Fix libcoap building with various MbedTLS compile time options

components/coap/port/coap_mbedtls.c: Add in additional compile time check wrappers for different MbedTLS configurations. components/coap/CMakeLists.txt: components/coap/component.mk: components/coap/port/coap_notls.c: components/coap/port/include/coap_config_posix.h: Add in the ability to compile and run if MbedTLS does not have any TLS mode enabled. examples/protocols/coap_client/main/coap_client_example_main.c: Inform user that MbedTLS Client Mode is required for DTLS if not enabled, and coaps:// has been requested. [Lower libcoap library will still error and report this condition] examples/protocols/coap_server/main/coap_server_example_main.c: Inform user that MbedTLS Server Mode is required for DTLS if not enabled. [Lower libcoap library will still error and report this condition] Closes #3961 Closes #3971 Closes #3977
espressif · Sep 6, 2019 · 430b737 · 430b737
1 parent 61442cd
commit 430b737
Show file tree

Hide file tree

Showing 7 changed files with 266 additions and 13 deletions.
diff --git a/components/coap/CMakeLists.txt b/components/coap/CMakeLists.txt
@@ -19,6 +19,7 @@ set(srcs
     "libcoap/src/subscribe.c"
     "libcoap/src/uri.c"
     "libcoap/src/coap_io.c"
+    "port/coap_notls.c"
     "port/coap_mbedtls.c")
 
 idf_component_register(SRCS "${srcs}"

diff --git a/components/coap/component.mk b/components/coap/component.mk
@@ -4,7 +4,7 @@
 
 COMPONENT_ADD_INCLUDEDIRS := port/include port/include/coap libcoap/include libcoap/include/coap2
 
-COMPONENT_OBJS = libcoap/src/address.o libcoap/src/async.o libcoap/src/block.o libcoap/src/coap_event.o libcoap/src/coap_hashkey.o libcoap/src/coap_session.o libcoap/src/coap_time.o port/coap_debug.o libcoap/src/encode.o libcoap/src/mem.o libcoap/src/net.o libcoap/src/option.o libcoap/src/pdu.o libcoap/src/resource.o libcoap/src/str.o libcoap/src/subscribe.o libcoap/src/uri.o port/coap_mbedtls.o libcoap/src/coap_io.o
+COMPONENT_OBJS = libcoap/src/address.o libcoap/src/async.o libcoap/src/block.o libcoap/src/coap_event.o libcoap/src/coap_hashkey.o libcoap/src/coap_session.o libcoap/src/coap_time.o port/coap_debug.o libcoap/src/encode.o libcoap/src/mem.o libcoap/src/net.o libcoap/src/option.o libcoap/src/pdu.o libcoap/src/resource.o libcoap/src/str.o libcoap/src/subscribe.o libcoap/src/uri.o port/coap_mbedtls.o libcoap/src/coap_io.o port/coap_notls.o
 
 COMPONENT_SRCDIRS := libcoap/src libcoap port
 

diff --git a/components/coap/port/coap_mbedtls.c b/components/coap/port/coap_mbedtls.c
@@ -188,7 +188,7 @@ coap_dgram_write(void *ctx, const unsigned char *send_buffer,
   return result;
 }
 
-#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS)
+#if !defined(ESPIDF_VERSION) || (defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS) && defined(CONFIG_MBEDTLS_TLS_SERVER))
 static char*
 get_ip_addr(const struct coap_address_t *addr)
 {
@@ -222,9 +222,9 @@ get_ip_addr(const struct coap_address_t *addr)
   }
   return str;
 }
-#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_SSL_PROTO_DTLS */
+#endif /* !ESPIDF_VERSION || (CONFIG_MBEDTLS_SSL_PROTO_DTLS && CONFIG_MBEDTLS_TLS_SERVER) */
 
-#if !defined(ESPIDF_VERSION) || (defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS) && defined(CONFIG_MBEDTLS_PSK_MODES))
+#if !defined(ESPIDF_VERSION) || (defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS) && defined(CONFIG_MBEDTLS_PSK_MODES) && defined(CONFIG_MBEDTLS_TLS_SERVER))
 /*
  * Server side PSK callback
  */
@@ -277,7 +277,7 @@ static int psk_server_callback(void *p_info, mbedtls_ssl_context *ssl,
   mbedtls_ssl_set_hs_psk(ssl, buf, psk_len);
   return 0;
 }
-#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_SSL_PROTO_DTLS */
+#endif /* !ESPIDF_VERSION || (CONFIG_MBEDTLS_SSL_PROTO_DTLS && CONFIG_MBEDTLS_PSK_MODES && CONFIG_MBEDTLS_TLS_SERVER) */
 
 static char*
 get_san_or_cn_from_cert(mbedtls_x509_crt *crt)
@@ -691,6 +691,7 @@ setup_pki_credentials(mbedtls_x509_crt *cacert,
   return 0;
 }
 
+#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_TLS_SERVER)
 /*
  * PKI SNI callback.
  */
@@ -763,6 +764,7 @@ pki_sni_callback(void *p_info, mbedtls_ssl_context *ssl,
   }
   return ret;
 }
+#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_TLS_SERVER */
 
 #ifdef PSK2_PR
 /*
@@ -836,6 +838,8 @@ psk_sni_callback(void *p_info, mbedtls_ssl_context *ssl,
 }
 #endif /* PSK2_PR */
 
+#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_TLS_SERVER)
+
 static int setup_server_ssl_session(coap_session_t *c_session,
                                     coap_mbedtls_env_t *m_env)
 {
@@ -897,11 +901,12 @@ static int setup_server_ssl_session(coap_session_t *c_session,
   mbedtls_ssl_conf_dtls_cookies(&m_env->conf, mbedtls_ssl_cookie_write,
                                 mbedtls_ssl_cookie_check,
                                 &m_env->cookie_ctx );
-    mbedtls_ssl_set_mtu(&m_env->ssl, c_session->mtu);
+  mbedtls_ssl_set_mtu(&m_env->ssl, c_session->mtu);
 #endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_SSL_PROTO_DTLS */
 fail:
   return ret;
 }
+#endif /* !defined(ESPIDF_VERSION) || CONFIG_MBEDTLS_TLS_SERVER) */
 
 #define MAX_CIPHERS 100
 static int psk_ciphers[MAX_CIPHERS];
@@ -1043,6 +1048,7 @@ static int setup_client_ssl_session(coap_session_t *c_session,
       coap_log(LOG_ERR, "PKI setup failed\n");
       return ret;
     }
+#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_TLS_SERVER)
     if (c_session->proto == COAP_PROTO_TLS) {
       const char *alpn_list[2];
 
@@ -1053,6 +1059,7 @@ static int setup_client_ssl_session(coap_session_t *c_session,
         coap_log(LOG_ERR, "ALPN setup failed %d)\n", ret);
       }
     }
+#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_TLS_SERVER */
     if (m_context->setup_data.client_sni) {
       mbedtls_ssl_set_hostname(&m_env->ssl, m_context->setup_data.client_sni);
     }
@@ -1189,10 +1196,12 @@ static coap_mbedtls_env_t *coap_dtls_new_mbedtls_env(coap_session_t *c_session,
     if (setup_client_ssl_session(c_session, m_env) != 0) {
       goto fail;
     }
+#if !defined(ESPIDF_VERSION) || defined(CONFIG_MBEDTLS_TLS_SERVER)
   } else if (role == COAP_DTLS_ROLE_SERVER) {
     if (setup_server_ssl_session(c_session, m_env) != 0) {
       goto fail;
     }
+#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_TLS_SERVER */
   } else {
     goto fail;
   }
@@ -1251,6 +1260,12 @@ int coap_dtls_context_set_psk(struct coap_context_t *c_context,
 {
   coap_mbedtls_context_t *m_context =
               ((coap_mbedtls_context_t *)c_context->dtls_context);
+#if defined(ESPIDF_VERSION) && !defined(CONFIG_MBEDTLS_TLS_SERVER)
+  coap_log(LOG_EMERG, "coap_dtls_context_set_psk:"
+           " libcoap not compiled for Server Mode for MbedTLS"
+           " - update MbedTLS to include Server Mode\n");
+  return 0;
+#endif /* ESPIDF_VERSION && !CONFIG_MBEDTLS_TLS_SERVER */
   m_context->psk_pki_enabled |= IS_PSK;
   return 1;
 }
@@ -1266,6 +1281,12 @@ coap_dtls_context_set_spsk(coap_context_t *c_context,
   coap_mbedtls_context_t *m_context =
                          ((coap_mbedtls_context_t *)c_context->dtls_context);
 
+#if defined(ESPIDF_VERSION) && !defined(CONFIG_MBEDTLS_TLS_SERVER)
+  coap_log(LOG_EMERG, "coap_dtls_context_set_spsk:"
+           " libcoap not compiled for Server Mode for MbedTLS"
+           " - update MbedTLS to include Server Mode\n");
+  return 0;
+#endif /* ESPIDF_VERSION && !CONFIG_MBEDTLS_TLS_SERVER */
   if (!m_context || !setup_data)
     return 0;
 
@@ -1315,6 +1336,7 @@ int coap_dtls_context_set_pki_root_cas(struct coap_context_t *c_context,
 {
   coap_mbedtls_context_t *m_context =
              ((coap_mbedtls_context_t *)c_context->dtls_context);
+
   if (!m_context) {
     coap_log(LOG_WARNING,
              "coap_context_set_pki_root_cas: (D)TLS environment "
@@ -1383,6 +1405,13 @@ void coap_dtls_free_context(void *dtls_context)
 
 void *coap_dtls_new_client_session(coap_session_t *c_session)
 {
+#if defined(ESPIDF_VERSION) && !defined(CONFIG_MBEDTLS_TLS_CLIENT)
+  (void)c_session;
+  coap_log(LOG_EMERG, "coap_dtls_new_client_session:"
+           " libcoap not compiled for Client Mode for MbedTLS"
+           " - update MbedTLS to include Client Mode\n");
+  return NULL;
+#else /* !ESPIDF_VERSION || CONFIG_MBEDTLS_TLS_CLIENT */
   coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
                                                        COAP_DTLS_ROLE_CLIENT);
   int ret;
@@ -1395,6 +1424,7 @@ void *coap_dtls_new_client_session(coap_session_t *c_session)
     }
   }
   return m_env;
+#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_TLS_CLIENT */
 }
 
 void *coap_dtls_new_server_session(coap_session_t *c_session)
@@ -1628,12 +1658,15 @@ int coap_dtls_hello(coap_session_t *c_session,
                     const uint8_t *data,
                     size_t data_len)
 {
-#if defined(ESPIDF_VERSION) && !defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS)
+#if defined(ESPIDF_VERSION) && (!defined(CONFIG_MBEDTLS_SSL_PROTO_DTLS) || !defined(CONFIG_MBEDTLS_TLS_SERVER))
   (void)c_session;
   (void)data;
   (void)data_len;
+  coap_log(LOG_EMERG, "coap_dtls_hello:"
+           " libcoap not compiled for DTLS or Server Mode for MbedTLS"
+           " - update MbedTLS to include DTLS and Server Mode\n");
   return -1;
-#else /* !ESPIDF_VERSION) || CONFIG_MBEDTLS_SSL_PROTO_DTLS */
+#else /* !ESPIDF_VERSION) || (CONFIG_MBEDTLS_SSL_PROTO_DTLS && CONFIG_MBEDTLS_TLS_SERVER) */
   coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
   coap_ssl_t *ssl_data = m_env ? &m_env->coap_ssl_data : NULL;
   int ret;
@@ -1697,7 +1730,7 @@ int coap_dtls_hello(coap_session_t *c_session,
      return 1;
   }
   return 0;
-#endif /* !ESPIDF_VERSION || CONFIG_MBEDTLS_SSL_PROTO_DTLS */
+#endif /* !ESPIDF_VERSION) || (CONFIG_MBEDTLS_SSL_PROTO_DTLS && CONFIG_MBEDTLS_TLS_SERVER) */
 }
 
 unsigned int coap_dtls_get_overhead(coap_session_t *c_session UNUSED)

diff --git a/components/coap/port/coap_notls.c b/components/coap/port/coap_notls.c
@@ -0,0 +1,190 @@
+/*
+* coap_notls.c -- Stub Datagram Transport Layer Support for libcoap
+*
+* Copyright (C) 2016 Olaf Bergmann <bergmann@tzi.org>
+*
+* This file is part of the CoAP library libcoap. Please see README for terms
+* of use.
+*/
+
+#include "coap_config.h"
+
+#if !defined(HAVE_LIBTINYDTLS) && !defined(HAVE_OPENSSL) && !defined(HAVE_LIBGNUTLS) && !defined(HAVE_MBEDTLS)
+
+#include "net.h"
+
+#ifdef __GNUC__
+#define UNUSED __attribute__((unused))
+#else /* __GNUC__ */
+#define UNUSED
+#endif /* __GNUC__ */
+
+int
+coap_dtls_is_supported(void) {
+  return 0;
+}
+
+int
+coap_tls_is_supported(void) {
+  return 0;
+}
+
+coap_tls_version_t *
+coap_get_tls_library_version(void) {
+  static coap_tls_version_t version;
+  version.version = 0;
+  version.type = COAP_TLS_LIBRARY_NOTLS;
+  return &version;
+}
+
+int
+coap_dtls_context_set_pki(coap_context_t *ctx UNUSED,
+                          coap_dtls_pki_t* setup_data UNUSED,
+                          coap_dtls_role_t role UNUSED
+) {
+  return 0;
+}
+
+int
+coap_dtls_context_set_pki_root_cas(struct coap_context_t *ctx UNUSED,
+                                   const char *ca_file UNUSED,
+                                   const char *ca_path UNUSED
+) {
+  return 0;
+}
+
+int
+coap_dtls_context_set_psk(coap_context_t *ctx UNUSED,
+                          const char *hint UNUSED,
+                          coap_dtls_role_t role UNUSED
+) {
+  return 0;
+}
+
+int
+coap_dtls_context_check_keys_enabled(coap_context_t *ctx UNUSED)
+{
+  return 0;
+}
+
+static int dtls_log_level = 0;
+
+void coap_dtls_startup(void) {
+}
+
+void
+coap_dtls_set_log_level(int level) {
+  dtls_log_level = level;
+}
+
+int
+coap_dtls_get_log_level(void) {
+  return dtls_log_level;
+}
+
+void *
+coap_dtls_new_context(struct coap_context_t *coap_context UNUSED) {
+  return NULL;
+}
+
+void
+coap_dtls_free_context(void *handle UNUSED) {
+}
+
+void *coap_dtls_new_server_session(coap_session_t *session UNUSED) {
+  return NULL;
+}
+
+void *coap_dtls_new_client_session(coap_session_t *session UNUSED) {
+  return NULL;
+}
+
+void coap_dtls_free_session(coap_session_t *coap_session UNUSED) {
+}
+
+void coap_dtls_session_update_mtu(coap_session_t *session UNUSED) {
+}
+
+int
+coap_dtls_send(coap_session_t *session UNUSED,
+  const uint8_t *data UNUSED,
+  size_t data_len UNUSED
+) {
+  return -1;
+}
+
+int coap_dtls_is_context_timeout(void) {
+  return 1;
+}
+
+coap_tick_t coap_dtls_get_context_timeout(void *dtls_context UNUSED) {
+  return 0;
+}
+
+coap_tick_t
+coap_dtls_get_timeout(coap_session_t *session UNUSED, coap_tick_t now UNUSED) {
+  return 0;
+}
+
+void coap_dtls_handle_timeout(coap_session_t *session UNUSED) {
+}
+
+int
+coap_dtls_receive(coap_session_t *session UNUSED,
+  const uint8_t *data UNUSED,
+  size_t data_len UNUSED
+) {
+  return -1;
+}
+
+int
+coap_dtls_hello(coap_session_t *session UNUSED,
+  const uint8_t *data UNUSED,
+  size_t data_len UNUSED
+) {
+  return 0;
+}
+
+unsigned int coap_dtls_get_overhead(coap_session_t *session UNUSED) {
+  return 0;
+}
+
+void *coap_tls_new_client_session(coap_session_t *session UNUSED, int *connected UNUSED) {
+  return NULL;
+}
+
+void *coap_tls_new_server_session(coap_session_t *session UNUSED, int *connected UNUSED) {
+  return NULL;
+}
+
+void coap_tls_free_session(coap_session_t *coap_session UNUSED) {
+}
+
+ssize_t coap_tls_write(coap_session_t *session UNUSED,
+                       const uint8_t *data UNUSED,
+                       size_t data_len UNUSED
+) {
+  return -1;
+}
+
+ssize_t coap_tls_read(coap_session_t *session UNUSED,
+                      uint8_t *data UNUSED,
+                      size_t data_len UNUSED
+) {
+  return -1;
+}
+
+#undef UNUSED
+
+#else /* !HAVE_LIBTINYDTLS && !HAVE_OPENSSL && !HAVE_LIBGNUTLS */
+
+#ifdef __clang__
+/* Make compilers happy that do not like empty modules. As this function is
+ * never used, we ignore -Wunused-function at the end of compiling this file
+ */
+#pragma GCC diagnostic ignored "-Wunused-function"
+#endif
+static inline void dummy(void) {
+}
+
+#endif /* !HAVE_LIBTINYDTLS && !HAVE_OPENSSL && !HAVE_LIBGNUTLS */