yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-24 23:01:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Also compiles / runs without time-based functions in OS

Browse source 
Can now run without need of time() / localtime() and gettimeofday()
This commit is contained in:
Paul Bakker 2013-07-03 15:31:03 +02:00
parent ecd54fb897
commit fa9b10050b
13 changed files with 119 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ChangeLog
View file

@ -10,6 +10,7 @@ Features
* PSK and DHE-PSK based ciphersuites added * PSK and DHE-PSK based ciphersuites added
* Memory allocation abstraction layer added * Memory allocation abstraction layer added
* Buffer-based memory allocator added (no malloc() / free() / HEAP usage) * Buffer-based memory allocator added (no malloc() / free() / HEAP usage)
* Also compiles / runs without time-based functions (!POLARSSL_HAVE_TIME)
Changes Changes
* Introduced separate SSL Ciphersuites module that is based on * Introduced separate SSL Ciphersuites module that is based on

9
include/polarssl/config.h
View file

@ -94,6 +94,15 @@
* *
#define POLARSSL_HAVE_SSE2 #define POLARSSL_HAVE_SSE2
*/ */
/**
* \def POLARSSL_HAVE_TIME
*
* System has time.h and time() / localtime() / gettimeofday()
*
* Comment if your system does not support time functions
*/
#define POLARSSL_HAVE_TIME
/* \} name */ /* \} name */
/** /**

8
include/polarssl/ssl.h
View file

@ -27,8 +27,6 @@
#ifndef POLARSSL_SSL_H #ifndef POLARSSL_SSL_H
#define POLARSSL_SSL_H #define POLARSSL_SSL_H
#include <time.h>
#include "config.h" #include "config.h"
#include "net.h" #include "net.h"
#include "bignum.h" #include "bignum.h"
@ -60,6 +58,10 @@
#include "zlib.h" #include "zlib.h"
#endif #endif
#if defined(POLARSSL_HAVE_TIME)
#include <time.h>
#endif
#if defined(_MSC_VER) && !defined(inline) #if defined(_MSC_VER) && !defined(inline)
#define inline _inline #define inline _inline
#else #else
@ -306,7 +308,9 @@ typedef struct _ssl_handshake_params ssl_handshake_params;
*/ */
struct _ssl_session struct _ssl_session
{ {
#if defined(POLARSSL_HAVE_TIME)
time_t start; /*!< starting time */ time_t start; /*!< starting time */
#endif
int ciphersuite; /*!< chosen ciphersuite */ int ciphersuite; /*!< chosen ciphersuite */
int compression; /*!< chosen compression */ int compression; /*!< chosen compression */
size_t length; /*!< session id length */ size_t length; /*!< session id length */

4
include/polarssl/ssl_cache.h
View file

@ -46,7 +46,9 @@ typedef struct _ssl_cache_entry ssl_cache_entry;
*/ */
struct _ssl_cache_entry struct _ssl_cache_entry
{ {
#if defined(POLARSSL_HAVE_TIME)
time_t timestamp; /*!< entry timestamp */ time_t timestamp; /*!< entry timestamp */
#endif
ssl_session session; /*!< entry session */ ssl_session session; /*!< entry session */
#if defined(POLARSSL_X509_PARSE_C) #if defined(POLARSSL_X509_PARSE_C)
x509_buf peer_cert; /*!< entry peer_cert */ x509_buf peer_cert; /*!< entry peer_cert */
@ -87,6 +89,7 @@ int ssl_cache_get( void *data, ssl_session *session );
*/ */
int ssl_cache_set( void *data, const ssl_session *session ); int ssl_cache_set( void *data, const ssl_session *session );
#if defined(POLARSSL_HAVE_TIME)
/** /**
* \brief Set the cache timeout * \brief Set the cache timeout
* (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day)) * (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day))
@ -97,6 +100,7 @@ int ssl_cache_set( void *data, const ssl_session *session );
* \param timeout cache entry timeout * \param timeout cache entry timeout
*/ */
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ); void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
#endif /* POLARSSL_HAVE_TIME */
/** /**
* \brief Set the cache timeout * \brief Set the cache timeout

1
library/asn1parse.c
View file

@ -42,7 +42,6 @@
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <time.h>
/* /*
* ASN.1 DER decoding routines * ASN.1 DER decoding routines

1
library/havege.c
View file

@ -38,7 +38,6 @@
#include "polarssl/timing.h" #include "polarssl/timing.h"
#include <string.h> #include <string.h>
#include <time.h>
/* ------------------------------------------------------------------------ /* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK * On average, one iteration accesses two 8-word blocks in the havege WALK

9
library/net.c
View file

@ -1,7 +1,7 @@
/* /*
* TCP networking functions * TCP networking functions
* *
* Copyright (C) 2006-2010, Brainspark B.V. * Copyright (C) 2006-2013, Brainspark B.V.
* *
* This file is part of PolarSSL (http://www.polarssl.org) * This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@ -52,7 +52,9 @@ static int wsa_init_done = 0;
#include <sys/socket.h> #include <sys/socket.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#if defined(POLARSSL_HAVE_TIME)
#include <sys/time.h> #include <sys/time.h>
#endif
#include <unistd.h> #include <unistd.h>
#include <signal.h> #include <signal.h>
#include <fcntl.h> #include <fcntl.h>
@ -74,7 +76,10 @@ static int wsa_init_done = 0;
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#if defined(POLARSSL_HAVE_TIME)
#include <time.h> #include <time.h>
#endif
#ifdef _MSC_VER #ifdef _MSC_VER
#include <basetsd.h> #include <basetsd.h>
@ -293,6 +298,7 @@ int net_set_nonblock( int fd )
#endif #endif
} }
#if defined(POLARSSL_HAVE_TIME)
/* /*
* Portable usleep helper * Portable usleep helper
*/ */
@ -303,6 +309,7 @@ void net_usleep( unsigned long usec )
tv.tv_usec = usec; tv.tv_usec = usec;
select( 0, NULL, NULL, NULL, &tv ); select( 0, NULL, NULL, NULL, &tv );
} }
#endif /* POLARSSL_HAVE_TIME */
/* /*
* Read at most 'len' characters * Read at most 'len' characters

43
library/ssl_cache.c
View file

@ -52,7 +52,9 @@ void ssl_cache_init( ssl_cache_context *cache )
int ssl_cache_get( void *data, ssl_session *session ) int ssl_cache_get( void *data, ssl_session *session )
{ {
#if defined(POLARSSL_HAVE_TIME)
time_t t = time( NULL ); time_t t = time( NULL );
#endif
ssl_cache_context *cache = (ssl_cache_context *) data; ssl_cache_context *cache = (ssl_cache_context *) data;
ssl_cache_entry *cur, *entry; ssl_cache_entry *cur, *entry;
@ -64,9 +66,11 @@ int ssl_cache_get( void *data, ssl_session *session )
entry = cur; entry = cur;
cur = cur->next; cur = cur->next;
#if defined(POLARSSL_HAVE_TIME)
if( cache->timeout != 0 && if( cache->timeout != 0 &&
(int) ( t - entry->timestamp ) > cache->timeout ) (int) ( t - entry->timestamp ) > cache->timeout )
continue; continue;
#endif
if( session->ciphersuite != entry->session.ciphersuite || if( session->ciphersuite != entry->session.ciphersuite ||
session->compression != entry->session.compression || session->compression != entry->session.compression ||
@ -108,9 +112,12 @@ int ssl_cache_get( void *data, ssl_session *session )
int ssl_cache_set( void *data, const ssl_session *session ) int ssl_cache_set( void *data, const ssl_session *session )
{ {
#if defined(POLARSSL_HAVE_TIME)
time_t t = time( NULL ), oldest = 0; time_t t = time( NULL ), oldest = 0;
ssl_cache_entry *old = NULL;
#endif
ssl_cache_context *cache = (ssl_cache_context *) data; ssl_cache_context *cache = (ssl_cache_context *) data;
ssl_cache_entry *cur, *prv, *old = NULL; ssl_cache_entry *cur, *prv;
int count = 0; int count = 0;
cur = cache->chain; cur = cache->chain;
@ -120,21 +127,25 @@ int ssl_cache_set( void *data, const ssl_session *session )
{ {
count++; count++;
#if defined(POLARSSL_HAVE_TIME)
if( cache->timeout != 0 && if( cache->timeout != 0 &&
(int) ( t - cur->timestamp ) > cache->timeout ) (int) ( t - cur->timestamp ) > cache->timeout )
{ {
cur->timestamp = t; cur->timestamp = t;
break; /* expired, reuse this slot, update timestamp */ break; /* expired, reuse this slot, update timestamp */
} }
#endif
if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 ) if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 )
break; /* client reconnected, keep timestamp for session id */ break; /* client reconnected, keep timestamp for session id */
#if defined(POLARSSL_HAVE_TIME)
if( oldest == 0 || cur->timestamp < oldest ) if( oldest == 0 || cur->timestamp < oldest )
{ {
oldest = cur->timestamp; oldest = cur->timestamp;
old = cur; old = cur;
} }
#endif
prv = cur; prv = cur;
cur = cur->next; cur = cur->next;
@ -142,6 +153,7 @@ int ssl_cache_set( void *data, const ssl_session *session )
if( cur == NULL ) if( cur == NULL )
{ {
#if defined(POLARSSL_HAVE_TIME)
/* /*
* Reuse oldest entry if max_entries reached * Reuse oldest entry if max_entries reached
*/ */
@ -157,6 +169,31 @@ int ssl_cache_set( void *data, const ssl_session *session )
} }
#endif /* POLARSSL_X509_PARSE_C */ #endif /* POLARSSL_X509_PARSE_C */
} }
#else /* POLARSSL_HAVE_TIME */
/*
* Reuse first entry in chain if max_entries reached,
* but move to last place
*/
if( count >= cache->max_entries )
{
if( cache->chain == NULL )
return( 1 );
cur = cache->chain;
cache->chain = cur->next;
#if defined(POLARSSL_X509_PARSE_C)
if( cur->peer_cert.p != NULL )
{
polarssl_free( cur->peer_cert.p );
memset( &cur->peer_cert, 0, sizeof(x509_buf) );
}
#endif /* POLARSSL_X509_PARSE_C */
memset( cur, 0, sizeof(ssl_cache_entry) );
prv->next = cur;
}
#endif /* POLARSSL_HAVE_TIME */
else else
{ {
cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) ); cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) );
@ -171,7 +208,9 @@ int ssl_cache_set( void *data, const ssl_session *session )
prv->next = cur; prv->next = cur;
} }
#if defined(POLARSSL_HAVE_TIME)
cur->timestamp = t; cur->timestamp = t;
#endif
} }
memcpy( &cur->session, session, sizeof( ssl_session ) ); memcpy( &cur->session, session, sizeof( ssl_session ) );
@ -197,12 +236,14 @@ int ssl_cache_set( void *data, const ssl_session *session )
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_HAVE_TIME)
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ) void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout )
{ {
if( timeout < 0 ) timeout = 0; if( timeout < 0 ) timeout = 0;
cache->timeout = timeout; cache->timeout = timeout;
} }
#endif /* POLARSSL_HAVE_TIME */
void ssl_cache_set_max_entries( ssl_cache_context *cache, int max ) void ssl_cache_set_max_entries( ssl_cache_context *cache, int max )
{ {

33
library/ssl_cli.c
View file

@ -32,7 +32,17 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#ifdef _MSC_VER
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#if defined(POLARSSL_HAVE_TIME)
#include <time.h> #include <time.h>
#endif
static void ssl_write_hostname_ext( ssl_context *ssl, static void ssl_write_hostname_ext( ssl_context *ssl,
unsigned char *buf, unsigned char *buf,
@ -265,7 +275,9 @@ static int ssl_write_client_hello( ssl_context *ssl )
size_t i, n, olen, ext_len = 0; size_t i, n, olen, ext_len = 0;
unsigned char *buf; unsigned char *buf;
unsigned char *p, *q; unsigned char *p, *q;
#if defined(POLARSSL_HAVE_TIME)
time_t t; time_t t;
#endif
const int *ciphersuites; const int *ciphersuites;
const ssl_ciphersuite_t *ciphersuite_info; const ssl_ciphersuite_t *ciphersuite_info;
@ -299,6 +311,7 @@ static int ssl_write_client_hello( ssl_context *ssl )
SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]",
buf[4], buf[5] ) ); buf[4], buf[5] ) );
#if defined(POLARSSL_HAVE_TIME)
t = time( NULL ); t = time( NULL );
*p++ = (unsigned char)( t >> 24 ); *p++ = (unsigned char)( t >> 24 );
*p++ = (unsigned char)( t >> 16 ); *p++ = (unsigned char)( t >> 16 );
@ -306,6 +319,12 @@ static int ssl_write_client_hello( ssl_context *ssl )
*p++ = (unsigned char)( t ); *p++ = (unsigned char)( t );
SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
#else
if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 )
return( ret );
p += 4;
#endif
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
return( ret ); return( ret );
@ -483,9 +502,7 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
static int ssl_parse_server_hello( ssl_context *ssl ) static int ssl_parse_server_hello( ssl_context *ssl )
{ {
#if defined(POLARSSL_DEBUG_C) uint32_t t;
time_t t;
#endif
int ret, i, comp; int ret, i, comp;
size_t n; size_t n;
size_t ext_len = 0; size_t ext_len = 0;
@ -548,10 +565,10 @@ static int ssl_parse_server_hello( ssl_context *ssl )
} }
#if defined(POLARSSL_DEBUG_C) #if defined(POLARSSL_DEBUG_C)
t = ( (time_t) buf[6] << 24 ) t = ( (uint32_t) buf[6] << 24 )
| ( (time_t) buf[7] << 16 ) | ( (uint32_t) buf[7] << 16 )
| ( (time_t) buf[8] << 8 ) | ( (uint32_t) buf[8] << 8 )
| ( (time_t) buf[9] ); | ( (uint32_t) buf[9] );
#endif #endif
memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 );
@ -619,7 +636,9 @@ static int ssl_parse_server_hello( ssl_context *ssl )
{ {
ssl->state++; ssl->state++;
ssl->handshake->resume = 0; ssl->handshake->resume = 0;
#if defined(POLARSSL_HAVE_TIME)
ssl->session_negotiate->start = time( NULL ); ssl->session_negotiate->start = time( NULL );
#endif
ssl->session_negotiate->ciphersuite = i; ssl->session_negotiate->ciphersuite = i;
ssl->session_negotiate->compression = comp; ssl->session_negotiate->compression = comp;
ssl->session_negotiate->length = n; ssl->session_negotiate->length = n;

12
library/ssl_srv.c
View file

@ -35,7 +35,10 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#if defined(POLARSSL_HAVE_TIME)
#include <time.h> #include <time.h>
#endif
static int ssl_parse_servername_ext( ssl_context *ssl, static int ssl_parse_servername_ext( ssl_context *ssl,
const unsigned char *buf, const unsigned char *buf,
@ -933,7 +936,9 @@ have_ciphersuite:
static int ssl_write_server_hello( ssl_context *ssl ) static int ssl_write_server_hello( ssl_context *ssl )
{ {
#if defined(POLARSSL_HAVE_TIME)
time_t t; time_t t;
#endif
int ret, n; int ret, n;
size_t ext_len = 0; size_t ext_len = 0;
unsigned char *buf, *p; unsigned char *buf, *p;
@ -956,6 +961,7 @@ static int ssl_write_server_hello( ssl_context *ssl )
SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]",
buf[4], buf[5] ) ); buf[4], buf[5] ) );
#if defined(POLARSSL_HAVE_TIME)
t = time( NULL ); t = time( NULL );
*p++ = (unsigned char)( t >> 24 ); *p++ = (unsigned char)( t >> 24 );
*p++ = (unsigned char)( t >> 16 ); *p++ = (unsigned char)( t >> 16 );
@ -963,6 +969,12 @@ static int ssl_write_server_hello( ssl_context *ssl )
*p++ = (unsigned char)( t ); *p++ = (unsigned char)( t );
SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
#else
if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 )
return( ret );
p += 4;
#endif
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
return( ret ); return( ret );

1
library/ssl_tls.c
View file

@ -54,7 +54,6 @@
#endif #endif
#include <stdlib.h> #include <stdlib.h>
#include <time.h>
#if defined _MSC_VER && !defined strcasecmp #if defined _MSC_VER && !defined strcasecmp
#define strcasecmp _stricmp #define strcasecmp _stricmp

8
library/x509parse.c
View file

@ -2875,6 +2875,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix,
/* /*
* Return 0 if the x509_time is still valid, or 1 otherwise. * Return 0 if the x509_time is still valid, or 1 otherwise.
*/ */
#if defined(POLARSSL_HAVE_TIME)
int x509parse_time_expired( const x509_time *to ) int x509parse_time_expired( const x509_time *to )
{ {
int year, mon, day; int year, mon, day;
@ -2941,6 +2942,13 @@ int x509parse_time_expired( const x509_time *to )
return( 0 ); return( 0 );
} }
#else /* POLARSSL_HAVE_TIME */
int x509parse_time_expired( const x509_time *to )
{
((void) to);
return( 0 );
}
#endif /* POLARSSL_HAVE_TIME */
/* /*
* Return 1 if the certificate is revoked, or 0 otherwise. * Return 1 if the certificate is revoked, or 0 otherwise.

5
programs/ssl/ssl_fork_server.c
View file

@ -56,7 +56,7 @@
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \ !defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \ !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
!defined(POLARSSL_X509_PARSE_C) !defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_TIMING_C)
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
((void) argc); ((void) argc);
@ -65,7 +65,8 @@ int main( int argc, char *argv[] )
printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C " printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or " "and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or " "POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_PARSE_C not defined.\n"); "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_PARSE_C and/or "
"POLARSSL_TIMING_C not defined.\n");
return( 0 ); return( 0 );
} }
#elif defined(_WIN32) #elif defined(_WIN32)