mbedtls/include/psa
Gilles Peskine 0b8ece6beb Error out if *adjust* headers are included manually
Some projects using Mbed TLS have migrated their configuration
file (config.h -> mbedtls_config.h, or MBEDTLS_CONFIG_FILE) from Mbed TLS
2.x, and kept including check_config.h. This is unnecessary since Mbed TLS
3.0, and increasingly in 3.x it may report spurious errors because the
configuration adjustments have not been done yet. This has led some
projects to include configuration adjustment headers manually, but only
partially or in the wrong order, which can result in silent inconsistencies.
Error out if this happens, with a message mentioning check_config.h since
that's the likely root cause.

```
perl -i -pe '$name = $ARGV; $name =~ s!include/!!; $name =~ s!_adjust_.*!_adjust_*.h!; $_ .= "\n#if !defined(MBEDTLS_CONFIG_FILES_READ)\n#error \"Do not include $name manually! This can lead to problems, \" \\\n    \"up to and including runtime errors such as buffer overflows. \" \\\n    \"If you're trying to fix a complaint from check_config.h, just remove it \" \\\n    \"from your configuration file: since Mbed TLS 3.0, it is included \" \\\n    \"automatically at the right time.\"\n#endif /* !MBEDTLS_CONFIG_FILES_READ */\n" if /^#define .*_H$/' include/*/*adjust*.h
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-05-29 09:44:20 +02:00
..
build_info.h
crypto_adjust_auto_enabled.h Error out if *adjust* headers are included manually 2024-05-29 09:44:20 +02:00
crypto_adjust_config_dependencies.h Error out if *adjust* headers are included manually 2024-05-29 09:44:20 +02:00
crypto_adjust_config_key_pair_types.h Error out if *adjust* headers are included manually 2024-05-29 09:44:20 +02:00
crypto_adjust_config_synonyms.h Error out if *adjust* headers are included manually 2024-05-29 09:44:20 +02:00
crypto_builtin_composites.h
crypto_builtin_key_derivation.h
crypto_builtin_primitives.h
crypto_compat.h Remove domain parameters from the public API 2024-02-26 08:50:53 +01:00
crypto_config.h
crypto_driver_common.h
crypto_driver_contexts_composites.h
crypto_driver_contexts_key_derivation.h
crypto_driver_contexts_primitives.h
crypto_extra.h In attributes, keep track of slot number through a dedicated field 2024-02-28 01:49:45 +01:00
crypto_legacy.h
crypto_platform.h
crypto_se_driver.h
crypto_sizes.h
crypto_struct.h Fix code style 2024-02-28 10:56:14 +01:00
crypto_types.h Fix typo in psa_key_production_parameters_t doc: 65535 should be 65537 2024-03-26 12:25:07 +00:00
crypto_values.h Fix copypasta 2024-02-15 17:15:29 +01:00
crypto.h Document security weakness in concurrent execution of psa_destroy_key 2024-03-14 15:54:07 +00:00