mk: downgrade Mbed TLS requirement to 2.16.x

yoursunny · Jan 15, 2021 · ddb7bc4 · ddb7bc4
1 parent 2dd5e95
commit ddb7bc4
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 10 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -16,19 +16,23 @@ jobs:
       - name: install Google Test
         run: |
           cd $HOME
-          curl -sfL https://github.com/google/googletest/archive/release-1.10.0.tar.gz | tar -xz
+          curl -sfL https://github.com/google/googletest/archive/release-${GTESTVER}.tar.gz | tar -xz
           mkdir gtest-build && cd gtest-build
-          cmake -G Ninja ../googletest-release-1.10.0
+          cmake -G Ninja ../googletest-release-${GTESTVER}
           ninja
           sudo $(which ninja) install
+        env:
+          GTESTVER: '1.10.0'
       - name: install Mbed TLS
         run: |
           cd $HOME
-          curl -sfL https://github.com/ARMmbed/mbedtls/archive/v2.25.0.tar.gz | tar -xz
+          curl -sfL https://github.com/ARMmbed/mbedtls/archive/v${MBEDTLSVER}.tar.gz | tar -xz
           mkdir mbedtls-build && cd mbedtls-build
-          cmake -G Ninja ../mbedtls-2.25.0 -DENABLE_PROGRAMS=0 -DENABLE_TESTING=0
+          cmake -G Ninja ../mbedtls-${MBEDTLSVER} -DENABLE_PROGRAMS=0 -DENABLE_TESTING=0
           ninja
           sudo $(which ninja) install
+        env:
+          MBEDTLSVER: '2.16.9'
       - name: install libmemif
         run: |
           cd $HOME

diff --git a/README.md b/README.md
@@ -62,7 +62,7 @@ For Linux,
    * C++ compiler such as GCC, install Ubuntu package `build-essential`
    * [Meson](https://mesonbuild.com/), install pip package `meson`
    * [Ninja build system](https://ninja-build.org/), install Ubuntu package `ninja-build`
-   * [Mbed TLS](https://github.com/ARMmbed/mbedtls), install from source
+   * [Mbed TLS](https://github.com/ARMmbed/mbedtls) 2.16+, install from source or Ubuntu 20.04 package `libmbedtls-dev`
    * [Boost](https://www.boost.org/) header-only libraries, install Ubuntu package `libboost-dev`
    * [libmemif](https://docs.fd.io/vpp/20.09/dc/db3/libmemif_build_doc.html), install from source
    * [Google Test](https://github.com/google/googletest), install from source (only needed by unit tests)

diff --git a/src/ndnph/app/ndncert/client.hpp b/src/ndnph/app/ndncert/client.hpp
@@ -539,7 +539,6 @@ class Client : public PacketHandler
   detail::SessionKey m_sessionKey;
   ChallengeRequest m_challengeRequest;
   ChallengeResponse m_challengeResponse;
-  bool m_fetchSent = false;
 };
 
 /** @brief The "nop" challenge where the server would approve every request. */

diff --git a/src/ndnph/port/mbed-common.hpp b/src/ndnph/port/mbed-common.hpp
@@ -284,7 +284,7 @@ class AesGcm
   tlv::Value encrypt(Region& region, tlv::Value plaintext, const uint8_t* aad = nullptr,
                      size_t aadLen = 0)
   {
-    CheckEncryptedMessage<Encrypted>{};
+    checkEncryptedMessage<Encrypted>();
     Encoder encoder(region);
     auto place = Encrypted::prependInPlace(encoder, plaintext.size());
     encoder.trim();
@@ -320,7 +320,7 @@ class AesGcm
   tlv::Value decrypt(Region& region, const Encrypted& encrypted, const uint8_t* aad = nullptr,
                      size_t aadLen = 0)
   {
-    CheckEncryptedMessage<Encrypted>{};
+    checkEncryptedMessage<Encrypted>();
     uint8_t* plaintext = region.alloc(encrypted.ciphertext.size());
     bool ok =
       m_ok && m_ivDecrypt.check(encrypted.iv.data(), encrypted.ciphertext.size()) &&
@@ -342,12 +342,13 @@ class AesGcm
 
 private:
   template<typename Encrypted>
-  struct CheckEncryptedMessage
+  static void checkEncryptedMessage()
   {
     static_assert(Encrypted::IvLen::value == IvLen::value, "");
     static_assert(Encrypted::TagLen::value == TagLen::value, "");
-  };
+  }
 
+private:
   mbedtls_gcm_context m_ctx;
   detail::IvHelper m_ivEncrypt;
   detail::IvHelper m_ivDecrypt;