|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Minios-devel] [UNIKRAFT/LIBAXTLS PATCH 1/2] Initial port of the axtls library (version 2.1.5)
Hi Sharan,
Right, thanks for the review, I'll fix that in a v2.
-- Felipe
On 16.09.19, 16:17, "Minios-devel on behalf of Sharan Santhanam"
<minios-devel-bounces@xxxxxxxxxxxxxxxxxxxx on behalf of
sharan.santhanam@xxxxxxxxx> wrote:
On 9/11/19 4:49 PM, Sharan Santhanam wrote:
> Hello Felipe,
>
> Please find the comment inline:
>
> The patch fails to compile with following error:
>
> build/libaxtls/origin/axtls-code/ssl/os_port.h:137:24: fatal error:
> netinet/in.h: No such file or directory #include <netinet/in.h>
The library compile with newlib. It is wise to add dependency in
Config.uk to newlib.
>
> Thanks & Regards
>
> Sharan
>
> On 7/13/19 7:36 AM, Felipe Huici wrote:
>> Note lwip is required.
>>
>> Signed-off-by: Felipe Huici <felipe.huici@xxxxxxxxx>
>> ---
>> Config.uk | 4 ++
>> Makefile.uk | 117
>> +++++++++++++++++++++++++++++++++++++++++++++++
>> glue.c | 12 +++++
>> include/asm/byteorder.h | 86 +++++++++++++++++++++++++++++++++++
>> include/config.h | 118
>> ++++++++++++++++++++++++++++++++++++++++++++++++
>> 5 files changed, 337 insertions(+)
>> create mode 100644 Config.uk
>> create mode 100644 Makefile.uk
>> create mode 100644 glue.c
>> create mode 100644 include/asm/byteorder.h
>> create mode 100644 include/config.h
>>
>> diff --git a/Config.uk b/Config.uk
>> new file mode 100644
>> index 0000000..ec8da21
>> --- /dev/null
>> +++ b/Config.uk
>> @@ -0,0 +1,4 @@
>> +menuconfig LIBAXTLS
>> + bool "axTLS Embedded SSL"
>> + default n
>> + select LIBNOLIBC if !HAVE_LIBC
> Select LIBLWIP
>> diff --git a/Makefile.uk b/Makefile.uk
>> new file mode 100644
>> index 0000000..cf513a0
>> --- /dev/null
>> +++ b/Makefile.uk
>> @@ -0,0 +1,117 @@
>> +# libaxtls Makefile.uc
>> +#
>> +# Authors: Felipe Huici <felipe.huici@xxxxxxxxx>
>> +#
>> +#
>> +# Copyright (c) 2019, NEC Europe Ltd., NEC Corporation. All rights
>> reserved.
>> +#
>> +# Redistribution and use in source and binary forms, with or without
>> +# modification, are permitted provided that the following conditions
>> +# are met:
>> +#
>> +# 1. Redistributions of source code must retain the above copyright
>> +# notice, this list of conditions and the following disclaimer.
>> +# 2. Redistributions in binary form must reproduce the above copyright
>> +# notice, this list of conditions and the following disclaimer
>> in the
>> +# documentation and/or other materials provided with the
>> distribution.
>> +# 3. Neither the name of the copyright holder nor the names of its
>> +# contributors may be used to endorse or promote products
>> derived from
>> +# this software without specific prior written permission.
>> +#
>> +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
>> CONTRIBUTORS "AS IS"
>> +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
>> TO, THE
>> +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
>> PARTICULAR PURPOSE
>> +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
>> CONTRIBUTORS BE
>> +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>> +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>> +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
>> BUSINESS
>> +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
>> WHETHER IN
>> +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
>> OTHERWISE)
>> +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
>> ADVISED OF THE
>> +# POSSIBILITY OF SUCH DAMAGE.
>> +#
>> +# THIS HEADER MAY NOT BE EXTRACTED OR MODIFIED IN ANY WAY.
>> +#
>> +
>>
+################################################################################
>>
>> +# Library registration
>>
+################################################################################
>>
>> +$(eval $(call addlib_s,libaxtls,$(CONFIG_LIBAXTLS)))
>> +
>>
+################################################################################
>>
>> +# Sources
>>
+################################################################################
>>
>> +LIBAXTLS_VERSION=2.1.5
>>
+LIBAXTLS_URL=https://sourceforge.net/projects/axtls/files/2.1.5/axTLS-2.1.5.tar.gz/download
>>
> s/2.1.5/$(LIBAXTLS_VERSION)
>> +LIBAXTLS_PATCHDIR=$(LIBAXTLS_BASE)/patches
>> +$(eval $(call
>> fetchas,libaxtls,$(LIBAXTLS_URL),$(LIBAXTLS_VERSION).tgz))
>> +$(eval $(call
>> patch,libaxtls,$(LIBAXTLS_PATCHDIR),libaxtls-$(LIBAXTLS_VERSION)))
>> +
>>
+################################################################################
>>
>> +# Helpers
>>
+################################################################################
>>
>> +LIBAXTLS_SRC=$(LIBAXTLS_ORIGIN)/axtls-code
>> +
>>
+################################################################################
>>
>> +# Library includes
>>
+################################################################################
>>
>> +CINCLUDES-$(CONFIG_LIBAXTLS) += -I$(LIBAXTLS_SRC)/include \
>> + -I$(LIBAXTLS_SRC)/crypto \
>> + -I$(LIBAXTLS_SRC)/ssl \
>> + -I$(LIBAXTLS_BASE)/include
>
> Should the $(LIBAXTLS_BASE)/include be a global CINCLUDE or library
> specific. This main functionality it provides are the config.h and
> byteorder.h. Shouldn't the config.h be specific to the library. Since
> we dont have a exportsym.uk. Do we want to add it as a CINCLUDES as
> the implementation is going to hidden within this library.
>
>
>> +
>> +CXXINCLUDES-$(CONFIG_LIBAXTLS) += -I$(LIBAXTLS_SRC)/include \
>> + -I$(LIBAXTLS_SRC)/crypto \
>> + -I$(LIBAXTLS_SRC)/ssl \
>> + -I$(LIBAXTLS_BASE)/include
>> +
>>
+################################################################################
>>
>> +# Global flags
>>
+################################################################################
>>
>> +LIBAXTLS_CFLAGS-y += -DHAVE_CONFIG_H
>> +
>> +# Suppress some warnings to make the build process look neater
>> +SUPPRESS_FLAGS += -Wno-unused-parameter -Wno-unused-variable
>> -Wno-nonnull \
>> +-Wno-unused-but-set-variable -Wno-unused-label
>> -Wno-char-subscripts \
>> +-Wno-unused-function -Wno-missing-field-initializers
>> -Wno-uninitialized \
>> +-Wno-array-bounds -Wno-maybe-uninitialized -Wno-pointer-sign
>> -Wno-unused-value \
>> +-Wno-unused-macros -Wno-parentheses
>> -Wno-implicit-function-declaration \
>> +-Wno-missing-braces -Wno-endif-labels
>> -Wno-unused-but-set-variable \
>> +-Wno-implicit-function-declaration -Wno-type-limits -Wno-sign-compare
> Wno-implicit-function-declaration, Wno-array-bounds, Wno-type-limits
>> +
>> +LIBAXTLS_CFLAGS-y += $(SUPPRESS_FLAGS)
>> +LIBAXTLS_CXXFLAGS-y += $(SUPPRESS_FLAGS)
>> +
>>
+################################################################################
>>
>> +# OS dependencies code - Glue between Unikfraft and axtls
>>
+################################################################################
>>
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_BASE)/glue.c
>> +
>>
+################################################################################
>>
>> +# axtls code - crypto
>>
+################################################################################
>>
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/aes.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/bigint.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/crypto_misc.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/hmac.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/md5.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/rc4.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/rsa.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/sha1.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/sha256.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/sha384.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/crypto/sha512.c
>> +
>>
+################################################################################
>>
>> +# axtls code - ssl
>>
+################################################################################
>>
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/asn1.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/gen_cert.c
>
> Without this symbol CONFIG_SSL_GENERATE_X509_CERT, this is a empty
> file? Since we undef it do we need this?
>
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/loader.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/openssl.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/os_port.c
> There are implementation specific to the WIN32. We probably don't need
> this
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/p12.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/tls1.c
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/tls1_svr.c
>
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/tls1_clnt.c
> This depend on CONFIG_SSL_ENABLE_CLIENT which is disabled.
>> +LIBAXTLS_SRCS-y += $(LIBAXTLS_SRC)/ssl/x509.c
>> diff --git a/glue.c b/glue.c
>> new file mode 100644
>> index 0000000..7138f9d
>> --- /dev/null
>> +++ b/glue.c
>> @@ -0,0 +1,12 @@
>> +/* According to POSIX.1-2001, POSIX.1-2008 */
>> +#include <sys/select.h>
>> +
>> +/* According to earlier standards */
>> +#include <sys/time.h>
>> +#include <sys/types.h>
>> +#include <unistd.h>
>> +
>> +int select(int nfds, fd_set *readfds, fd_set *writefds,
>> + fd_set *exceptfds, struct timeval *timeout) {
>> + return -1;
>> +}
>> diff --git a/include/asm/byteorder.h b/include/asm/byteorder.h
>
> Would it be better to add this file within libcs?
>
>> new file mode 100644
>> index 0000000..f3747eb
>> --- /dev/null
>> +++ b/include/asm/byteorder.h
>> @@ -0,0 +1,86 @@
>> +/* Taken from musl's endian.h */
>> +
>> +#ifndef LIBAXTLS_GLUE_ENDIAN_H
>> +#define LIBAXTLS_GLUE_ENDIAN_H
>> +
>> +
>> +/* #include <features.h> */
>> +
>> +#define __LITTLE_ENDIAN 1234
>> +#define __BIG_ENDIAN 4321
>> +#define __PDP_ENDIAN 3412
>> +
>> +/* #if defined(__GNUC__) && defined(__BYTE_ORDER__) */
>> +#define __BYTE_ORDER __BYTE_ORDER__
>> +/*
>> +#else
>> +#include <bits/endian.h>
>> +#endif
>> +*/
>> +/* #if defined(_GNU_SOURCE) || defined(_BSD_SOURCE) */
>> +
>> +#define BIG_ENDIAN __BIG_ENDIAN
>> +#define LITTLE_ENDIAN __LITTLE_ENDIAN
>> +#define PDP_ENDIAN __PDP_ENDIAN
>> +#define BYTE_ORDER __BYTE_ORDER
>> +
>> +#include <stdint.h>
>> +
>> +static __inline uint16_t __bswap16(uint16_t __x)
>> +{
>> + return __x<<8 | __x>>8;
>> +}
>> +
>> +static __inline uint32_t __bswap32(uint32_t __x)
>> +{
>> + return __x>>24 | __x>>8&0xff00 | __x<<8&0xff0000 | __x<<24;
>> +}
>> +
>> +static __inline uint64_t __bswap64(uint64_t __x)
>> +{
>> + return __bswap32(__x)+0ULL<<32 | __bswap32(__x>>32);
>> +}
>> +
>> +#if __BYTE_ORDER == __LITTLE_ENDIAN
>> +#define htobe16(x) __bswap16(x)
>> +#define be16toh(x) __bswap16(x)
>> +#define betoh16(x) __bswap16(x)
>> +#define htobe32(x) __bswap32(x)
>> +#define be32toh(x) __bswap32(x)
>> +#define betoh32(x) __bswap32(x)
>> +#define htobe64(x) __bswap64(x)
>> +#define be64toh(x) __bswap64(x)
>> +#define betoh64(x) __bswap64(x)
>> +#define htole16(x) (uint16_t)(x)
>> +#define le16toh(x) (uint16_t)(x)
>> +#define letoh16(x) (uint16_t)(x)
>> +#define htole32(x) (uint32_t)(x)
>> +#define le32toh(x) (uint32_t)(x)
>> +#define letoh32(x) (uint32_t)(x)
>> +#define htole64(x) (uint64_t)(x)
>> +#define le64toh(x) (uint64_t)(x)
>> +#define letoh64(x) (uint64_t)(x)
>> +#else
>> +#define htobe16(x) (uint16_t)(x)
>> +#define be16toh(x) (uint16_t)(x)
>> +#define betoh16(x) (uint16_t)(x)
>> +#define htobe32(x) (uint32_t)(x)
>> +#define be32toh(x) (uint32_t)(x)
>> +#define betoh32(x) (uint32_t)(x)
>> +#define htobe64(x) (uint64_t)(x)
>> +#define be64toh(x) (uint64_t)(x)
>> +#define betoh64(x) (uint64_t)(x)
>> +#define htole16(x) __bswap16(x)v
>> +#define le16toh(x) __bswap16(x)
>> +#define letoh16(x) __bswap16(x)
>> +#define htole32(x) __bswap32(x)
>> +#define le32toh(x) __bswap32(x)
>> +#define letoh32(x) __bswap32(x)
>> +#define htole64(x) __bswap64(x)
>> +#define le64toh(x) __bswap64(x)
>> +#define letoh64(x) __bswap64(x)
>> +#endif
>> +
>> +/* #endif */
>> +
>> +#endif
>> diff --git a/include/config.h b/include/config.h
>> new file mode 100644
>> index 0000000..acd2973
>> --- /dev/null
>> +++ b/include/config.h
>> @@ -0,0 +1,118 @@
>> +/*
>> + * Automatically generated header file: don't edit
>> + */
>> +
>> +#define HAVE_DOT_CONFIG 1
>> +#define CONFIG_PLATFORM_LINUX 1
>
> Should we have this CONFIG_PLATFORM_LINUX?
>
>
>> +#undef CONFIG_PLATFORM_CYGWIN
>> +#undef CONFIG_PLATFORM_WIN32
>> +
>> +/*
>> + * General Configuration
>> + */
>> +#define PREFIX "/usr/local"
> We don't need PREFIX?
>> +#undef CONFIG_DEBUG
>
> Should we have this
>
> #ifdef UK_DEBUG
>
> #define CONFIG_DEBUG
>
> #else
>
> #undef CONFIG_DEBUG
>
> #endif /* UK_DEBUG */
>
>> +#define CONFIG_STRIP_UNWANTED_SECTIONS 1
>> +#undef CONFIG_VISUAL_STUDIO_7_0
>> +#undef CONFIG_VISUAL_STUDIO_8_0
>> +#undef CONFIG_VISUAL_STUDIO_10_0
>> +#define CONFIG_VISUAL_STUDIO_7_0_BASE ""
>> +#define CONFIG_VISUAL_STUDIO_8_0_BASE ""
>> +#define CONFIG_VISUAL_STUDIO_10_0_BASE ""
>> +#define CONFIG_EXTRA_CFLAGS_OPTIONS ""
>> +#define CONFIG_EXTRA_LDFLAGS_OPTIONS ""
>> +
>> +/*
>> + * SSL Library
>> + */
>> +#undef CONFIG_SSL_SERVER_ONLY
>> +#undef CONFIG_SSL_CERT_VERIFICATION
>> +#undef CONFIG_SSL_ENABLE_CLIENT
>> +#define CONFIG_SSL_FULL_MODE 1
>> +#undef CONFIG_SSL_SKELETON_MODE
>> +#undef CONFIG_SSL_PROT_LOW
>> +#define CONFIG_SSL_PROT_MEDIUM 1
>> +#undef CONFIG_SSL_PROT_HIGH
>> +#define CONFIG_SSL_USE_DEFAULT_KEY 1
>> +#define CONFIG_SSL_PRIVATE_KEY_LOCATION ""
>> +#define CONFIG_SSL_PRIVATE_KEY_PASSWORD ""
>> +#define CONFIG_SSL_X509_CERT_LOCATION ""
>> +#undef CONFIG_SSL_GENERATE_X509_CERT
>> +#define CONFIG_SSL_X509_COMMON_NAME ""
>> +#define CONFIG_SSL_X509_ORGANIZATION_NAME ""
>> +#define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
>> +#define CONFIG_SSL_HAS_PEM 1
>> +#define CONFIG_SSL_USE_PKCS12 1
>> +#define CONFIG_SSL_EXPIRY_TIME 24
>> +#define CONFIG_X509_MAX_CA_CERTS 150
>> +#define CONFIG_SSL_MAX_CERTS 3
>> +#undef CONFIG_SSL_CTX_MUTEXING
>> +#define CONFIG_USE_DEV_URANDOM 1
> Do we need this configuration enabled? If so then don't we need the
> devfs enabled.
>> +#undef CONFIG_WIN32_USE_CRYPTO_LIB
>> +#define CONFIG_OPENSSL_COMPATIBLE 1
>> +#undef CONFIG_PERFORMANCE_TESTING
>> +#undef CONFIG_SSL_TEST
>> +#define CONFIG_AXTLSWRAP 1
>> +#undef CONFIG_AXHTTPD
>> +#undef CONFIG_HTTP_STATIC_BUILD
>> +#define CONFIG_HTTP_PORT
> Where would this be used since we don't include httpd source directories?
>> +#define CONFIG_HTTP_HTTPS_PORT
>> +#define CONFIG_HTTP_SESSION_CACHE_SIZE
>> +#define CONFIG_HTTP_WEBROOT ""
>> +#define CONFIG_HTTP_TIMEOUT
>> +#undef CONFIG_HTTP_HAS_CGI
>> +#define CONFIG_HTTP_CGI_EXTENSIONS ""
>> +#undef CONFIG_HTTP_ENABLE_LUA
>> +#define CONFIG_HTTP_LUA_PREFIX ""
>> +#undef CONFIG_HTTP_BUILD_LUA
>> +#define CONFIG_HTTP_CGI_LAUNCHER ""
>> +#undef CONFIG_HTTP_DIRECTORIES
>> +#undef CONFIG_HTTP_HAS_AUTHORIZATION
>> +#undef CONFIG_HTTP_HAS_IPV6
>> +#undef CONFIG_HTTP_ENABLE_DIFFERENT_USER
>> +#define CONFIG_HTTP_USER ""
>> +#undef CONFIG_HTTP_VERBOSE
>> +#undef CONFIG_HTTP_IS_DAEMON
>> +
>> +/*
>> + * Language Bindings
>> + */
>> +#undef CONFIG_BINDINGS
>> +#undef CONFIG_CSHARP_BINDINGS
>> +#undef CONFIG_VBNET_BINDINGS
>> +#define CONFIG_DOT_NET_FRAMEWORK_BASE ""
>> +#undef CONFIG_JAVA_BINDINGS
>> +#define CONFIG_JAVA_HOME ""
>> +#undef CONFIG_PERL_BINDINGS
>> +#define CONFIG_PERL_CORE ""
>> +#define CONFIG_PERL_LIB ""
>> +#undef CONFIG_LUA_BINDINGS
>> +#define CONFIG_LUA_CORE ""
>> +
>> +/*
>> + * Samples
>> + */
>> +#undef CONFIG_SAMPLES
>> +#undef CONFIG_C_SAMPLES
>> +#undef CONFIG_CSHARP_SAMPLES
>> +#undef CONFIG_VBNET_SAMPLES
>> +#undef CONFIG_JAVA_SAMPLES
>> +#undef CONFIG_PERL_SAMPLES
>> +#undef CONFIG_LUA_SAMPLES
>> +
>> +/*
>> + * BigInt Options
>> + */
>> +#undef CONFIG_BIGINT_CLASSICAL
>> +#undef CONFIG_BIGINT_MONTGOMERY
>> +#define CONFIG_BIGINT_BARRETT 1
>> +#define CONFIG_BIGINT_CRT 1
>> +#undef CONFIG_BIGINT_KARATSUBA
>> +#define MUL_KARATSUBA_THRESH
>> +#define SQU_KARATSUBA_THRESH
>> +#define CONFIG_BIGINT_SLIDING_WINDOW 1
>> +#define CONFIG_BIGINT_SQUARE 1
>> +#undef CONFIG_BIGINT_CHECK_ON
>> +#define CONFIG_INTEGER_32BIT 1
>> +#undef CONFIG_INTEGER_16BIT
>> +#undef CONFIG_INTEGER_8BIT
>
> _______________________________________________
> Minios-devel mailing list
> Minios-devel@xxxxxxxxxxxxxxxxxxxx
> https://lists.xenproject.org/mailman/listinfo/minios-devel
_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel
_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |