From 8b0cf2e76fa372ba6a0443ea4ee68469742aae57 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Wed, 14 Feb 2018 16:02:41 +0200 Subject: [PATCH 1/2] Include configuration file to headers Add inclusion to configration file in header files, instead of relying on other header files to include the configuration file. This issue resolves #1371 --- ChangeLog | 5 +++++ include/mbedtls/aesni.h | 6 ++++++ include/mbedtls/asn1write.h | 6 ++++++ include/mbedtls/bn_mul.h | 6 ++++++ include/mbedtls/ccm.h | 6 ++++++ include/mbedtls/certs.h | 6 ++++++ include/mbedtls/cmac.h | 6 ++++++ include/mbedtls/compat-1.3.h | 6 ++++++ include/mbedtls/ctr_drbg.h | 6 ++++++ include/mbedtls/ecdsa.h | 6 ++++++ include/mbedtls/ecjpake.h | 5 +++++ include/mbedtls/ecp.h | 6 ++++++ include/mbedtls/ecp_internal.h | 6 ++++++ include/mbedtls/gcm.h | 6 ++++++ include/mbedtls/hmac_drbg.h | 6 ++++++ include/mbedtls/net.h | 5 +++++ include/mbedtls/padlock.h | 6 ++++++ include/mbedtls/pem.h | 6 ++++++ include/mbedtls/ssl_ciphersuites.h | 6 ++++++ include/mbedtls/ssl_cookie.h | 6 ++++++ include/mbedtls/ssl_internal.h | 6 ++++++ include/mbedtls/ssl_ticket.h | 6 ++++++ 22 files changed, 129 insertions(+) diff --git a/ChangeLog b/ChangeLog index 43dfb99771..167a4767b4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -52,6 +52,11 @@ Bugfix * Fix double initialization of ECC hardware that made some accelerators hang. +Changes + * Include configuration file in all header files that use configuration, + instead of relying on other header files that they include. + Inserted as an enhancement for #1371 + = mbed TLS 2.14.0 branch released 2018-11-19 Security diff --git a/include/mbedtls/aesni.h b/include/mbedtls/aesni.h index 746baa0e17..7b16b4bad0 100644 --- a/include/mbedtls/aesni.h +++ b/include/mbedtls/aesni.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "aes.h" #define MBEDTLS_AESNI_AES 0x02000000u diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 76c1780b59..360540a002 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "asn1.h" #define MBEDTLS_ASN1_CHK_ADD(g, f) \ diff --git a/include/mbedtls/bn_mul.h b/include/mbedtls/bn_mul.h index 2f7b72fe4c..ac1e3f986a 100644 --- a/include/mbedtls/bn_mul.h +++ b/include/mbedtls/bn_mul.h @@ -38,6 +38,12 @@ #ifndef MBEDTLS_BN_MUL_H #define MBEDTLS_BN_MUL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "bignum.h" #if defined(MBEDTLS_HAVE_ASM) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index dfb1b5e566..483a67a03c 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -49,6 +49,12 @@ #ifndef MBEDTLS_CCM_H #define MBEDTLS_CCM_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to the function. */ diff --git a/include/mbedtls/certs.h b/include/mbedtls/certs.h index 8dab7b5ce8..b7c5708f85 100644 --- a/include/mbedtls/certs.h +++ b/include/mbedtls/certs.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include #ifdef __cplusplus diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index c196793531..9d42b3f209 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -28,6 +28,12 @@ #ifndef MBEDTLS_CMAC_H #define MBEDTLS_CMAC_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #ifdef __cplusplus diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h index 213b691403..a58b47243d 100644 --- a/include/mbedtls/compat-1.3.h +++ b/include/mbedtls/compat-1.3.h @@ -25,6 +25,12 @@ * This file is part of mbed TLS (https://tls.mbed.org) */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #if ! defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 10f9389d9f..838f5f162e 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -36,6 +36,12 @@ #ifndef MBEDTLS_CTR_DRBG_H #define MBEDTLS_CTR_DRBG_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "aes.h" #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 4057828d47..6d99b974c7 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -32,6 +32,12 @@ #ifndef MBEDTLS_ECDSA_H #define MBEDTLS_ECDSA_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ecp.h" #include "md.h" diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 59d12f080f..010f24a48e 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -40,6 +40,11 @@ * The payloads are serialized in a way suitable for use in TLS, but could * also be use outside TLS. */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif #include "ecp.h" #include "md.h" diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 1c372980e5..e20d9e0e28 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -36,6 +36,12 @@ #ifndef MBEDTLS_ECP_H #define MBEDTLS_ECP_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "bignum.h" /* diff --git a/include/mbedtls/ecp_internal.h b/include/mbedtls/ecp_internal.h index 18040697ad..7625ed48e1 100644 --- a/include/mbedtls/ecp_internal.h +++ b/include/mbedtls/ecp_internal.h @@ -61,6 +61,12 @@ #ifndef MBEDTLS_ECP_INTERNAL_H #define MBEDTLS_ECP_INTERNAL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #if defined(MBEDTLS_ECP_INTERNAL_ALT) /** diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 93d15ee802..16092fa25e 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -33,6 +33,12 @@ #ifndef MBEDTLS_GCM_H #define MBEDTLS_GCM_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #include diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 146367b9de..7eae32bbd6 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "md.h" #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/net.h b/include/mbedtls/net.h index 6c13b53fb9..8cead58e5d 100644 --- a/include/mbedtls/net.h +++ b/include/mbedtls/net.h @@ -23,6 +23,11 @@ * * This file is part of mbed TLS (https://tls.mbed.org) */ +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif #if !defined(MBEDTLS_DEPRECATED_REMOVED) #include "net_sockets.h" diff --git a/include/mbedtls/padlock.h b/include/mbedtls/padlock.h index 677936ebf8..918e6195ad 100644 --- a/include/mbedtls/padlock.h +++ b/include/mbedtls/padlock.h @@ -25,6 +25,12 @@ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "aes.h" #define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index fa82f7bdbd..a29e9ce300 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include /** diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index cda8b4835b..71053e5ba7 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "pk.h" #include "cipher.h" #include "md.h" diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 6a0ad4fa96..e34760ae85 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ssl.h" #if defined(MBEDTLS_THREADING_C) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 97abb9f90b..bd5ad94dbf 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_INTERNAL_H #define MBEDTLS_SSL_INTERNAL_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ssl.h" #include "cipher.h" diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index b2686df09f..a84e7816e4 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + /* * This implementation of the session ticket callbacks includes key * management, rotating the keys periodically in order to preserve forward From 9cbd1b2ecd6bd7bdc667ee4ffd7244dbcccd7b62 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Sun, 16 Dec 2018 12:14:37 +0200 Subject: [PATCH 2/2] Include configuration file for all headers Include the configuration file for all headers that were not included, and for new headers introduced. --- include/mbedtls/base64.h | 6 ++++++ include/mbedtls/ecdh.h | 6 ++++++ include/mbedtls/error.h | 6 ++++++ include/mbedtls/havege.h | 6 ++++++ include/mbedtls/hkdf.h | 6 ++++++ include/mbedtls/nist_kw.h | 6 ++++++ include/mbedtls/pkcs12.h | 6 ++++++ include/mbedtls/pkcs5.h | 6 ++++++ include/mbedtls/ssl_cache.h | 6 ++++++ 9 files changed, 54 insertions(+) diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 7a64f52163..10e4145ee6 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include #define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index cbd48414a3..e70865cd03 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -34,6 +34,12 @@ #ifndef MBEDTLS_ECDH_H #define MBEDTLS_ECDH_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ecp.h" /* diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 0c38889878..72e19df852 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include /** diff --git a/include/mbedtls/havege.h b/include/mbedtls/havege.h index 57e8c40943..4c1c86087a 100644 --- a/include/mbedtls/havege.h +++ b/include/mbedtls/havege.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_HAVEGE_H #define MBEDTLS_HAVEGE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include #define MBEDTLS_HAVEGE_COLLECT_SIZE 1024 diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index e6ed7cde97..40ee64eb03 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -27,6 +27,12 @@ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "md.h" /** diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 5a0f656a8f..3b67b59cd2 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -37,6 +37,12 @@ #ifndef MBEDTLS_NIST_KW_H #define MBEDTLS_NIST_KW_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "cipher.h" #ifdef __cplusplus diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 69f04177c8..d441357b7f 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "md.h" #include "cipher.h" #include "asn1.h" diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index d4bb36dfae..f201250046 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -26,6 +26,12 @@ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "asn1.h" #include "md.h" diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index ec081e6d24..52ba0948c5 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -24,6 +24,12 @@ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + #include "ssl.h" #if defined(MBEDTLS_THREADING_C)