Allow compile-time configuration of timer callbacks

Introduces
- MBEDTLS_SSL_CONF_SET_TIMER
- MBEDTLS_SSL_CONF_GET_TIMER
which allows to configure timer callbacks at compile-time.

Impact on code-size:

|  | GCC 8.2.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before | 23379 | 23981 | 26941 |
| `libmbedtls.a` after | 23351 | 23953 | 26869 |
| gain in Bytes | 28 | 28 | 72 |
This commit is contained in:
Hanno Becker 2019-06-13 16:45:36 +01:00
parent a58a896172
commit 0ae6b244c8
11 changed files with 159 additions and 10 deletions

View file

@ -93,6 +93,8 @@
#define MBEDTLS_SSL_CONF_AUTHMODE MBEDTLS_SSL_VERIFY_REQUIRED
#define MBEDTLS_SSL_CONF_BADMAC_LIMIT 0
#define MBEDTLS_SSL_CONF_ANTI_REPLAY MBEDTLS_SSL_ANTI_REPLAY_ENABLED
#define MBEDTLS_SSL_CONF_GET_TIMER mbedtls_timing_get_delay
#define MBEDTLS_SSL_CONF_SET_TIMER mbedtls_timing_set_delay
#define MBEDTLS_SSL_CONF_RECV mbedtls_net_recv
#define MBEDTLS_SSL_CONF_SEND mbedtls_net_send
#define MBEDTLS_SSL_CONF_RECV_TIMEOUT mbedtls_net_recv_timeout

View file

@ -683,6 +683,13 @@
#define "MBEDTLS_SSL_CONF_SEND/RECV/RECV_TIMEOUT must be defined simultaneously"
#endif
#if ( defined(MBEDTLS_SSL_CONF_GET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_SET_TIMER) ) || \
( !defined(MBEDTLS_SSL_CONF_GET_TIMER) && \
defined(MBEDTLS_SSL_CONF_SET_TIMER) )
#define "MBEDTLS_SSL_CONF_GET_TIMER and MBEDTLS_SSL_CONF_SET_TIMER must be defined together."
#endif
#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
#endif

View file

@ -3601,6 +3601,18 @@
//#define MBEDTLS_SSL_CONF_CID_LEN 0
//#define MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID MBEDTLS_SSL_UNEXPECTED_CID_IGNORE
/* The timer callbacks to use by the SSL module.
* If defined,
* - MBEDTLS_SSL_CONF_SET_TIMER must evaluate to the name of an externally
* defined function with signature
* void (*f_set_timer)( void* , uint32_t, uint32_t ),
* * MBEDTLS_SSL_CONF_SEND must evaluate to the name of an externally
* defined function with signature
* int (*f_get_timer)( void* ).
*/
//#define MBEDTLS_SSL_CONF_GET_TIMER mbedtls_timing_get_delay
//#define MBEDTLS_SSL_CONF_SET_TIMER mbedtls_timing_set_delay
/* The send and receive callbacks to use by the SSL module.
* If defined,
* - MBEDTLS_SSL_CONF_RECV must evaluate to the name of an externally

View file

@ -1183,8 +1183,12 @@ struct mbedtls_ssl_context
*/
void *p_timer; /*!< context for the timer callbacks */
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER)
mbedtls_ssl_set_timer_t *f_set_timer; /*!< set timer callback */
#endif /* !MBEDTLS_SSL_CONF_SET_TIMER */
#if !defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_get_timer_t *f_get_timer; /*!< get timer callback */
#endif /* !MBEDTLS_SSL_CONF_GET_TIMER */
/*
* Record layer (incoming data)
@ -1779,6 +1783,8 @@ void mbedtls_ssl_set_mtu( mbedtls_ssl_context *ssl, uint16_t mtu );
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
#endif /* !MBEDTLS_SSL_CONF_READ_TIMEOUT */
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
/**
* \brief Set the timer callbacks (Mandatory for DTLS.)
*
@ -1796,6 +1802,12 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
* \c mbedtls_timing_get_delay() that are suitable for using
* here, except if using an event-driven style.
*
* \note On constrained systems, the timer callbacks \p f_set_timer
* and \p f_get_timer may also be configured at compile-time
* via MBEDTLS_SSL_CONF_GET_TIMER and MBEDTLS_SSL_CONF_SET_TIMER.
* In this case, the corresponding arguments to this function
* are ignored.
*
* \note See also the "DTLS tutorial" article in our knowledge base.
* https://tls.mbed.org/kb/how-to/dtls-tutorial
*/
@ -1803,6 +1815,18 @@ void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
void *p_timer,
mbedtls_ssl_set_timer_t *f_set_timer,
mbedtls_ssl_get_timer_t *f_get_timer );
#else
/**
* \brief Set the context to be passed to the timer callbacks
* (Mandatory for DTLS.)
*
* \param ssl The SSL context to configure.
* \param p_timer The context to be passed to the timer callbacks.
*
*/
void mbedtls_ssl_set_timer_cb_ctx( mbedtls_ssl_context *ssl,
void *p_timer );
#endif
/**
* \brief Callback type: generate and write session ticket

View file

@ -1291,6 +1291,44 @@ static inline unsigned int mbedtls_ssl_conf_get_anti_replay(
typedef int (*mbedtls_frng_t)( void*, unsigned char*, size_t );
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER)
static inline mbedtls_ssl_set_timer_t* mbedtls_ssl_get_set_timer(
mbedtls_ssl_context const *ssl )
{
return( ssl->f_set_timer );
}
#else /* !MBEDTLS_SSL_CONF_SET_TIMER */
#define mbedtls_ssl_conf_set_timer_func MBEDTLS_SSL_CONF_SET_TIMER
extern void mbedtls_ssl_conf_set_timer_func( void*, uint32_t, uint32_t );
static inline mbedtls_ssl_set_timer_t* mbedtls_ssl_get_set_timer(
mbedtls_ssl_context const *ssl )
{
((void) ssl);
return ((mbedtls_ssl_set_timer_t*) mbedtls_ssl_conf_set_timer_func);
}
#endif /* MBEDTLS_SSL_CONF_SET_TIMER */
#if !defined(MBEDTLS_SSL_CONF_GET_TIMER)
static inline mbedtls_ssl_get_timer_t* mbedtls_ssl_get_get_timer(
mbedtls_ssl_context const *ssl )
{
return( ssl->f_get_timer );
}
#else /* !MBEDTLS_SSL_CONF_GET_TIMER */
#define mbedtls_ssl_conf_get_timer_func MBEDTLS_SSL_CONF_GET_TIMER
extern int mbedtls_ssl_conf_get_timer_func( void* );
static inline mbedtls_ssl_get_timer_t* mbedtls_ssl_get_get_timer(
mbedtls_ssl_context const *ssl )
{
((void) ssl);
return ((mbedtls_ssl_get_timer_t*) mbedtls_ssl_conf_get_timer_func);
}
#endif /* MBEDTLS_SSL_CONF_GET_TIMER */
#if !defined(MBEDTLS_SSL_CONF_RECV)
static inline mbedtls_ssl_recv_t* mbedtls_ssl_get_recv(
mbedtls_ssl_context const *ssl )

View file

@ -81,11 +81,13 @@ static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl )
*/
static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
{
if( ssl->f_set_timer == NULL )
if( mbedtls_ssl_get_set_timer( ssl ) == NULL )
return;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) );
ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs );
mbedtls_ssl_get_set_timer( ssl )( ssl->p_timer,
millisecs / 4,
millisecs );
}
/*
@ -93,10 +95,10 @@ static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
*/
static int ssl_check_timer( mbedtls_ssl_context *ssl )
{
if( ssl->f_get_timer == NULL )
if( mbedtls_ssl_get_get_timer( ssl ) == NULL )
return( 0 );
if( ssl->f_get_timer( ssl->p_timer ) == 2 )
if( mbedtls_ssl_get_get_timer( ssl )( ssl->p_timer ) == 2 )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) );
return( -1 );
@ -3084,7 +3086,8 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
uint32_t timeout;
/* Just to be sure */
if( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL )
if( mbedtls_ssl_get_set_timer( ssl ) == NULL ||
mbedtls_ssl_get_get_timer( ssl ) == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use "
"mbedtls_ssl_set_timer_cb() for DTLS" ) );
@ -8254,6 +8257,8 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
}
#endif /* MBEDTLS_SSL_CONF_READ_TIMEOUT */
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
void *p_timer,
mbedtls_ssl_set_timer_t *f_set_timer,
@ -8262,10 +8267,18 @@ void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
ssl->p_timer = p_timer;
ssl->f_set_timer = f_set_timer;
ssl->f_get_timer = f_get_timer;
/* Make sure we start with no timer running */
ssl_set_timer( ssl, 0 );
}
#else
void mbedtls_ssl_set_timer_cb_ctx( mbedtls_ssl_context *ssl,
void *p_timer )
{
ssl->p_timer = p_timer;
/* Make sure we start with no timer running */
ssl_set_timer( ssl, 0 );
}
#endif
#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_NO_SESSION_CACHE)
void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
@ -10017,8 +10030,8 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
while( ssl->in_offt == NULL )
{
/* Start timer if not already running */
if( ssl->f_get_timer != NULL &&
ssl->f_get_timer( ssl->p_timer ) == -1 )
if( mbedtls_ssl_get_get_timer( ssl ) != NULL &&
mbedtls_ssl_get_get_timer( ssl )( ssl->p_timer ) == -1 )
{
ssl_set_timer( ssl,
mbedtls_ssl_conf_get_read_timeout( ssl->conf ) );

View file

@ -213,8 +213,15 @@ int main( int argc, char *argv[] )
mbedtls_ssl_set_bio_ctx( &ssl, &server_fd );
#endif
#if defined(MBEDTLS_TIMING_C)
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#else
mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
#endif
#endif
mbedtls_printf( " ok\n" );

View file

@ -254,8 +254,14 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_set_timer_cb( &ssl, &timer,
mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#else
mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
#endif
printf( " ok\n" );

View file

@ -2706,6 +2706,22 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID */
#if defined(MBEDTLS_SSL_CONF_GET_TIMER)
if( strcmp( "MBEDTLS_SSL_CONF_GET_TIMER", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONF_GET_TIMER );
return( 0 );
}
#endif /* MBEDTLS_SSL_CONF_GET_TIMER */
#if defined(MBEDTLS_SSL_CONF_SET_TIMER)
if( strcmp( "MBEDTLS_SSL_CONF_SET_TIMER", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONF_SET_TIMER );
return( 0 );
}
#endif /* MBEDTLS_SSL_CONF_SET_TIMER */
#if defined(MBEDTLS_SSL_CONF_RECV)
if( strcmp( "MBEDTLS_SSL_CONF_RECV", config ) == 0 )
{

View file

@ -1915,8 +1915,13 @@ int main( int argc, char *argv[] )
#endif
#if defined(MBEDTLS_TIMING_C)
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#else
mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
#endif
#endif
#if defined(MBEDTLS_ECP_RESTARTABLE)
@ -2507,9 +2512,16 @@ send_request:
#if defined(MBEDTLS_TIMING_C)
if( opt.nbio != 0 && opt.read_timeout != 0 )
{
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_set_timer_cb( &ssl, &timer,
mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#else
mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
#endif
}
#endif /* MBEDTLS_TIMING_C */
}

View file

@ -2898,8 +2898,13 @@ int main( int argc, char *argv[] )
#endif
#if defined(MBEDTLS_TIMING_C)
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_set_timer_cb( &ssl, &timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#else
mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
#endif
#endif
mbedtls_printf( " ok\n" );
@ -3515,9 +3520,16 @@ data_exchange:
#if defined(MBEDTLS_TIMING_C)
if( opt.nbio != 0 && opt.read_timeout != 0 )
{
#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && \
!defined(MBEDTLS_SSL_CONF_GET_TIMER)
mbedtls_ssl_set_timer_cb( &ssl, &timer,
mbedtls_timing_set_delay,
mbedtls_timing_get_delay );
#else
mbedtls_ssl_set_timer_cb_ctx( &ssl, &timer );
#endif
}
#endif /* MBEDTLS_TIMING_C */
}