Commit 0bc1f23d authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard Committed by Paul Bakker
Browse files

Adapt script and instructions for alt config.h

parent cef4ad25
This directory contains example configuration files.
The examples are generally focused on a particular usage case (eg, support for
a restricted number of ciphersuites) and aim at minimizing resource usage for
this target. They can be used as a basis for custom configurations.
These files are complete replacements for the default config.h. To use one of
them, you can pick one of the following methods:
1. Replace the default file include/polarssl/config.h with the chosen one.
2. Define POLARSSL_CONFIG_FILE and adjust the include path accordingly.
For example, using make:
CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" make
Or, using cmake:
rm CMakeCache.txt
CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" cmake .
make
Note that the second method also works if you want to keep your custom
configuration file outside the PolarSSL tree.
......@@ -2,10 +2,17 @@
* Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
* required ciphersuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA
*
* Can be activated with:
* scripts/activate-config.pl configs/config-mini-tls1_1.h
* See README.txt for usage instructions.
*/
#ifndef POLARSSL_CONFIG_H
#define POLARSSL_CONFIG_H
/* System support */
#define POLARSSL_HAVE_ASM
#define POLARSSL_HAVE_TIME
#define POLARSSL_HAVE_IPV6
/* PolarSSL feature support */
#define POLARSSL_CIPHER_MODE_CBC
#define POLARSSL_PKCS1_V15
......@@ -44,5 +51,4 @@
/* For testing with compat.sh */
#define POLARSSL_FS_IO
/* marker for activate-config.pl
* \} name SECTION: PolarSSL modules */
#endif /* POLARSSL_CONFIG_H */
......@@ -2,10 +2,16 @@
* Custom compact configuration for TLS 1.0 with PSK and RC4
* Distinguishing features: no bignum, no PK, no X509.
*
* Can be activated with:
* scripts/activate-config.pl configs/config-mini-tls1_1.h
* See README.txt for usage instructions.
*/
#ifndef POLARSSL_CONFIG_H
#define POLARSSL_CONFIG_H
/* System support */
#define POLARSSL_HAVE_TIME
#define POLARSSL_HAVE_IPV6
/* PolarSSL feature support */
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
#define POLARSSL_SSL_PROTO_TLS1
......@@ -28,5 +34,4 @@
#define POLARSSL_SSL_SRV_C
#define POLARSSL_SSL_TLS_C
/* marker for activate-config.pl
* \} name SECTION: PolarSSL modules */
#endif /* POLARSSL_CONFIG_H */
/*
* Minimal configuration for TLS NSA Suite B Profile (RFC 6460)
*
* Can be activated with:
* scripts/activate-config.pl configs/config-mini-tls1_1.h
* See README.txt for usage instructions.
*/
#ifndef POLARSSL_CONFIG_H
#define POLARSSL_CONFIG_H
/* System support */
#define POLARSSL_HAVE_ASM
#define POLARSSL_HAVE_TIME
#define POLARSSL_HAVE_IPV6
/* PolarSSL feature support */
#define POLARSSL_ECP_DP_SECP256R1_ENABLED
#define POLARSSL_ECP_DP_SECP384R1_ENABLED
......@@ -44,5 +51,4 @@
/* For testing with compat.sh */
#define POLARSSL_FS_IO
/* marker for activate-config.pl
* \} name SECTION: PolarSSL modules */
#endif /* POLARSSL_CONFIG_H */
#!/usr/bin/perl
# DEPRECATED!
#
# activate a pre-defined configuration
use warnings;
use strict;
my $config_h = "include/polarssl/config.h";
exit( main() );
sub read_default {
open my $fh, '<', $config_h or die "Failed to read $config_h: $!\n";
my (@pre, @post);
my $state = 'pre';
while( my $line = <$fh> ) {
if( $state eq 'pre' ) {
push @pre, $line;
$state = 'skip' if $line =~ /} name SECTION: System support/;
}
elsif( $state eq 'skip' ) {
$state = 'post' if $line =~/} name SECTION: PolarSSL modules/;
}
else {
push @post, $line;
}
}
die "Failed to parse $config_h\n" if( $state ne 'post' );
close $fh;
push @pre, "\n";
return \@pre, \@post;
}
sub read_custom {
my ($file_name) = @_;
open my $fh, '<', $file_name or die "Failed to read $file_name: $!\n";
my @content = <$fh>;
close $fh;
return \@content;
}
sub write_custom {
my ($pre, $mid, $post) = @_;
open my $fh, '>', $config_h or die "Failed to write $config_h: $!\n";
print $fh @$pre;
print $fh @$mid;
print $fh @$post;
close $fh;
}
sub main {
my $custom_file_name = $ARGV[0];
my ($pre, $post) = read_default();
my $mine = read_custom( $custom_file_name );
write_custom( $pre, $mine, $post );
return 0;
}
print "This script is deprecated!\n";
print "See configs/README.txt regarding alternative config.h usage\n";
exit 1;
......@@ -49,7 +49,7 @@ while( my ($conf, $args) = each %configs ) {
print "* Testing configuration: $conf\n";
print "******************************************\n";
system( "scripts/activate-config.pl configs/$conf" )
system( "cp configs/$conf $config_h" )
and abort "Failed to activate $conf\n";
system( "make" ) and abort "Failed to build: $conf\n";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment