mbed TLS upgraded to 2.6.0
Fork of mbedtls by
scripts/config.pl@1:9ebc941037d5, 2017-09-29 (annotated)
- Committer:
- Jasper Wallace
- Date:
- Fri Sep 29 18:41:59 2017 +0100
- Revision:
- 1:9ebc941037d5
- Child:
- 2:bbdeda018a3c
Update to mbedtls 2.4.2, security fixes
Changes to mbedtls sources made:
in include/mbedtls/config.h comment out:
#define MBEDTLS_FS_IO
#define MBEDTLS_NET_C
#define MBEDTLS_TIMING_C
uncomment:
#define MBEDTLS_NO_PLATFORM_ENTROPY
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
Jasper Wallace |
1:9ebc941037d5 | 1 | #!/usr/bin/perl |
Jasper Wallace |
1:9ebc941037d5 | 2 | # |
Jasper Wallace |
1:9ebc941037d5 | 3 | # This file is part of mbed TLS (https://tls.mbed.org) |
Jasper Wallace |
1:9ebc941037d5 | 4 | # |
Jasper Wallace |
1:9ebc941037d5 | 5 | # Copyright (c) 2014-2016, ARM Limited, All Rights Reserved |
Jasper Wallace |
1:9ebc941037d5 | 6 | # |
Jasper Wallace |
1:9ebc941037d5 | 7 | # Purpose |
Jasper Wallace |
1:9ebc941037d5 | 8 | # |
Jasper Wallace |
1:9ebc941037d5 | 9 | # Comments and uncomments #define lines in the given header file and optionally |
Jasper Wallace |
1:9ebc941037d5 | 10 | # sets their value or can get the value. This is to provide scripting control of |
Jasper Wallace |
1:9ebc941037d5 | 11 | # what preprocessor symbols, and therefore what build time configuration flags |
Jasper Wallace |
1:9ebc941037d5 | 12 | # are set in the 'config.h' file. |
Jasper Wallace |
1:9ebc941037d5 | 13 | # |
Jasper Wallace |
1:9ebc941037d5 | 14 | # Usage: config.pl [-f <file> | --file <file>] [-o | --force] |
Jasper Wallace |
1:9ebc941037d5 | 15 | # [set <symbol> <value> | unset <symbol> | get <symbol> | |
Jasper Wallace |
1:9ebc941037d5 | 16 | # full | realfull] |
Jasper Wallace |
1:9ebc941037d5 | 17 | # |
Jasper Wallace |
1:9ebc941037d5 | 18 | # Full usage description provided below. |
Jasper Wallace |
1:9ebc941037d5 | 19 | # |
Jasper Wallace |
1:9ebc941037d5 | 20 | # Things that shouldn't be enabled with "full". |
Jasper Wallace |
1:9ebc941037d5 | 21 | # |
Jasper Wallace |
1:9ebc941037d5 | 22 | # MBEDTLS_TEST_NULL_ENTROPY |
Jasper Wallace |
1:9ebc941037d5 | 23 | # MBEDTLS_DEPRECATED_REMOVED |
Jasper Wallace |
1:9ebc941037d5 | 24 | # MBEDTLS_HAVE_SSE2 |
Jasper Wallace |
1:9ebc941037d5 | 25 | # MBEDTLS_PLATFORM_NO_STD_FUNCTIONS |
Jasper Wallace |
1:9ebc941037d5 | 26 | # MBEDTLS_ECP_DP_M221_ENABLED |
Jasper Wallace |
1:9ebc941037d5 | 27 | # MBEDTLS_ECP_DP_M383_ENABLED |
Jasper Wallace |
1:9ebc941037d5 | 28 | # MBEDTLS_ECP_DP_M511_ENABLED |
Jasper Wallace |
1:9ebc941037d5 | 29 | # MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
Jasper Wallace |
1:9ebc941037d5 | 30 | # MBEDTLS_NO_PLATFORM_ENTROPY |
Jasper Wallace |
1:9ebc941037d5 | 31 | # MBEDTLS_REMOVE_ARC4_CIPHERSUITES |
Jasper Wallace |
1:9ebc941037d5 | 32 | # MBEDTLS_SSL_HW_RECORD_ACCEL |
Jasper Wallace |
1:9ebc941037d5 | 33 | # MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
Jasper Wallace |
1:9ebc941037d5 | 34 | # MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
Jasper Wallace |
1:9ebc941037d5 | 35 | # - this could be enabled if the respective tests were adapted |
Jasper Wallace |
1:9ebc941037d5 | 36 | # MBEDTLS_ZLIB_SUPPORT |
Jasper Wallace |
1:9ebc941037d5 | 37 | # MBEDTLS_PKCS11_C |
Jasper Wallace |
1:9ebc941037d5 | 38 | # and any symbol beginning _ALT |
Jasper Wallace |
1:9ebc941037d5 | 39 | # |
Jasper Wallace |
1:9ebc941037d5 | 40 | |
Jasper Wallace |
1:9ebc941037d5 | 41 | use warnings; |
Jasper Wallace |
1:9ebc941037d5 | 42 | use strict; |
Jasper Wallace |
1:9ebc941037d5 | 43 | |
Jasper Wallace |
1:9ebc941037d5 | 44 | my $config_file = "include/mbedtls/config.h"; |
Jasper Wallace |
1:9ebc941037d5 | 45 | my $usage = <<EOU; |
Jasper Wallace |
1:9ebc941037d5 | 46 | $0 [-f <file> | --file <file>] [-o | --force] |
Jasper Wallace |
1:9ebc941037d5 | 47 | [set <symbol> <value> | unset <symbol> | get <symbol> | |
Jasper Wallace |
1:9ebc941037d5 | 48 | full | realfull] |
Jasper Wallace |
1:9ebc941037d5 | 49 | |
Jasper Wallace |
1:9ebc941037d5 | 50 | Commands |
Jasper Wallace |
1:9ebc941037d5 | 51 | set <symbol> [<value>] - Uncomments or adds a #define for the <symbol> to |
Jasper Wallace |
1:9ebc941037d5 | 52 | the configuration file, and optionally making it |
Jasper Wallace |
1:9ebc941037d5 | 53 | of <value>. |
Jasper Wallace |
1:9ebc941037d5 | 54 | If the symbol isn't present in the file an error |
Jasper Wallace |
1:9ebc941037d5 | 55 | is returned. |
Jasper Wallace |
1:9ebc941037d5 | 56 | unset <symbol> - Comments out the #define for the given symbol if |
Jasper Wallace |
1:9ebc941037d5 | 57 | present in the configuration file. |
Jasper Wallace |
1:9ebc941037d5 | 58 | get <symbol> - Finds the #define for the given symbol, returning |
Jasper Wallace |
1:9ebc941037d5 | 59 | an exitcode of 0 if the symbol is found, and -1 if |
Jasper Wallace |
1:9ebc941037d5 | 60 | not. The value of the symbol is output if one is |
Jasper Wallace |
1:9ebc941037d5 | 61 | specified in the configuration file. |
Jasper Wallace |
1:9ebc941037d5 | 62 | full - Uncomments all #define's in the configuration file |
Jasper Wallace |
1:9ebc941037d5 | 63 | excluding some reserved symbols, until the |
Jasper Wallace |
1:9ebc941037d5 | 64 | 'Module configuration options' section |
Jasper Wallace |
1:9ebc941037d5 | 65 | realfull - Uncomments all #define's with no exclusions |
Jasper Wallace |
1:9ebc941037d5 | 66 | |
Jasper Wallace |
1:9ebc941037d5 | 67 | Options |
Jasper Wallace |
1:9ebc941037d5 | 68 | -f | --file <filename> - The file or file path for the configuration file |
Jasper Wallace |
1:9ebc941037d5 | 69 | to edit. When omitted, the following default is |
Jasper Wallace |
1:9ebc941037d5 | 70 | used: |
Jasper Wallace |
1:9ebc941037d5 | 71 | $config_file |
Jasper Wallace |
1:9ebc941037d5 | 72 | -o | --force - If the symbol isn't present in the configuration |
Jasper Wallace |
1:9ebc941037d5 | 73 | file when setting its value, a #define is |
Jasper Wallace |
1:9ebc941037d5 | 74 | appended to the end of the file. |
Jasper Wallace |
1:9ebc941037d5 | 75 | |
Jasper Wallace |
1:9ebc941037d5 | 76 | EOU |
Jasper Wallace |
1:9ebc941037d5 | 77 | |
Jasper Wallace |
1:9ebc941037d5 | 78 | my @excluded = qw( |
Jasper Wallace |
1:9ebc941037d5 | 79 | MBEDTLS_TEST_NULL_ENTROPY |
Jasper Wallace |
1:9ebc941037d5 | 80 | MBEDTLS_DEPRECATED_REMOVED |
Jasper Wallace |
1:9ebc941037d5 | 81 | MBEDTLS_HAVE_SSE2 |
Jasper Wallace |
1:9ebc941037d5 | 82 | MBEDTLS_PLATFORM_NO_STD_FUNCTIONS |
Jasper Wallace |
1:9ebc941037d5 | 83 | MBEDTLS_ECP_DP_M221_ENABLED |
Jasper Wallace |
1:9ebc941037d5 | 84 | MBEDTLS_ECP_DP_M383_ENABLED |
Jasper Wallace |
1:9ebc941037d5 | 85 | MBEDTLS_ECP_DP_M511_ENABLED |
Jasper Wallace |
1:9ebc941037d5 | 86 | MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES |
Jasper Wallace |
1:9ebc941037d5 | 87 | MBEDTLS_NO_PLATFORM_ENTROPY |
Jasper Wallace |
1:9ebc941037d5 | 88 | MBEDTLS_REMOVE_ARC4_CIPHERSUITES |
Jasper Wallace |
1:9ebc941037d5 | 89 | MBEDTLS_SSL_HW_RECORD_ACCEL |
Jasper Wallace |
1:9ebc941037d5 | 90 | MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 |
Jasper Wallace |
1:9ebc941037d5 | 91 | MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION |
Jasper Wallace |
1:9ebc941037d5 | 92 | MBEDTLS_ZLIB_SUPPORT |
Jasper Wallace |
1:9ebc941037d5 | 93 | MBEDTLS_PKCS11_C |
Jasper Wallace |
1:9ebc941037d5 | 94 | _ALT\s*$ |
Jasper Wallace |
1:9ebc941037d5 | 95 | ); |
Jasper Wallace |
1:9ebc941037d5 | 96 | |
Jasper Wallace |
1:9ebc941037d5 | 97 | # Things that should be enabled in "full" even if they match @excluded |
Jasper Wallace |
1:9ebc941037d5 | 98 | my @non_excluded = qw( |
Jasper Wallace |
1:9ebc941037d5 | 99 | PLATFORM_[A-Z0-9]+_ALT |
Jasper Wallace |
1:9ebc941037d5 | 100 | ); |
Jasper Wallace |
1:9ebc941037d5 | 101 | |
Jasper Wallace |
1:9ebc941037d5 | 102 | # Process the command line arguments |
Jasper Wallace |
1:9ebc941037d5 | 103 | |
Jasper Wallace |
1:9ebc941037d5 | 104 | my $force_option = 0; |
Jasper Wallace |
1:9ebc941037d5 | 105 | |
Jasper Wallace |
1:9ebc941037d5 | 106 | my ($arg, $name, $value, $action); |
Jasper Wallace |
1:9ebc941037d5 | 107 | |
Jasper Wallace |
1:9ebc941037d5 | 108 | while ($arg = shift) { |
Jasper Wallace |
1:9ebc941037d5 | 109 | |
Jasper Wallace |
1:9ebc941037d5 | 110 | # Check if the argument is an option |
Jasper Wallace |
1:9ebc941037d5 | 111 | if ($arg eq "-f" || $arg eq "--file") { |
Jasper Wallace |
1:9ebc941037d5 | 112 | $config_file = shift; |
Jasper Wallace |
1:9ebc941037d5 | 113 | |
Jasper Wallace |
1:9ebc941037d5 | 114 | -f $config_file or die "No such file: $config_file\n"; |
Jasper Wallace |
1:9ebc941037d5 | 115 | |
Jasper Wallace |
1:9ebc941037d5 | 116 | } |
Jasper Wallace |
1:9ebc941037d5 | 117 | elsif ($arg eq "-o" || $arg eq "--force") { |
Jasper Wallace |
1:9ebc941037d5 | 118 | $force_option = 1; |
Jasper Wallace |
1:9ebc941037d5 | 119 | |
Jasper Wallace |
1:9ebc941037d5 | 120 | } |
Jasper Wallace |
1:9ebc941037d5 | 121 | else |
Jasper Wallace |
1:9ebc941037d5 | 122 | { |
Jasper Wallace |
1:9ebc941037d5 | 123 | # ...else assume it's a command |
Jasper Wallace |
1:9ebc941037d5 | 124 | $action = $arg; |
Jasper Wallace |
1:9ebc941037d5 | 125 | |
Jasper Wallace |
1:9ebc941037d5 | 126 | if ($action eq "full" || $action eq "realfull") { |
Jasper Wallace |
1:9ebc941037d5 | 127 | # No additional parameters |
Jasper Wallace |
1:9ebc941037d5 | 128 | die $usage if @ARGV; |
Jasper Wallace |
1:9ebc941037d5 | 129 | |
Jasper Wallace |
1:9ebc941037d5 | 130 | } |
Jasper Wallace |
1:9ebc941037d5 | 131 | elsif ($action eq "unset" || $action eq "get") { |
Jasper Wallace |
1:9ebc941037d5 | 132 | die $usage unless @ARGV; |
Jasper Wallace |
1:9ebc941037d5 | 133 | $name = shift; |
Jasper Wallace |
1:9ebc941037d5 | 134 | |
Jasper Wallace |
1:9ebc941037d5 | 135 | } |
Jasper Wallace |
1:9ebc941037d5 | 136 | elsif ($action eq "set") { |
Jasper Wallace |
1:9ebc941037d5 | 137 | die $usage unless @ARGV; |
Jasper Wallace |
1:9ebc941037d5 | 138 | $name = shift; |
Jasper Wallace |
1:9ebc941037d5 | 139 | $value = shift if @ARGV; |
Jasper Wallace |
1:9ebc941037d5 | 140 | |
Jasper Wallace |
1:9ebc941037d5 | 141 | } |
Jasper Wallace |
1:9ebc941037d5 | 142 | else { |
Jasper Wallace |
1:9ebc941037d5 | 143 | die "Command '$action' not recognised.\n\n".$usage; |
Jasper Wallace |
1:9ebc941037d5 | 144 | } |
Jasper Wallace |
1:9ebc941037d5 | 145 | } |
Jasper Wallace |
1:9ebc941037d5 | 146 | } |
Jasper Wallace |
1:9ebc941037d5 | 147 | |
Jasper Wallace |
1:9ebc941037d5 | 148 | # If no command was specified, exit... |
Jasper Wallace |
1:9ebc941037d5 | 149 | if ( not defined($action) ){ die $usage; } |
Jasper Wallace |
1:9ebc941037d5 | 150 | |
Jasper Wallace |
1:9ebc941037d5 | 151 | # Check the config file is present |
Jasper Wallace |
1:9ebc941037d5 | 152 | if (! -f $config_file) { |
Jasper Wallace |
1:9ebc941037d5 | 153 | |
Jasper Wallace |
1:9ebc941037d5 | 154 | chdir '..' or die; |
Jasper Wallace |
1:9ebc941037d5 | 155 | |
Jasper Wallace |
1:9ebc941037d5 | 156 | # Confirm this is the project root directory and try again |
Jasper Wallace |
1:9ebc941037d5 | 157 | if ( !(-d 'scripts' && -d 'include' && -d 'library' && -f $config_file) ) { |
Jasper Wallace |
1:9ebc941037d5 | 158 | die "If no file specified, must be run from the project root or scripts directory.\n"; |
Jasper Wallace |
1:9ebc941037d5 | 159 | } |
Jasper Wallace |
1:9ebc941037d5 | 160 | } |
Jasper Wallace |
1:9ebc941037d5 | 161 | |
Jasper Wallace |
1:9ebc941037d5 | 162 | |
Jasper Wallace |
1:9ebc941037d5 | 163 | # Now read the file and process the contents |
Jasper Wallace |
1:9ebc941037d5 | 164 | |
Jasper Wallace |
1:9ebc941037d5 | 165 | open my $config_read, '<', $config_file or die "read $config_file: $!\n"; |
Jasper Wallace |
1:9ebc941037d5 | 166 | my @config_lines = <$config_read>; |
Jasper Wallace |
1:9ebc941037d5 | 167 | close $config_read; |
Jasper Wallace |
1:9ebc941037d5 | 168 | |
Jasper Wallace |
1:9ebc941037d5 | 169 | my ($exclude_re, $no_exclude_re); |
Jasper Wallace |
1:9ebc941037d5 | 170 | if ($action eq "realfull") { |
Jasper Wallace |
1:9ebc941037d5 | 171 | $exclude_re = qr/^$/; |
Jasper Wallace |
1:9ebc941037d5 | 172 | $no_exclude_re = qr/./; |
Jasper Wallace |
1:9ebc941037d5 | 173 | } else { |
Jasper Wallace |
1:9ebc941037d5 | 174 | $exclude_re = join '|', @excluded; |
Jasper Wallace |
1:9ebc941037d5 | 175 | $no_exclude_re = join '|', @non_excluded; |
Jasper Wallace |
1:9ebc941037d5 | 176 | } |
Jasper Wallace |
1:9ebc941037d5 | 177 | |
Jasper Wallace |
1:9ebc941037d5 | 178 | open my $config_write, '>', $config_file or die "write $config_file: $!\n"; |
Jasper Wallace |
1:9ebc941037d5 | 179 | |
Jasper Wallace |
1:9ebc941037d5 | 180 | my $done; |
Jasper Wallace |
1:9ebc941037d5 | 181 | for my $line (@config_lines) { |
Jasper Wallace |
1:9ebc941037d5 | 182 | if ($action eq "full" || $action eq "realfull") { |
Jasper Wallace |
1:9ebc941037d5 | 183 | if ($line =~ /name SECTION: Module configuration options/) { |
Jasper Wallace |
1:9ebc941037d5 | 184 | $done = 1; |
Jasper Wallace |
1:9ebc941037d5 | 185 | } |
Jasper Wallace |
1:9ebc941037d5 | 186 | |
Jasper Wallace |
1:9ebc941037d5 | 187 | if (!$done && $line =~ m!^//\s?#define! && |
Jasper Wallace |
1:9ebc941037d5 | 188 | ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) ) { |
Jasper Wallace |
1:9ebc941037d5 | 189 | $line =~ s!^//\s?!!; |
Jasper Wallace |
1:9ebc941037d5 | 190 | } |
Jasper Wallace |
1:9ebc941037d5 | 191 | if (!$done && $line =~ m!^\s?#define! && |
Jasper Wallace |
1:9ebc941037d5 | 192 | ! ( $line !~ /$exclude_re/ || $line =~ /$no_exclude_re/ ) ) { |
Jasper Wallace |
1:9ebc941037d5 | 193 | $line =~ s!^!//!; |
Jasper Wallace |
1:9ebc941037d5 | 194 | } |
Jasper Wallace |
1:9ebc941037d5 | 195 | } elsif ($action eq "unset") { |
Jasper Wallace |
1:9ebc941037d5 | 196 | if (!$done && $line =~ /^\s*#define\s*$name\b/) { |
Jasper Wallace |
1:9ebc941037d5 | 197 | $line = '//' . $line; |
Jasper Wallace |
1:9ebc941037d5 | 198 | $done = 1; |
Jasper Wallace |
1:9ebc941037d5 | 199 | } |
Jasper Wallace |
1:9ebc941037d5 | 200 | } elsif (!$done && $action eq "set") { |
Jasper Wallace |
1:9ebc941037d5 | 201 | if ($line =~ m!^(?://)?\s*#define\s*$name\b!) { |
Jasper Wallace |
1:9ebc941037d5 | 202 | $line = "#define $name"; |
Jasper Wallace |
1:9ebc941037d5 | 203 | $line .= " $value" if defined $value && $value ne ""; |
Jasper Wallace |
1:9ebc941037d5 | 204 | $line .= "\n"; |
Jasper Wallace |
1:9ebc941037d5 | 205 | $done = 1; |
Jasper Wallace |
1:9ebc941037d5 | 206 | } |
Jasper Wallace |
1:9ebc941037d5 | 207 | } elsif (!$done && $action eq "get") { |
Jasper Wallace |
1:9ebc941037d5 | 208 | if ($line =~ /^\s*#define\s*$name\s*(.*)\s*\b/) { |
Jasper Wallace |
1:9ebc941037d5 | 209 | $value = $1; |
Jasper Wallace |
1:9ebc941037d5 | 210 | $done = 1; |
Jasper Wallace |
1:9ebc941037d5 | 211 | } |
Jasper Wallace |
1:9ebc941037d5 | 212 | } |
Jasper Wallace |
1:9ebc941037d5 | 213 | |
Jasper Wallace |
1:9ebc941037d5 | 214 | print $config_write $line; |
Jasper Wallace |
1:9ebc941037d5 | 215 | } |
Jasper Wallace |
1:9ebc941037d5 | 216 | |
Jasper Wallace |
1:9ebc941037d5 | 217 | # Did the set command work? |
Jasper Wallace |
1:9ebc941037d5 | 218 | if ($action eq "set"&& $force_option && !$done) { |
Jasper Wallace |
1:9ebc941037d5 | 219 | |
Jasper Wallace |
1:9ebc941037d5 | 220 | # If the force option was set, append the symbol to the end of the file |
Jasper Wallace |
1:9ebc941037d5 | 221 | my $line = "#define $name"; |
Jasper Wallace |
1:9ebc941037d5 | 222 | $line .= " $value" if defined $value && $value ne ""; |
Jasper Wallace |
1:9ebc941037d5 | 223 | $line .= "\n"; |
Jasper Wallace |
1:9ebc941037d5 | 224 | $done = 1; |
Jasper Wallace |
1:9ebc941037d5 | 225 | |
Jasper Wallace |
1:9ebc941037d5 | 226 | print $config_write $line; |
Jasper Wallace |
1:9ebc941037d5 | 227 | } |
Jasper Wallace |
1:9ebc941037d5 | 228 | |
Jasper Wallace |
1:9ebc941037d5 | 229 | close $config_write; |
Jasper Wallace |
1:9ebc941037d5 | 230 | |
Jasper Wallace |
1:9ebc941037d5 | 231 | if ($action eq "get") { |
Jasper Wallace |
1:9ebc941037d5 | 232 | if($done) { |
Jasper Wallace |
1:9ebc941037d5 | 233 | if ($value ne '') { |
Jasper Wallace |
1:9ebc941037d5 | 234 | print $value; |
Jasper Wallace |
1:9ebc941037d5 | 235 | } |
Jasper Wallace |
1:9ebc941037d5 | 236 | exit 0; |
Jasper Wallace |
1:9ebc941037d5 | 237 | } else { |
Jasper Wallace |
1:9ebc941037d5 | 238 | # If the symbol was not found, return an error |
Jasper Wallace |
1:9ebc941037d5 | 239 | exit -1; |
Jasper Wallace |
1:9ebc941037d5 | 240 | } |
Jasper Wallace |
1:9ebc941037d5 | 241 | } |
Jasper Wallace |
1:9ebc941037d5 | 242 | |
Jasper Wallace |
1:9ebc941037d5 | 243 | if ($action eq "full" && !$done) { |
Jasper Wallace |
1:9ebc941037d5 | 244 | die "Configuration section was not found in $config_file\n"; |
Jasper Wallace |
1:9ebc941037d5 | 245 | |
Jasper Wallace |
1:9ebc941037d5 | 246 | } |
Jasper Wallace |
1:9ebc941037d5 | 247 | |
Jasper Wallace |
1:9ebc941037d5 | 248 | if ($action ne "full" && $action ne "unset" && !$done) { |
Jasper Wallace |
1:9ebc941037d5 | 249 | die "A #define for the symbol $name was not found in $config_file\n"; |
Jasper Wallace |
1:9ebc941037d5 | 250 | } |
Jasper Wallace |
1:9ebc941037d5 | 251 | |
Jasper Wallace |
1:9ebc941037d5 | 252 | __END__ |