From 13941c32f695e2d837a4df7305b2bea6410fdbdc Mon Sep 17 00:00:00 2001 From: Kevin Kane Date: Wed, 2 Nov 2016 12:57:38 -0700 Subject: [PATCH] [IOT-1511] Update mbedTLS to use 2.4.0 release tagged version Change-Id: I259709cd2024eb9eca83aa19c90783bc2a9f8c72 Signed-off-by: Kevin Kane Reviewed-on: https://gerrit.iotivity.org/gerrit/13973 Tested-by: jenkins-iotivity Reviewed-by: David Antler Reviewed-by: Habib Virji Reviewed-by: Oleksandr Dmytrenko Reviewed-by: Phil Coval --- extlibs/mbedtls/SConscript | 24 +++++++++++++-- extlibs/mbedtls/prep.sh | 36 ++++++++++++++++++++++ gbsbuild.sh | 17 ++-------- resource/csdk/connectivity/build/tizen/gbsbuild.sh | 8 ++--- .../csdk/stack/samples/tizen/build/gbsbuild.sh | 17 ++-------- .../EnrolleeSample/build/tizen/gbsbuild.sh | 10 ++---- 6 files changed, 67 insertions(+), 45 deletions(-) create mode 100755 extlibs/mbedtls/prep.sh diff --git a/extlibs/mbedtls/SConscript b/extlibs/mbedtls/SConscript index 1b7c3a8..0f0e1d5 100644 --- a/extlibs/mbedtls/SConscript +++ b/extlibs/mbedtls/SConscript @@ -26,7 +26,10 @@ import sys target_os = env.get('TARGET_OS') root_dir = env.get('SRC_DIR') mbedtls_dir = os.path.join(root_dir, 'extlibs','mbedtls','mbedtls/') -mbedtls_revision = 'ad249f509fd62a3bbea7ccd1fef605dbd482a7bd' +# Right now this script assumes the revision is a tag, and not a branch or an arbitrary +# commit. If this changes, update the check below, or else the script will always conclude +# the repo is not up to date because a tag with that name doesn't exist. +mbedtls_revision = 'mbedtls-2.4.0' if not os.path.exists(mbedtls_dir): print ''' @@ -36,6 +39,23 @@ if not os.path.exists(mbedtls_dir): *********************************************************************************** ''' Exit(1) + +# Tizen uses its own process to prepare the mbedTLS repo in gbsbuild.sh. Make sure +# the mbedtls_revision tag selected is the same as in extlibs/mbedtls/prep.sh. +# This code also assumes mbedtls_revision is a tag; if it changes to +# a branch or an arbitrary commit, disable this check below. +if target_os != 'tizen': + if not os.path.exists(os.path.join(mbedtls_dir, '.git', 'refs', 'tags', mbedtls_revision)): + print ''' +*********************************** Error: **************************************** +* Your mbedTLS repo is not up to date with the latest version we require. Please * +* update with the following commands: * +* $ cd extlibs/mbedtls/mbedtls * +* $ git fetch * +*********************************************************************************** + ''' + Exit(1) + start_dir = os.getcwd() os.chdir(mbedtls_dir) # Apply ocf patch on git revision @@ -57,7 +77,7 @@ mbedtls_env.AppendUnique(CFLAGS = ['-fPIC', '-Wall']) ###################################################################### mbedtls_src = [ 'mbedtls/library/debug.c', - 'mbedtls/library/net.c', + 'mbedtls/library/net_sockets.c', 'mbedtls/library/ssl_cache.c', 'mbedtls/library/ssl_ciphersuites.c', 'mbedtls/library/ssl_cli.c', diff --git a/extlibs/mbedtls/prep.sh b/extlibs/mbedtls/prep.sh new file mode 100755 index 0000000..5df58dc --- /dev/null +++ b/extlibs/mbedtls/prep.sh @@ -0,0 +1,36 @@ +#!/bin/sh + +set -e + +# Keep mbedtls_revision in sync with extlibs/mbedtls/SConscript's setting. Right now this script +# assumes mbedtls_revision is a tag; comment out the second clause if mbedtls_revision becomes +# a branch or a specific commit. +mbedtls_dir=`dirname -- "$(readlink -f "$0")"`/mbedtls +mbedtls_revision="mbedtls-2.4.0" +if [ ! -d ${mbedtls_dir} ]; then + echo "" + echo "*********************************** Error: ****************************************" + echo "* Please download mbedTLS using the following command: *" + echo "* $ git clone https://github.com/ARMmbed/mbedtls.git extlibs/mbedtls/mbedtls *" + echo "***********************************************************************************" + echo "" + exit +elif [ -d ${mbedtls_dir}/.git -a ! -f ${mbedtls_dir}/.git/refs/tags/${mbedtls_revision} ]; then + echo "" + echo "*********************************** Error: ****************************************" + echo "* mbedTLS repo is out of date. Please update mbedtls using the following commands:*" + echo "* $ cd (authoritative mbedTLS source repo location) *" + echo "* $ git fetch *" + echo "***********************************************************************************" + echo "" + exit +elif [ -d ${mbedtls_dir}/.git ]; then + cd ${mbedtls_dir} + git reset --hard ${mbedtls_revision} ; git apply --whitespace=fix ../ocf.patch + cd - + rm -rf ${mbedtls_dir}/.git* +else + echo "tizen: Checking if ocf.patch is applied in ${mbedtls_dir}" + grep -r 'TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256' "${mbedtls_dir}" +fi + diff --git a/gbsbuild.sh b/gbsbuild.sh index e514e6a..7cb7285 100755 --- a/gbsbuild.sh +++ b/gbsbuild.sh @@ -86,21 +86,8 @@ done if [ $secured -eq 1 ];then echo `pwd` - if [ -d ./extlibs/mbedtls/mbedtls ];then - cd ./extlibs/mbedtls/mbedtls - git reset --hard ad249f509fd62a3bbea7ccd1fef605dbd482a7bd ; git apply ../ocf.patch - cd - - rm -rf ./extlibs/mbedtls/mbedtls/.git* - - else - echo "" - echo "*********************************** Error: ****************************************" - echo "* Please download mbedtls using the following command: *" - echo "* $ git clone https://github.com/ARMmbed/mbedtls.git extlibs/mbedtls/mbedtls *" - echo "***********************************************************************************" - echo "" - exit - fi + # Prepare mbedTLS dependency + $SHELL ./extlibs/mbedtls/prep.sh fi rm -rf ./extlibs/tinycbor/tinycbor/.git* diff --git a/resource/csdk/connectivity/build/tizen/gbsbuild.sh b/resource/csdk/connectivity/build/tizen/gbsbuild.sh index 8ccc9b1..458e227 100755 --- a/resource/csdk/connectivity/build/tizen/gbsbuild.sh +++ b/resource/csdk/connectivity/build/tizen/gbsbuild.sh @@ -87,12 +87,8 @@ cp -R $sourcedir/iotivity.pc.in $sourcedir/tmp/ cd $sourcedir/tmp echo `pwd` -if [ -d ./extlibs/mbedtls/mbedtls ];then - cd ./extlibs/mbedtls/mbedtls - git reset --hard ad249f509fd62a3bbea7ccd1fef605dbd482a7bd ; git apply --whitespace=fix ../ocf.patch - cd - - rm -rf ./extlibs/mbedtls/mbedtls/.git* -fi +# Prepare mbedTLS dependency +$SHELL ./extlibs/mbedtls/prep.sh whoami # Initialize Git repository diff --git a/resource/csdk/stack/samples/tizen/build/gbsbuild.sh b/resource/csdk/stack/samples/tizen/build/gbsbuild.sh index 97e77bd..ddc18cb 100644 --- a/resource/csdk/stack/samples/tizen/build/gbsbuild.sh +++ b/resource/csdk/stack/samples/tizen/build/gbsbuild.sh @@ -89,21 +89,8 @@ cp -R $sourcedir/iotivity.pc.in $sourcedir/tmp/ cd $sourcedir/tmp echo `pwd` - -# Apply OCF patch on upstream's git only once -# Note, If building from scratch using GBS, git patches are more convenient -mbedtls_revision="ad249f509fd62a3bbea7ccd1fef605dbd482a7bd" -mbedtls_dir="./extlibs/mbedtls/mbedtls/" -if [ -f "${mbedtls_dir}/.git/HEAD" ];then - cd "${mbedtls_dir}" - git reset --hard "${mbedtls_revision}" - git apply --whitespace=fix "../ocf.patch" - cd - - rm -rf "${mbedtls_dir}/.git" -else - echo "tizen: Checking if ocf.patch is applied in ${mbedtls_dir}" - grep -r 'TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256' "${mbedtls_dir}" -fi +# Prepare mbedTLS dependency +$SHELL ./extlibs/mbedtls/prep.sh whoami # Initialize Git repository diff --git a/service/easy-setup/sampleapp/enrollee/tizen-sdb/EnrolleeSample/build/tizen/gbsbuild.sh b/service/easy-setup/sampleapp/enrollee/tizen-sdb/EnrolleeSample/build/tizen/gbsbuild.sh index dfcadac..c66fc44 100644 --- a/service/easy-setup/sampleapp/enrollee/tizen-sdb/EnrolleeSample/build/tizen/gbsbuild.sh +++ b/service/easy-setup/sampleapp/enrollee/tizen-sdb/EnrolleeSample/build/tizen/gbsbuild.sh @@ -59,14 +59,10 @@ cp -R $sourcedir/iotivity.pc.in $sourcedir/tmp cd $sourcedir/tmp echo `pwd` -if [ -d ./extlibs/mbedtls/mbedtls ];then - cd ./extlibs/mbedtls/mbedtls - git reset --hard ad249f509fd62a3bbea7ccd1fef605dbd482a7bd ; git apply --whitespace=fix ../ocf.patch - cd - - rm -rf ./extlibs/mbedtls/mbedtls/.git* -fi -rm -rf ./extlibs/tinycbor/tinycbor/.git* +# Prepare mbedTLS dependency +$SHELL ./extlibs/mbedtls/prep.sh +rm -rf ./extlibs/tinycbor/tinycbor/.git* # Build IoTivity # Initialize Git repository -- 2.7.4