From 198e48fa9411d958ad1f73cd59d2d95c720afb24 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Tue, 14 Aug 2012 13:10:27 -0600 Subject: [PATCH 1/5] minor RTIP adjustments --- src/internal.c | 2 +- src/io.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/internal.c b/src/internal.c index 0e843b37b..b7ad05eb7 100644 --- a/src/internal.c +++ b/src/internal.c @@ -7122,7 +7122,7 @@ int UnLockMutex(CyaSSL_Mutex* m) return BAD_MUTEX_ERROR; } - int UnlockMutex(CyaSSL_Mutex* m) + int UnLockMutex(CyaSSL_Mutex* m) { rtp_sig_mutex_release(*m); return 0; diff --git a/src/io.c b/src/io.c index cc0c25080..1d6d3c0fd 100644 --- a/src/io.c +++ b/src/io.c @@ -53,7 +53,7 @@ #include #endif #include - #if !(defined(DEVKITPRO) || defined(THREADX)) || defined(EBSNET) + #if !(defined(DEVKITPRO) || defined(THREADX) || defined(EBSNET)) #include #include #include @@ -120,7 +120,7 @@ static INLINE int LastError(void) #ifdef USE_WINDOWS_API return WSAGetLastError(); #elif defined(EBSNET) - return un_getlasterror(); + return xn_getlasterror(); #else return errno; #endif From 05692e1d6ad1049e6bf9e7d42404672f3b7e32ae Mon Sep 17 00:00:00 2001 From: toddouska Date: Wed, 15 Aug 2012 17:00:11 -0700 Subject: [PATCH 2/5] IAR fixes, SafeRTOS port, better LWIP support --- ctaocrypt/src/asn.c | 22 +++++++++++----------- cyassl/ctaocrypt/settings.h | 19 +++++++++++++++++++ cyassl/internal.h | 7 ++++++- src/internal.c | 32 ++++++++++++++++++++++++++++++++ src/io.c | 11 ++++++++--- src/ssl.c | 3 +-- 6 files changed, 77 insertions(+), 17 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 87ece4bf4..1771aa5dc 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -64,16 +64,6 @@ enum { #endif -#ifndef min - - static INLINE word32 min(word32 a, word32 b) - { - return a > b ? b : a; - } - -#endif /* min */ - - #ifdef THREADX /* uses parital structures */ #define XTIME(tl) (0) @@ -1351,7 +1341,6 @@ static int GetName(DecodedCert* cert, int nameType) int oidSz; if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) { - (void)b; /* empty body warning w/o messages enabled */ CYASSL_MSG("Cert name lacks set header, trying sequence"); } @@ -2958,6 +2947,17 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) #ifdef CYASSL_CERT_GEN + +#ifndef min + + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } + +#endif /* min */ + + /* Initialize and Set Certficate defaults: version = 3 (0x2) serial = 0 diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index ef60087aa..72f19ff25 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -57,6 +57,9 @@ /* Uncomment next line if building CyaSSL for a game console */ /* #define CYASSL_GAME_BUILD */ +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + #include @@ -110,6 +113,22 @@ #endif #endif +#ifdef CYASSL_LSR + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define CYASSL_LWIP + #define CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif +#endif + #ifdef MICRIUM #include "stdlib.h" diff --git a/cyassl/internal.h b/cyassl/internal.h index 372ca4a82..d958881ab 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -69,7 +69,7 @@ #endif #elif defined(MICRIUM) /* do nothing, just don't pick Unix */ -#elif defined(FREERTOS) +#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) /* do nothing */ #else #ifndef SINGLE_THREADED @@ -670,6 +670,11 @@ struct CYASSL_CIPHER { /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ #ifdef FREERTOS typedef xSemaphoreHandle CyaSSL_Mutex; + #elif defined(CYASSL_SAFERTOS) + typedef struct CyaSSL_Mutex { + signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; + xSemaphoreHandle mutex; + } CyaSSL_Mutex; #elif defined(USE_WINDOWS_API) typedef CRITICAL_SECTION CyaSSL_Mutex; #elif defined(CYASSL_PTHREADS) diff --git a/src/internal.c b/src/internal.c index ff73e0bfd..211483c0f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -449,6 +449,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, (void)havePSK; (void)haveNTRU; (void)haveStaticECC; + (void)haveRSAsig; if (suites->setSuites) return; /* trust user settings, don't override */ @@ -6941,6 +6942,37 @@ int UnLockMutex(CyaSSL_Mutex* m) return 0; } + #elif defined(CYASSL_SAFERTOS) + + int InitMutex(CyaSSL_Mutex* m) + { + vSemaphoreCreateBinary(m->mutexBuffer, m->mutex); + if (m->mutex == NULL) + return BAD_MUTEX_ERROR; + + return 0; + } + + int FreeMutex(CyaSSL_Mutex* m) + { + (void)m; + return 0; + } + + int LockMutex(CyaSSL_Mutex* m) + { + /* Assume an infinite block */ + xSemaphoreTake(m->mutex, portMAX_DELAY); + return 0; + } + + int UnLockMutex(CyaSSL_Mutex* m) + { + xSemaphoreGive(m->mutex); + return 0; + } + + #elif defined(USE_WINDOWS_API) int InitMutex(CyaSSL_Mutex* m) diff --git a/src/io.c b/src/io.c index 9316defb5..5040b425a 100644 --- a/src/io.c +++ b/src/io.c @@ -43,9 +43,11 @@ #ifndef USE_WINDOWS_API #ifdef CYASSL_LWIP /* lwIP needs to be configured to use sockets API in this mode */ - /* LWIP_SOCKET 1 && LWIP_COMPAT_SOCKETS 1 in lwip/opt.h or in build */ - #define LWIP_PROVIDE_ERRNO 1 - #include "sockets.h" + /* LWIP_SOCKET 1 in lwip/opt.h or in build */ + #include "lwip/sockets.h" + #ifndef LWIP_PROVIDE_ERRNO + #define LWIP_PROVIDE_ERRNO 1 + #endif #else #include #include @@ -103,6 +105,9 @@ int net_recv(int, void*, int, unsigned int); #define SEND_FUNCTION net_send #define RECV_FUNCTION net_recv +#elif defined(CYASSL_LWIP) + #define SEND_FUNCTION lwip_send + #define RECV_FUNCTION lwip_recv #else #define SEND_FUNCTION send #define RECV_FUNCTION recv diff --git a/src/ssl.c b/src/ssl.c index 6101f8eb5..a8ee7c717 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1134,13 +1134,12 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify) #endif /* HAVE_ECC */ } else if (type == CERT_TYPE) { - int ret; DecodedCert cert; CYASSL_MSG("Checking cert signature type"); InitDecodedCert(&cert, der.buffer, der.length, ctx->heap); - if ((ret = DecodeToKey(&cert, 0)) < 0) { + if (DecodeToKey(&cert, 0) < 0) { CYASSL_MSG("Decode to key failed"); return SSL_BAD_FILE; } From 4b8fdb4371ab737207a1fcfdb51135468f00f1bd Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 17 Aug 2012 12:43:36 -0700 Subject: [PATCH 3/5] fix examples client DTLS resume --- examples/client/client.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 955981040..ef3472448 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -392,7 +392,8 @@ void client_test(void* args) sslResume = CyaSSL_new(ctx); #endif - CyaSSL_shutdown(ssl); + if (doDTLS == 0) /* don't send alert after "break" command */ + CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ CyaSSL_free(ssl); CloseSocket(sockfd); @@ -404,7 +405,7 @@ void client_test(void* args) sleep(1); #endif } - tcp_connect(&sockfd, host, port); + tcp_connect(&sockfd, host, port, doDTLS); CyaSSL_set_fd(sslResume, sockfd); CyaSSL_set_session(sslResume, session); From 03356be00bcdce67de966cf13f85113497d4762d Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 17 Aug 2012 12:51:37 -0700 Subject: [PATCH 4/5] fix verify_callback local declaration after beginning --- cyassl/test.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cyassl/test.h b/cyassl/test.h index 82cee429e..61eddf59a 100644 --- a/cyassl/test.h +++ b/cyassl/test.h @@ -630,10 +630,14 @@ static INLINE int myVerify(int preverify, CYASSL_X509_STORE_CTX* store) { char buffer[80]; +#ifdef OPENSSL_EXTRA + CYASSL_X509* peer; +#endif + printf("In verification callback, error = %d, %s\n", store->error, CyaSSL_ERR_error_string(store->error, buffer)); #ifdef OPENSSL_EXTRA - CYASSL_X509* peer = store->current_cert; + peer = store->current_cert; if (peer) { char* issuer = CyaSSL_X509_NAME_oneline( CyaSSL_X509_get_issuer_name(peer), 0, 0); From 690938ffd4abe081c86d9893ac5cb68dbd9ee365 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 17 Aug 2012 13:45:31 -0700 Subject: [PATCH 5/5] lsr fs macros --- cyassl/ctaocrypt/settings.h | 7 +++++++ src/ssl.c | 34 +++++++++++++++++++++++----------- 2 files changed, 30 insertions(+), 11 deletions(-) diff --git a/cyassl/ctaocrypt/settings.h b/cyassl/ctaocrypt/settings.h index a617400a0..678d03294 100644 --- a/cyassl/ctaocrypt/settings.h +++ b/cyassl/ctaocrypt/settings.h @@ -158,8 +158,15 @@ #define NO_DEV_RANDOM #define NO_CYASSL_DIR #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "fs.h" + #endif #define CYASSL_LWIP #define CYASSL_SAFERTOS +#endif + +#ifdef CYASSL_SAFERTOS #ifndef SINGLE_THREADED #include "SafeRTOS/semphr.h" #endif diff --git a/src/ssl.c b/src/ssl.c index c2dc26931..875dccae6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1214,17 +1214,18 @@ static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, #define XFCLOSE vf_close #define XSEEK_END VSEEK_END #define XBADFILE -1 -#elif !defined(MICRIUM) - #define XFILE FILE* - #define XFOPEN fopen - #define XFSEEK fseek - #define XFTELL ftell - #define XREWIND rewind - #define XFREAD fread - #define XFCLOSE fclose - #define XSEEK_END SEEK_END - #define XBADFILE NULL -#else +#elif defined(LSR_FS) + #include + #define XFILE struct fs_file* + #define XFOPEN(NAME, MODE) fs_open(NAME); + #define XFSEEK + #define XFTELL(F) (F)->len + #define XREWIND + #define XFREAD(BUF, SZ, AMT, F) fs_read(F, BUF, SZ*AMT) + #define XFCLOSE fs_close + #define XSEEK_END 0 + #define XBADFILE NULL +#elif defined(MICRIUM) #include #define XFILE FS_FILE* #define XFOPEN fs_fopen @@ -1235,6 +1236,17 @@ static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, #define XFCLOSE fs_fclose #define XSEEK_END FS_SEEK_END #define XBADFILE NULL +#else + /* stdio, default case */ + #define XFILE FILE* + #define XFOPEN fopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND rewind + #define XFREAD fread + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL #endif