPRECATED_REMOVED) #include "net_sockets.h" diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h index 677936ebf..918e6195a 100644 --- a/include/mbedtls/padlock.h +++ b/include/mbedtls/padlock.h @@ -25,6 +25,12 @@ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "aes.h" #define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index fa82f7bdb..a29e9ce30 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include /** diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index cda8b4835..71053e5ba 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "pk.h" #include "cipher.h" #include "md.h" diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 6a0ad4fa9..e34760ae8 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ssl.h" #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 97abb9f90..bd5ad94db 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_INTERNAL_H #define MBEDTLS_SSL_INTERNAL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ssl.h" #include "cipher.h" diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index b2686df09..a84e7816e 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + /* * This implementation of the session ticket callbacks includes key * management, rotating the keys periodically in order to preserve forward From 9cbd1b2ecd6bd7bdc667ee4ffd7244dbcccd7b62 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 16 Dec 2018 12:14:37 +0200 Subject: [PATCH 2/2] Include configuration file for all headers Include the configuration file for all headers that were not included, and for new headers introduced. --- include/mbedtls/base64.h | 6 ++++++ include/mbedtls/ecdh.h | 6 ++++++ include/mbedtls/error.h | 6 ++++++ include/mbedtls/havege.h | 6 ++++++ include/mbedtls/hkdf.h | 6 ++++++ include/mbedtls/nist_kw.h | 6 ++++++ include/mbedtls/pkcs12.h | 6 ++++++ include/mbedtls/pkcs5.h | 6 ++++++ include/mbedtls/ssl_cache.h | 6 ++++++ 9 files changed, 54 insertions(+) diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 7a64f5216..10e4145ee 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include #define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index cbd48414a..e70865cd0 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -34,6 +34,12 @@ #ifndef MBEDTLS_ECDH_H #define MBEDTLS_ECDH_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ecp.h" /* diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 0c3888987..72e19df85 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include /** diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h index 57e8c4094..4c1c86087 100644 --- a/include/mbedtls/havege.h +++ b/include/mbedtls/havege.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_HAVEGE_H #define MBEDTLS_HAVEGE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include #define MBEDTLS_HAVEGE_COLLECT_SIZE 1024 diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index e6ed7cde9..40ee64eb0 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -27,6 +27,12 @@ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "md.h" /** diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 5a0f656a8..3b67b59cd 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -37,6 +37,12 @@ #ifndef MBEDTLS_NIST_KW_H #define MBEDTLS_NIST_KW_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #ifdef __cplusplus diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 69f04177c..d441357b7 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "md.h" #include "cipher.h" #include "asn1.h" diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index d4bb36dfa..f20125004 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -26,6 +26,12 @@ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "asn1.h" #include "md.h" diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index ec081e6d2..52ba0948c 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ssl.h" #if defined(MBEDTLS_THREADING_C)