Allow build without SSL

NS_USE_EXTERNAL_MBED_TLS now controls whether we attempt to include mbedTLS header files at all, and after including them, we check whether SSL/TLS is enabled. If not, we provide non-secure operation only.
2016-10-20 09:03:26 +01:00 · 2016-10-20 09:03:26 +01:00 · e6b2d21d1d
parent ac8ddafffd
commit e6b2d21d1d
3 changed files with 44 additions and 8 deletions
--- a/source/coap_connection_handler.c
+++ b/source/coap_connection_handler.c
@ -224,7 +224,11 @@ static internal_socket_t *int_socket_create(uint16_t listen_port, bool use_ephem
        if( !is_secure ){
            this->listen_socket = socket_open(SOCKET_UDP, listen_port, recv_sckt_msg);
        }else{
+#ifdef COAP_SECURITY_AVAILABLE
            this->listen_socket = socket_open(SOCKET_UDP, listen_port, secure_recv_sckt_msg);
+#else
+            tr_err("Secure CoAP unavailable - SSL library not configured, possibly due to lack of entropy source");
+#endif
        }
        // Socket create failed
        if(this->listen_socket < 0){
--- a/source/coap_security_handler.c
+++ b/source/coap_security_handler.c
@ -6,19 +6,23 @@
 #include <time.h>
 #include <stdlib.h>

+#include "coap_security_handler.h"
+
+#ifdef COAP_SECURITY_AVAILABLE
+
 #include "mbedtls/sha256.h"
 #include "mbedtls/error.h"
 #include "mbedtls/platform.h"
 #include "mbedtls/ssl_cookie.h"
+#include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
-#include "mbedtls/ssl.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/ssl_ciphersuites.h"
+
 #include "ns_trace.h"
 #include "nsdynmemLIB.h"
 #include "coap_connection_handler.h"
-#include "coap_security_handler.h"
 #include "randLIB.h"
-#include "mbedtls/ssl_ciphersuites.h"
-#include "socket_api.h"

 struct coap_security_s {
    mbedtls_ssl_config          _conf;
@ -620,3 +624,5 @@ int entropy_poll( void *ctx, unsigned char *output, size_t len,
    ns_dyn_mem_free(c);
    return( 0 );
 }
+
+#endif // COAP_SECURITY_AVAILABLE
--- a/source/include/coap_security_handler.h
+++ b/source/include/coap_security_handler.h
@ -21,11 +21,13 @@
 #include <stddef.h>
 #include <inttypes.h>
 #include <stdbool.h>
-#include "mbedtls/platform.h"
+
+#ifdef NS_USE_EXTERNAL_MBED_TLS
 #include "mbedtls/ssl.h"
-#include "mbedtls/sha256.h"
-#include "mbedtls/entropy.h"
-#include "mbedtls/ctr_drbg.h"
+#ifdef MBEDTLS_SSL_TLS_C
+#define COAP_SECURITY_AVAILABLE
+#endif
+#endif

 #define COOKIE_SIMPLE_LEN 8
 typedef struct simple_cookie {
@ -68,6 +70,8 @@ typedef struct {

 typedef struct coap_security_s coap_security_t;

+#ifdef COAP_SECURITY_AVAILABLE
+
 coap_security_t *coap_security_create(int8_t socket_id, int8_t timer_id, void *handle,
                                          SecureConnectionMode mode,
                                          send_cb *send_cb,
@ -93,4 +97,26 @@ bool coap_security_handler_is_started(const coap_security_t *sec);

 const void *coap_security_handler_keyblock(const coap_security_t *sec);

+#else
+
+/* Dummy definitions, including needed error codes */
+#define MBEDTLS_ERR_SSL_TIMEOUT (-1)
+#define MBEDTLS_ERR_SSL_WANT_READ (-2)
+#define MBEDTLS_ERR_SSL_WANT_WRITE (-3)
+#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE (-4)
+
+#define coap_security_create(socket_id, timer_id, handle, \
+                             mode, send_cb, receive_cb, start_timer_cb, timer_status_cb) ((coap_security_t *) 0)
+#define coap_security_destroy(sec) ((void) 0)
+#define coap_security_handler_connect(sec, is_server, sock_mode, keys) (-1)
+#define coap_security_handler_connect_non_blocking(sec, is_server, sock_mode, keys, timeout_min, timeout_max) (-1)
+#define coap_security_handler_continue_connecting(sec) (-1)
+#define coap_security_handler_send_message(sec, message, len) (-1)
+#define coap_security_send_close_alert(sec) (-1)
+#define coap_security_handler_read(sec, buffer, len) (-1)
+#define coap_security_handler_is_started(sec) false
+#define coap_security_handler_keyblock(sec) ((void *) 0)
+
+#endif /* COAP_SECURITY_AVAILABLE */
+
 #endif