Compare commits

..

2 commits

2 changed files with 3 additions and 15 deletions

2
configure vendored
View file

@ -78,7 +78,7 @@ for arg in $SCRIPT_ARGS; do
;; ;;
--with-mbed) --with-mbed)
TLS_IMPL="TLS_MBEDTLS" TLS_IMPL="TLS_MBEDTLS"
TLS_LIBS="-lmbedtls" TLS_LIBS="-lmbedtls -lmbedx509 -lmbedcrypto"
;; ;;
--disable-tls) --disable-tls)
TLS_IMPL="" TLS_IMPL=""

View file

@ -37,6 +37,7 @@
#include <Log.h> #include <Log.h>
#include <string.h> #include <string.h>
#include <stdlib.h>
/* /*
* #include statements and any implementation structures * #include statements and any implementation structures
@ -56,17 +57,6 @@ typedef struct MbedCookie {
mbedtls_pk_context serverkey; mbedtls_pk_context serverkey;
} MbedCookie; } MbedCookie;
static void my_debug(void *ctx, int level,
const char *file, int line,
const char *str)
{
((void) level);
fprintf((FILE *) ctx, "%s:%04d: %s\n", file, line, str);
fflush((FILE *) ctx);
}
void * void *
TlsInitClient(int fd, const char *serverName) TlsInitClient(int fd, const char *serverName)
{ {
@ -143,7 +133,6 @@ TlsInitClient(int fd, const char *serverName)
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&cookie->ctrDrbg &cookie->ctrDrbg
); );
mbedtls_ssl_conf_dbg(&cookie->conf, my_debug, stdout);
if ((err = mbedtls_ssl_setup(&cookie->ssl, &cookie->conf)) != 0) if ((err = mbedtls_ssl_setup(&cookie->ssl, &cookie->conf)) != 0)
{ {
char message[256]; char message[256];
@ -228,7 +217,7 @@ TlsInitServer(int fd, const char *crt, const char *key)
goto error; goto error;
} }
if ((err = mbedtls_pk_parse_keyfile(&cookie->serverkey, key, NULL)) != 0) if ((err = mbedtls_pk_parse_keyfile(&cookie->serverkey, key, NULL, mbedtls_entropy_func, &cookie->ctrDrbg)) != 0)
{ {
char message[256]; char message[256];
mbedtls_strerror(err, message, 255); mbedtls_strerror(err, message, 255);
@ -266,7 +255,6 @@ TlsInitServer(int fd, const char *crt, const char *key)
mbedtls_ctr_drbg_random, mbedtls_ctr_drbg_random,
&cookie->ctrDrbg &cookie->ctrDrbg
); );
mbedtls_ssl_conf_dbg(&cookie->conf, my_debug, stdout);
mbedtls_ssl_conf_ca_chain(&cookie->conf, cookie->cert.next, NULL); mbedtls_ssl_conf_ca_chain(&cookie->conf, cookie->cert.next, NULL);
if ((err = mbedtls_ssl_setup(&cookie->ssl, &cookie->conf)) != 0) if ((err = mbedtls_ssl_setup(&cookie->ssl, &cookie->conf)) != 0)
{ {