diff --git a/src/apps/altcp_tls/altcp_mbedtls.c b/src/apps/altcp_tls/altcp_mbedtls.c index 520c185d..eaa38807 100644 --- a/src/apps/altcp_tls/altcp_mbedtls.c +++ b/src/apps/altcp_tls/altcp_mbedtls.c @@ -56,6 +56,10 @@ #if LWIP_ALTCP /* don't build if not configured for use in lwipopts.h */ +#include "lwip/apps/altcp_tls_opts.h" + +#if LWIP_ALTCP_TLS && LWIP_ALTCP_TLS_MBEDTLS + #include "lwip/altcp.h" #include "lwip/priv/altcp_priv.h" @@ -77,18 +81,6 @@ #include -/** Configure debug level of this file */ -#ifndef ALTCP_MBEDTLS_DEBUG -#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_ON//FF -#endif - -/** Set a session timeout in seconds for the basic session cache - * ATTENTION: Using a session cache can lower security by reusing keys! - */ -#ifndef ALTCP_MBEDTLS_SESSION_CACHE_TIMEOUT_SECONDS -#define ALTCP_MBEDTLS_SESSION_CACHE_TIMEOUT_SECONDS 30//0 -#endif - #ifndef ALTCP_MBEDTLS_ENTROPY_PTR #define ALTCP_MBEDTLS_ENTROPY_PTR NULL #endif @@ -866,4 +858,5 @@ const struct altcp_functions altcp_mbedtls_functions = { altcp_mbedtls_dealloc }; +#endif /* LWIP_ALTCP_TLS && LWIP_ALTCP_TLS_MBEDTLS */ #endif /* LWIP_ALTCP */ diff --git a/src/include/lwip/apps/altcp_tls.h b/src/include/lwip/apps/altcp_tls.h index 6e1b2417..4323852b 100644 --- a/src/include/lwip/apps/altcp_tls.h +++ b/src/include/lwip/apps/altcp_tls.h @@ -43,6 +43,7 @@ #if LWIP_ALTCP /* don't build if not configured for use in lwipopts.h */ +#include "altcp_tls_opts.h" #include "lwip/altcp.h" #ifdef __cplusplus diff --git a/src/include/lwip/apps/altcp_tls_opts.h b/src/include/lwip/apps/altcp_tls_opts.h new file mode 100644 index 00000000..83e1d9ff --- /dev/null +++ b/src/include/lwip/apps/altcp_tls_opts.h @@ -0,0 +1,72 @@ +/** + * @file + * Application layered TCP/TLS connection API (to be used from TCPIP thread) + * + * This file contains options for a TLS layer. + */ + +/* + * Copyright (c) 2017 Simon Goldschmidt + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT + * SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT + * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY + * OF SUCH DAMAGE. + * + * This file is part of the lwIP TCP/IP stack. + * + * Author: Simon Goldschmidt + * + */ +#ifndef LWIP_HDR_ALTCP_TLS_OPTS_H +#define LWIP_HDR_ALTCP_TLS_OPTS_H + +#include "lwip/opt.h" + +#if LWIP_ALTCP /* don't build if not configured for use in lwipopts.h */ + +/** LWIP_ALTCP_TLS==1: enable TLS support for altcp API */ +#ifndef LWIP_ALTCP_TLS +#define LWIP_ALTCP_TLS 0 +#endif + +/** LWIP_ALTCP_TLS_MBEDTLS==1: use mbedTLS for TLS support for altcp API + * mbedtls include directory must be reachable via include search path + */ +#ifndef LWIP_ALTCP_TLS_MBEDTLS +#define LWIP_ALTCP_TLS_MBEDTLS 0 +#endif + +/** Configure debug level of this file */ +#ifndef ALTCP_MBEDTLS_DEBUG +#define ALTCP_MBEDTLS_DEBUG LWIP_DBG_OFF +#endif + +/** Set a session timeout in seconds for the basic session cache + * ATTENTION: Using a session cache can lower security by reusing keys! + */ +#ifndef ALTCP_MBEDTLS_SESSION_CACHE_TIMEOUT_SECONDS +#define ALTCP_MBEDTLS_SESSION_CACHE_TIMEOUT_SECONDS 0 +#endif + +#endif /* LWIP_ALTCP */ + +#endif /* LWIP_HDR_ALTCP_TLS_OPTS_H */