diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 87ece4bf4..1771aa5dc 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -64,16 +64,6 @@ enum { #endif -#ifndef min - - static INLINE word32 min(word32 a, word32 b) - { - return a > b ? b : a; - } - -#endif /* min */ - - #ifdef THREADX /* uses parital structures */ #define XTIME(tl) (0) @@ -1351,7 +1341,6 @@ static int GetName(DecodedCert* cert, int nameType) int oidSz; if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) { - (void)b; /* empty body warning w/o messages enabled */ CYASSL_MSG("Cert name lacks set header, trying sequence"); } @@ -2958,6 +2947,17 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) #ifdef CYASSL_CERT_GEN + +#ifndef min + + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } + +#endif /* min */ + + /* Initialize and Set Certficate defaults: version = 3 (0x2) serial = 0 diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index 63f698abf..678d03294 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -60,6 +60,9 @@ /* Uncomment next line if building CyaSSL for a game console */ /* #define CYASSL_GAME_BUILD */ +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + #include @@ -146,6 +149,29 @@ #endif #endif +#ifdef CYASSL_LSR + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "fs.h" + #endif + #define CYASSL_LWIP + #define CYASSL_SAFERTOS +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif +#endif + #ifdef MICRIUM #include "stdlib.h" diff --git a/cyassl/internal.h b/cyassl/internal.h index 67a814bbb..b7c595eaf 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -69,7 +69,7 @@ #endif #elif defined(MICRIUM) /* do nothing, just don't pick Unix */ -#elif defined(FREERTOS) +#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) /* do nothing */ #elif defined(EBSNET) /* do nothing */ @@ -674,6 +674,11 @@ struct CYASSL_CIPHER { /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ #ifdef FREERTOS typedef xSemaphoreHandle CyaSSL_Mutex; + #elif defined(CYASSL_SAFERTOS) + typedef struct CyaSSL_Mutex { + signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; + xSemaphoreHandle mutex; + } CyaSSL_Mutex; #elif defined(USE_WINDOWS_API) typedef CRITICAL_SECTION CyaSSL_Mutex; #elif defined(CYASSL_PTHREADS) diff --git a/cyassl/test.h b/cyassl/test.h index d56e94e61..59788dc2d 100644 --- a/cyassl/test.h +++ b/cyassl/test.h @@ -630,10 +630,14 @@ static INLINE int myVerify(int preverify, CYASSL_X509_STORE_CTX* store) { char buffer[80]; +#ifdef OPENSSL_EXTRA + CYASSL_X509* peer; +#endif + printf("In verification callback, error = %d, %s\n", store->error, CyaSSL_ERR_error_string(store->error, buffer)); #ifdef OPENSSL_EXTRA - CYASSL_X509* peer = store->current_cert; + peer = store->current_cert; if (peer) { char* issuer = CyaSSL_X509_NAME_oneline( CyaSSL_X509_get_issuer_name(peer), 0, 0); diff --git a/examples/client/client.c b/examples/client/client.c index 955981040..ef3472448 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -392,7 +392,8 @@ void client_test(void* args) sslResume = CyaSSL_new(ctx); #endif - CyaSSL_shutdown(ssl); + if (doDTLS == 0) /* don't send alert after "break" command */ + CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ CyaSSL_free(ssl); CloseSocket(sockfd); @@ -404,7 +405,7 @@ void client_test(void* args) sleep(1); #endif } - tcp_connect(&sockfd, host, port); + tcp_connect(&sockfd, host, port, doDTLS); CyaSSL_set_fd(sslResume, sockfd); CyaSSL_set_session(sslResume, session); diff --git a/src/internal.c b/src/internal.c index c6547b478..9d7668abc 100644 --- a/src/internal.c +++ b/src/internal.c @@ -449,6 +449,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, (void)havePSK; (void)haveNTRU; (void)haveStaticECC; + (void)haveRSAsig; if (suites->setSuites) return; /* trust user settings, don't override */ @@ -7076,6 +7077,37 @@ int UnLockMutex(CyaSSL_Mutex* m) return 0; } + #elif defined(CYASSL_SAFERTOS) + + int InitMutex(CyaSSL_Mutex* m) + { + vSemaphoreCreateBinary(m->mutexBuffer, m->mutex); + if (m->mutex == NULL) + return BAD_MUTEX_ERROR; + + return 0; + } + + int FreeMutex(CyaSSL_Mutex* m) + { + (void)m; + return 0; + } + + int LockMutex(CyaSSL_Mutex* m) + { + /* Assume an infinite block */ + xSemaphoreTake(m->mutex, portMAX_DELAY); + return 0; + } + + int UnLockMutex(CyaSSL_Mutex* m) + { + xSemaphoreGive(m->mutex); + return 0; + } + + #elif defined(USE_WINDOWS_API) int InitMutex(CyaSSL_Mutex* m) @@ -7257,7 +7289,7 @@ int UnLockMutex(CyaSSL_Mutex* m) return BAD_MUTEX_ERROR; } - int UnlockMutex(CyaSSL_Mutex* m) + int UnLockMutex(CyaSSL_Mutex* m) { rtp_sig_mutex_release(*m); return 0; diff --git a/src/io.c b/src/io.c index cc0c25080..1b8602227 100644 --- a/src/io.c +++ b/src/io.c @@ -43,9 +43,11 @@ #ifndef USE_WINDOWS_API #ifdef CYASSL_LWIP /* lwIP needs to be configured to use sockets API in this mode */ - /* LWIP_SOCKET 1 && LWIP_COMPAT_SOCKETS 1 in lwip/opt.h or in build */ - #define LWIP_PROVIDE_ERRNO 1 - #include "sockets.h" + /* LWIP_SOCKET 1 in lwip/opt.h or in build */ + #include "lwip/sockets.h" + #ifndef LWIP_PROVIDE_ERRNO + #define LWIP_PROVIDE_ERRNO 1 + #endif #else #include #include @@ -53,7 +55,7 @@ #include #endif #include - #if !(defined(DEVKITPRO) || defined(THREADX)) || defined(EBSNET) + #if !(defined(DEVKITPRO) || defined(THREADX) || defined(EBSNET)) #include #include #include @@ -109,6 +111,9 @@ int net_recv(int, void*, int, unsigned int); #define SEND_FUNCTION net_send #define RECV_FUNCTION net_recv +#elif defined(CYASSL_LWIP) + #define SEND_FUNCTION lwip_send + #define RECV_FUNCTION lwip_recv #else #define SEND_FUNCTION send #define RECV_FUNCTION recv @@ -120,7 +125,7 @@ static INLINE int LastError(void) #ifdef USE_WINDOWS_API return WSAGetLastError(); #elif defined(EBSNET) - return un_getlasterror(); + return xn_getlasterror(); #else return errno; #endif diff --git a/src/ssl.c b/src/ssl.c index abd0f2b49..875dccae6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1139,13 +1139,12 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify) #endif /* HAVE_ECC */ } else if (type == CERT_TYPE) { - int ret; DecodedCert cert; CYASSL_MSG("Checking cert signature type"); InitDecodedCert(&cert, der.buffer, der.length, ctx->heap); - if ((ret = DecodeToKey(&cert, 0)) < 0) { + if (DecodeToKey(&cert, 0) < 0) { CYASSL_MSG("Decode to key failed"); return SSL_BAD_FILE; } @@ -1215,17 +1214,18 @@ static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, #define XFCLOSE vf_close #define XSEEK_END VSEEK_END #define XBADFILE -1 -#elif !defined(MICRIUM) - #define XFILE FILE* - #define XFOPEN fopen - #define XFSEEK fseek - #define XFTELL ftell - #define XREWIND rewind - #define XFREAD fread - #define XFCLOSE fclose - #define XSEEK_END SEEK_END - #define XBADFILE NULL -#else +#elif defined(LSR_FS) + #include + #define XFILE struct fs_file* + #define XFOPEN(NAME, MODE) fs_open(NAME); + #define XFSEEK + #define XFTELL(F) (F)->len + #define XREWIND + #define XFREAD(BUF, SZ, AMT, F) fs_read(F, BUF, SZ*AMT) + #define XFCLOSE fs_close + #define XSEEK_END 0 + #define XBADFILE NULL +#elif defined(MICRIUM) #include #define XFILE FS_FILE* #define XFOPEN fs_fopen @@ -1236,6 +1236,17 @@ static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, #define XFCLOSE fs_fclose #define XSEEK_END FS_SEEK_END #define XBADFILE NULL +#else + /* stdio, default case */ + #define XFILE FILE* + #define XFOPEN fopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND rewind + #define XFREAD fread + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL #endif