Adapt script and instructions for alt config.h
This commit is contained in:
Manuel Pégourié-Gonnard
Paul Bakker
Родитель
cef4ad2509
Коммит
0bc1f23dfd
|
|
@ -0,0 +1,24 @@
|
|||
This directory contains example configuration files.
|
||||
|
||||
The examples are generally focused on a particular usage case (eg, support for
|
||||
a restricted number of ciphersuites) and aim at minimizing resource usage for
|
||||
this target. They can be used as a basis for custom configurations.
|
||||
|
||||
These files are complete replacements for the default config.h. To use one of
|
||||
them, you can pick one of the following methods:
|
||||
|
||||
1. Replace the default file include/polarssl/config.h with the chosen one.
|
||||
|
||||
2. Define POLARSSL_CONFIG_FILE and adjust the include path accordingly.
|
||||
For example, using make:
|
||||
|
||||
CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" make
|
||||
|
||||
Or, using cmake:
|
||||
|
||||
rm CMakeCache.txt
|
||||
CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" cmake .
|
||||
make
|
||||
|
||||
Note that the second method also works if you want to keep your custom
|
||||
configuration file outside the PolarSSL tree.
|
||||
|
|
@ -2,10 +2,17 @@
|
|||
* Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
|
||||
* required ciphersuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||
*
|
||||
* Can be activated with:
|
||||
* scripts/activate-config.pl configs/config-mini-tls1_1.h
|
||||
* See README.txt for usage instructions.
|
||||
*/
|
||||
|
||||
#ifndef POLARSSL_CONFIG_H
|
||||
#define POLARSSL_CONFIG_H
|
||||
|
||||
/* System support */
|
||||
#define POLARSSL_HAVE_ASM
|
||||
#define POLARSSL_HAVE_TIME
|
||||
#define POLARSSL_HAVE_IPV6
|
||||
|
||||
/* PolarSSL feature support */
|
||||
#define POLARSSL_CIPHER_MODE_CBC
|
||||
#define POLARSSL_PKCS1_V15
|
||||
|
|
@ -44,5 +51,4 @@
|
|||
/* For testing with compat.sh */
|
||||
#define POLARSSL_FS_IO
|
||||
|
||||
/* marker for activate-config.pl
|
||||
* \} name SECTION: PolarSSL modules */
|
||||
#endif /* POLARSSL_CONFIG_H */
|
||||
|
|
|
|||
|
|
@ -2,10 +2,16 @@
|
|||
* Custom compact configuration for TLS 1.0 with PSK and RC4
|
||||
* Distinguishing features: no bignum, no PK, no X509.
|
||||
*
|
||||
* Can be activated with:
|
||||
* scripts/activate-config.pl configs/config-mini-tls1_1.h
|
||||
* See README.txt for usage instructions.
|
||||
*/
|
||||
|
||||
#ifndef POLARSSL_CONFIG_H
|
||||
#define POLARSSL_CONFIG_H
|
||||
|
||||
/* System support */
|
||||
#define POLARSSL_HAVE_TIME
|
||||
#define POLARSSL_HAVE_IPV6
|
||||
|
||||
/* PolarSSL feature support */
|
||||
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
|
||||
#define POLARSSL_SSL_PROTO_TLS1
|
||||
|
|
@ -28,5 +34,4 @@
|
|||
#define POLARSSL_SSL_SRV_C
|
||||
#define POLARSSL_SSL_TLS_C
|
||||
|
||||
/* marker for activate-config.pl
|
||||
* \} name SECTION: PolarSSL modules */
|
||||
#endif /* POLARSSL_CONFIG_H */
|
||||
|
|
|
|||
|
|
@ -1,10 +1,17 @@
|
|||
/*
|
||||
* Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
|
||||
*
|
||||
* Can be activated with:
|
||||
* scripts/activate-config.pl configs/config-mini-tls1_1.h
|
||||
* See README.txt for usage instructions.
|
||||
*/
|
||||
|
||||
#ifndef POLARSSL_CONFIG_H
|
||||
#define POLARSSL_CONFIG_H
|
||||
|
||||
/* System support */
|
||||
#define POLARSSL_HAVE_ASM
|
||||
#define POLARSSL_HAVE_TIME
|
||||
#define POLARSSL_HAVE_IPV6
|
||||
|
||||
/* PolarSSL feature support */
|
||||
#define POLARSSL_ECP_DP_SECP256R1_ENABLED
|
||||
#define POLARSSL_ECP_DP_SECP384R1_ENABLED
|
||||
|
|
@ -44,5 +51,4 @@
|
|||
/* For testing with compat.sh */
|
||||
#define POLARSSL_FS_IO
|
||||
|
||||
/* marker for activate-config.pl
|
||||
* \} name SECTION: PolarSSL modules */
|
||||
#endif /* POLARSSL_CONFIG_H */
|
||||
|
|
|
|||
|
|
@ -1,68 +1,9 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
# DEPRECATED!
|
||||
#
|
||||
# activate a pre-defined configuration
|
||||
|
||||
use warnings;
|
||||
use strict;
|
||||
|
||||
my $config_h = "include/polarssl/config.h";
|
||||
|
||||
exit( main() );
|
||||
|
||||
sub read_default {
|
||||
open my $fh, '<', $config_h or die "Failed to read $config_h: $!\n";
|
||||
|
||||
my (@pre, @post);
|
||||
my $state = 'pre';
|
||||
|
||||
while( my $line = <$fh> ) {
|
||||
if( $state eq 'pre' ) {
|
||||
push @pre, $line;
|
||||
$state = 'skip' if $line =~ /} name SECTION: System support/;
|
||||
}
|
||||
elsif( $state eq 'skip' ) {
|
||||
$state = 'post' if $line =~/} name SECTION: PolarSSL modules/;
|
||||
}
|
||||
else {
|
||||
push @post, $line;
|
||||
}
|
||||
}
|
||||
|
||||
die "Failed to parse $config_h\n" if( $state ne 'post' );
|
||||
|
||||
close $fh;
|
||||
|
||||
push @pre, "\n";
|
||||
|
||||
return \@pre, \@post;
|
||||
}
|
||||
|
||||
sub read_custom {
|
||||
my ($file_name) = @_;
|
||||
|
||||
open my $fh, '<', $file_name or die "Failed to read $file_name: $!\n";
|
||||
my @content = <$fh>;
|
||||
close $fh;
|
||||
|
||||
return \@content;
|
||||
}
|
||||
|
||||
sub write_custom {
|
||||
my ($pre, $mid, $post) = @_;
|
||||
|
||||
open my $fh, '>', $config_h or die "Failed to write $config_h: $!\n";
|
||||
print $fh @$pre;
|
||||
print $fh @$mid;
|
||||
print $fh @$post;
|
||||
close $fh;
|
||||
}
|
||||
|
||||
sub main {
|
||||
my $custom_file_name = $ARGV[0];
|
||||
|
||||
my ($pre, $post) = read_default();
|
||||
my $mine = read_custom( $custom_file_name );
|
||||
write_custom( $pre, $mine, $post );
|
||||
|
||||
return 0;
|
||||
}
|
||||
print "This script is deprecated!\n";
|
||||
print "See configs/README.txt regarding alternative config.h usage\n";
|
||||
exit 1;
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ while( my ($conf, $args) = each %configs ) {
|
|||
print "* Testing configuration: $conf\n";
|
||||
print "******************************************\n";
|
||||
|
||||
system( "scripts/activate-config.pl configs/$conf" )
|
||||
system( "cp configs/$conf $config_h" )
|
||||
and abort "Failed to activate $conf\n";
|
||||
|
||||
system( "make" ) and abort "Failed to build: $conf\n";
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче