From 55768f26fc999b560efc2b13b0d33faa43b24bbf Mon Sep 17 00:00:00 2001
From: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Date: Thu, 27 May 2021 14:57:03 +0200
Subject: [PATCH] Fix MBEDTLS_PRIVATE wrapping in tests and sample programs.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
---
 programs/ssl/dtls_client.c     | 2 --
 programs/ssl/dtls_server.c     | 4 +---
 programs/ssl/mini_client.c     | 6 ++----
 programs/ssl/ssl_client1.c     | 2 --
 programs/ssl/ssl_fork_server.c | 4 +---
 programs/ssl/ssl_mail_client.c | 2 --
 programs/ssl/ssl_server.c      | 4 +---
 programs/ssl/ssl_server2.c     | 4 ++--
 8 files changed, 7 insertions(+), 21 deletions(-)

diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index c3c73bb14c..1e97795336 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -17,8 +17,6 @@
  *  limitations under the License.
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 34419db7c6..de47aab251 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -17,8 +17,6 @@
  *  limitations under the License.
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else
@@ -231,7 +229,7 @@ int main( void )
                                    mbedtls_ssl_cache_set );
 #endif
 
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL );
    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
     {
         printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index a067a8fd5e..42dbeac9ed 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -18,8 +18,6 @@
  *  limitations under the License.
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else
@@ -252,13 +250,13 @@ int main( void )
     addr.sin_addr.s_addr = *((char *) &ret) == ret ? ADDR_LE : ADDR_BE;
     ret = 0;
 
-    if( ( server_fd.fd = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
+    if( ( server_fd.MBEDTLS_PRIVATE(fd) = socket( AF_INET, SOCK_STREAM, 0 ) ) < 0 )
     {
         ret = socket_failed;
         goto exit;
     }
 
-    if( connect( server_fd.fd,
+    if( connect( server_fd.MBEDTLS_PRIVATE(fd),
                 (const struct sockaddr *) &addr, sizeof( addr ) ) < 0 )
     {
         ret = connect_failed;
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index 3e479d00af..6624224af4 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -17,8 +17,6 @@
  *  limitations under the License.
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 38a68831ec..573210870e 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -17,8 +17,6 @@
  *  limitations under the License.
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else
@@ -195,7 +193,7 @@ int main( void )
     mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
     mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL );
     if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
     {
         mbedtls_printf( " failed!  mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 5d395c25fa..09bbc3d695 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -21,8 +21,6 @@
  * be set before config.h, which pulls in glibc's features.h indirectly.
  * Harmless on other platforms. */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #define _POSIX_C_SOURCE 200112L
 #define _XOPEN_SOURCE 600
 
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 8458a22b43..42196ffc02 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -17,8 +17,6 @@
  *  limitations under the License.
  */
 
-#define MBEDTLS_ALLOW_PRIVATE_ACCESS
-
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/config.h"
 #else
@@ -217,7 +215,7 @@ int main( void )
                                    mbedtls_ssl_cache_set );
 #endif
 
-    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.MBEDTLS_PRIVATE(next), NULL );
     if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index da145a92cf..f7a424a5a6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -805,7 +805,7 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl,
             return( mbedtls_ssl_set_hs_own_cert( ssl, cur->cert, cur->key ) );
         }
 
-        cur = cur->MBEDTLS_PRIVATE(next);
+        cur = cur->next;
     }
 
     return( -1 );
@@ -921,7 +921,7 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl,
             return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) );
         }
 
-        cur = cur->MBEDTLS_PRIVATE(next);
+        cur = cur->next;
     }
 
     return( -1 );