Overview
Comment: | Initial support for Mbed TLS
Mbed TLS is never automatically picked as a TLS implementation and |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
11b2a175958b6486036d8c05bdb26ec0 |
User & Date: | js on 2024-01-06 00:52:48 |
Other Links: | manifest | tags |
References
2024-01-06
| ||
01:09 | • Fixed ticket [043f2b5021]: Support mbedTLS plus 4 other changes artifact: f54c29bc11 user: js | |
Context
2024-01-06
| ||
01:00 | Fix compilation of OFOpenSSLTLSStream check-in: 64d9603a4f user: js tags: trunk | |
00:52 | Initial support for Mbed TLS check-in: 11b2a17595 user: js tags: trunk | |
2024-01-04
| ||
19:05 | Add new signing key check-in: b4c4812b7b user: js tags: trunk | |
Changes
Modified configure.ac from [76febf4d8b] to [17ac08d8ed].
︙ | |||
1780 1781 1782 1783 1784 1785 1786 | 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 | - + + | ]) ;; esac AC_ARG_WITH(tls, AS_HELP_STRING([--with-tls], [ enable TLS support using the specified library |
︙ | |||
1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 | 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 | + + + + + + + + + + + + + + + + + + + + + + | AC_SUBST(OF_GNUTLS_TLS_STREAM_M, "OFGnuTLSTLSStream.m") ], [ dnl Disable default action-if-not-found, which exits dnl configure with an error. : ]) ]) AS_IF([test x"$with_tls" = x"mbedtls"], [ AC_ARG_WITH(mbedtls-ca-path, AS_HELP_STRING([path to CA file for Mbed TLS])) AS_IF([test x"$with_mbedtls_ca_path" = x""], [ AC_MSG_ERROR([--mbedtls-ca-path needs to be specified!]) ]) AC_DEFINE_UNQUOTED(OF_MBEDTLS_CA_PATH, "$with_mbedtls_ca_path", [Path to CA file for Mbed TLS]) AC_CHECK_LIB(mbedtls, mbedtls_net_init, [ AC_CHECK_HEADER(mbedtls/ssl.h, [ tls_support="Mbed TLS" TLS_LIBS="-lmbedx509 -lmbedcrypto $TLS_LIBS" TLS_LIBS="-lmbedtls $TLS_LIBS" AC_SUBST(OF_MBEDTLS_TLS_STREAM_M, "OFMbedTLSTLSStream.m") ]) ], [], [-lmbedx509 -lmbedcrypto]) ]) AS_IF([test x"$tls_support" != x"no"], [ AC_SUBST(TLS, "tls") AC_SUBST(TLS_CPPFLAGS) AC_SUBST(TLS_LIBS) AC_DEFINE(HAVE_TLS_SUPPORT, 1, [Whether we have an implementation for TLS]) |
︙ |
Modified extra.mk.in from [583d9fdd30] to [b53f574989].
︙ | |||
54 55 56 57 58 59 60 61 62 63 64 65 66 67 | 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 | + | OFHTTP = @OFHTTP@ OFHTTP_LIBS = @OFHTTP_LIBS@ OF_BLOCK_TESTS_M = @OF_BLOCK_TESTS_M@ OF_EPOLL_KERNEL_EVENT_OBSERVER_M = @OF_EPOLL_KERNEL_EVENT_OBSERVER_M@ OF_GNUTLS_TLS_STREAM_M = @OF_GNUTLS_TLS_STREAM_M@ OF_HTTP_CLIENT_TESTS_M = @OF_HTTP_CLIENT_TESTS_M@ OF_KQUEUE_KERNEL_EVENT_OBSERVER_M = @OF_KQUEUE_KERNEL_EVENT_OBSERVER_M@ OF_MBEDTLS_TLS_STREAM_M = @OF_MBEDTLS_TLS_STREAM_M@ OF_OPENSSL_TLS_STREAM_M = @OF_OPENSSL_TLS_STREAM_M@ OF_POLL_KERNEL_EVENT_OBSERVER_M = @OF_POLL_KERNEL_EVENT_OBSERVER_M@ OF_SECURE_TRANSPORT_TLS_STREAM_M = @OF_SECURE_TRANSPORT_TLS_STREAM_M@ OF_SELECT_KERNEL_EVENT_OBSERVER_M = @OF_SELECT_KERNEL_EVENT_OBSERVER_M@ OF_SUBPROCESS_M = @OF_SUBPROCESS_M@ REEXPORT_RUNTIME = @REEXPORT_RUNTIME@ REEXPORT_RUNTIME_FRAMEWORK = @REEXPORT_RUNTIME_FRAMEWORK@ |
︙ |
Modified src/OFTLSStream.h from [0af95e980d] to [57d0bfe49e].
︙ | |||
110 111 112 113 114 115 116 117 118 119 120 121 122 123 | 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 | + + + | + (instancetype)streamWithStream: (OFStream <OFReadyForReadingObserving, OFReadyForWritingObserving> *)stream; /** * @brief Initializes the TLS stream with the specified stream as its * underlying stream. * * @note The delegate of the specified stream will be changed to the TLS * stream. You must not change this before the TLS session is completed. * * @param stream The stream to use as underlying stream. Must not be closed * before the TLS stream is closed. * @return An initialized TLS stream */ - (instancetype)initWithStream: (OFStream <OFReadyForReadingObserving, OFReadyForWritingObserving> *)stream OF_DESIGNATED_INITIALIZER; |
︙ |
Modified src/tls/Makefile from [730d8ef9c1] to [9769a7e248].
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | + | include ../../extra.mk DISTCLEAN = Info.plist SHARED_LIB = ${OBJFWTLS_SHARED_LIB} STATIC_LIB = ${OBJFWTLS_STATIC_LIB} FRAMEWORK = ${OBJFWTLS_FRAMEWORK} LIB_MAJOR = ${OBJFWTLS_LIB_MAJOR} LIB_MINOR = ${OBJFWTLS_LIB_MINOR} LIB_PATCH = ${OBJFWTLS_LIB_PATCH} INCLUDES := ObjFWTLS.h SRCS = ${OF_GNUTLS_TLS_STREAM_M} \ ${OF_MBEDTLS_TLS_STREAM_M} \ ${OF_OPENSSL_TLS_STREAM_M} \ ${OF_SECURE_TRANSPORT_TLS_STREAM_M} includesubdir = ObjFWTLS include ../../buildsys.mk CPPFLAGS += -I. -I.. -I../.. -I../exceptions -I../runtime ${TLS_CPPFLAGS} LD = ${OBJC} FRAMEWORK_LIBS := ${TLS_LIBS} -F.. -framework ObjFW ${LIBS} LIBS := ${TLS_LIBS} -L.. -lobjfw -L../runtime ${RUNTIME_LIBS} ${LIBS} |
Modified src/tls/OFGnuTLSTLSStream.m from [96b9c1a36c] to [570186048d].
︙ | |||
123 124 125 126 127 128 129 | 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 | - + | if (!_initialized) @throw [OFNotOpenException exceptionWithObject: self]; if (_handshakeDone) gnutls_bye(_session, GNUTLS_SHUT_WR); gnutls_deinit(_session); |
︙ | |||
235 236 237 238 239 240 241 | 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 | - + - - + | if (_verifiesCertificates) gnutls_session_set_verify_cert(_session, _host.UTF8String, 0); status = gnutls_handshake(_session); if (status == GNUTLS_E_INTERRUPTED || status == GNUTLS_E_AGAIN) { if (gnutls_record_get_direction(_session) == 1) |
︙ | |||
266 267 268 269 270 271 272 | 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 | - + - - - + | didPerformClientHandshakeWithHost: host exception: exception]; } - (bool)stream: (OFStream *)stream didReadIntoBuffer: (void *)buffer length: (size_t)length |
︙ |
Added src/tls/OFMbedTLSTLSStream.h version [b21f7f1267].
|
Added src/tls/OFMbedTLSTLSStream.m version [14845fbfc0].