diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index 106243462..a668cf8b1 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -30,6 +30,11 @@ #ifndef POLARSSL_CHECK_CONFIG_H #define POLARSSL_CHECK_CONFIG_H +#if defined(POLARSSL_DEPRECATED_WARNING) && \ + !defined(__GCC__) && !defined(__clang__) +#error "POLARSSL_DEPRECATED_WARNING only works with GCC and Clang" +#endif + #if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM) #error "POLARSSL_AESNI_C defined, but not all prerequisites" #endif diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h index 6773f61c6..ef8d2811f 100644 --- a/include/polarssl/cipher.h +++ b/include/polarssl/cipher.h @@ -372,6 +372,12 @@ void cipher_free( cipher_context_t *ctx ); */ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Free the cipher-specific context of ctx. Freeing ctx * itself remains the responsibility of the caller. @@ -382,7 +388,9 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); * * \returns 0 */ -int cipher_free_ctx( cipher_context_t *ctx ); +int cipher_free_ctx( cipher_context_t *ctx ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ /** * \brief Returns the block size of the given cipher. diff --git a/include/polarssl/config.h b/include/polarssl/config.h index be7da2850..63db5ee05 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -179,6 +179,34 @@ //#define POLARSSL_PLATFORM_FPRINTF_ALT //#define POLARSSL_PLATFORM_PRINTF_ALT //#define POLARSSL_PLATFORM_SNPRINTF_ALT + +/** + * \def POLARSSL_DEPRECATED_WARNING + * + * Mark deprecated functions so that they generate a warning if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * This only works with GCC and Clang. With other compilers, you may want to + * use POLARSSL_DEPRECATED_REMOVED + * + * Uncomment to get warnings on using deprecated functions. + */ +//#define POLARSSL_DEPRECATED_WARNING + +/** + * \def POLARSSL_DEPRECATED_REMOVED + * + * Remove deprecated functions so that they generate an error if used. + * Functions deprecated in one version will usually be removed in the next + * version. You can enable this to help you prepare the transition to a new + * major version by making sure your code is not using these functions. + * + * Uncomment to get errors on using deprecated functions. + */ +//#define POLARSSL_DEPRECATED_REMOVED + /* \} name SECTION: System support */ /** diff --git a/include/polarssl/md.h b/include/polarssl/md.h index 95da80be8..303aee820 100644 --- a/include/polarssl/md.h +++ b/include/polarssl/md.h @@ -200,6 +200,12 @@ void md_free( md_context_t *ctx ); */ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Free the message-specific context of ctx. Freeing ctx itself * remains the responsibility of the caller. @@ -210,7 +216,9 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); * * \returns 0 */ -int md_free_ctx( md_context_t *ctx ); +int md_free_ctx( md_context_t *ctx ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ /** * \brief Returns the size of the message digest output. diff --git a/include/polarssl/memory.h b/include/polarssl/memory.h index 8312beb95..8b8ac5dc4 100644 --- a/include/polarssl/memory.h +++ b/include/polarssl/memory.h @@ -37,16 +37,26 @@ #include "platform.h" #include "memory_buffer_alloc.h" +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Set malloc() / free() callback * * \deprecated Use platform_set_malloc_free instead */ +int memory_set_own( void * (*malloc_func)( size_t ), + void (*free_func)( void * ) ) DEPRECATED; int memory_set_own( void * (*malloc_func)( size_t ), void (*free_func)( void * ) ) { return platform_set_malloc_free( malloc_func, free_func ); } +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* memory.h */ diff --git a/include/polarssl/pbkdf2.h b/include/polarssl/pbkdf2.h index e842c838a..28987b3f7 100644 --- a/include/polarssl/pbkdf2.h +++ b/include/polarssl/pbkdf2.h @@ -45,6 +45,12 @@ typedef UINT32 uint32_t; extern "C" { #endif +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief PKCS#5 PBKDF2 using HMAC * @@ -64,7 +70,7 @@ extern "C" { int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, - uint32_t key_length, unsigned char *output ); + uint32_t key_length, unsigned char *output ) DEPRECATED; /** * \brief Checkup routine @@ -73,7 +79,9 @@ int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, * * \return 0 if successful, or 1 if the test failed */ -int pbkdf2_self_test( int verbose ); +int pbkdf2_self_test( int verbose ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ #ifdef __cplusplus } diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 8e8213797..cd9f770e9 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -1213,6 +1213,12 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_crt *ca_chain, int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, pk_context *pk_key ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif #if defined(POLARSSL_RSA_C) /** * \brief Set own certificate chain and private RSA key @@ -1230,7 +1236,7 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, * \return 0 on success, or a specific error code. */ int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, - rsa_context *rsa_key ); + rsa_context *rsa_key ) DEPRECATED; #endif /* POLARSSL_RSA_C */ /** @@ -1261,7 +1267,9 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, void *rsa_key, rsa_decrypt_func rsa_decrypt, rsa_sign_func rsa_sign, - rsa_key_len_func rsa_key_len ); + rsa_key_len_func rsa_key_len ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* POLARSSL_X509_CRT_PARSE_C */ #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 9dda082a5..0dece0634 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -225,6 +225,12 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn ); */ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); +#if ! defined(POLARSSL_DEPRECATED_REMOVED) +#if defined(POLARSSL_DEPRECATED_WARNING) +#define DEPRECATED __attribute__((deprecated)) +#else +#define DEPRECATED +#endif /** * \brief Give an known OID, return its descriptive string. * @@ -237,7 +243,7 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); * \return Return a string if the OID is known, * or NULL otherwise. */ -const char *x509_oid_get_description( x509_buf *oid ); +const char *x509_oid_get_description( x509_buf *oid ) DEPRECATED; /** * \brief Give an OID, return a string version of its OID number. @@ -251,7 +257,9 @@ const char *x509_oid_get_description( x509_buf *oid ); * \return Length of the string written (excluding final NULL) or * POLARSSL_ERR_OID_BUF_TO_SMALL in case of error */ -int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ); +int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) DEPRECATED; +#undef DEPRECATED +#endif /* POLARSSL_DEPRECATED_REMOVED */ /** * \brief Check a given x509_time against the system time and check diff --git a/library/cipher.c b/library/cipher.c index 516fa0084..b69d33106 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -165,13 +165,14 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ) return( 0 ); } -/* compatibility wrapper */ +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int cipher_free_ctx( cipher_context_t *ctx ) { cipher_free( ctx ); return( 0 ); } +#endif int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int key_length, const operation_t operation ) diff --git a/library/md.c b/library/md.c index fbdab9117..cf4d7e334 100644 --- a/library/md.c +++ b/library/md.c @@ -203,12 +203,14 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) return( 0 ); } +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int md_free_ctx( md_context_t *ctx ) { md_free( ctx ); return( 0 ); } +#endif int md_starts( md_context_t *ctx ) { diff --git a/library/pbkdf2.c b/library/pbkdf2.c index b4ef19500..783e4a8be 100644 --- a/library/pbkdf2.c +++ b/library/pbkdf2.c @@ -41,6 +41,7 @@ #include "polarssl/pbkdf2.h" #include "polarssl/pkcs5.h" +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, const unsigned char *salt, size_t slen, unsigned int iteration_count, @@ -49,12 +50,15 @@ int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count, key_length, output ); } +#endif #if defined(POLARSSL_SELF_TEST) +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int pbkdf2_self_test( int verbose ) { return pkcs5_self_test( verbose ); } +#endif #endif /* POLARSSL_SELF_TEST */ #endif /* POLARSSL_PBKDF2_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 77bb9adb2..515b90355 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3976,6 +3976,7 @@ int ssl_set_own_cert( ssl_context *ssl, x509_crt *own_cert, return( 0 ); } +#if ! defined(POLARSSL_DEPRECATED_REMOVED) #if defined(POLARSSL_RSA_C) int ssl_set_own_cert_rsa( ssl_context *ssl, x509_crt *own_cert, rsa_context *rsa_key ) @@ -4033,6 +4034,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, return( 0 ); } +#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* POLARSSL_X509_CRT_PARSE_C */ #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) diff --git a/library/x509.c b/library/x509.c index b35663d8c..922f023db 100644 --- a/library/x509.c +++ b/library/x509.c @@ -880,6 +880,7 @@ int x509_key_size_helper( char *buf, size_t size, const char *name ) /* * Return an informational string describing the given OID */ +#if ! defined(POLARSSL_DEPRECATED_REMOVED) const char *x509_oid_get_description( x509_buf *oid ) { const char *desc = NULL; @@ -892,12 +893,15 @@ const char *x509_oid_get_description( x509_buf *oid ) return( desc ); } +#endif /* Return the x.y.z.... style numeric string for the given OID */ +#if ! defined(POLARSSL_DEPRECATED_REMOVED) int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) { return oid_get_numeric_string( buf, size, oid ); } +#endif /* * Return 0 if the x509_time is still valid, or 1 otherwise.