Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO
The introduction of positive options to control the presence
of pre-existing functionality breaks the build for users of
handwritten configurations.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index d8353a9..1e97795 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -241,13 +241,13 @@
* MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */
if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
char vrfy_buf[512];
#endif
mbedtls_printf( " failed\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
mbedtls_printf( "%s\n", vrfy_buf );
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index eea3c9b..6624224 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -216,13 +216,13 @@
/* In real life, we probably want to bail out when ret != 0 */
if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
char vrfy_buf[512];
#endif
mbedtls_printf( " failed\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
mbedtls_printf( "%s\n", vrfy_buf );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index bf260c3..6e957f5 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -529,12 +529,12 @@
static int my_verify( void *data, mbedtls_x509_crt *crt,
int depth, uint32_t *flags )
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
char buf[1024];
#endif
((void) data);
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
if( depth == 0 )
memcpy( peer_crt_info, buf, sizeof( buf ) );
@@ -553,7 +553,7 @@
mbedtls_printf( " This certificate has no flags\n" );
else
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_verify_info( buf, sizeof( buf ), " ! ", *flags );
mbedtls_printf( "%s\n", buf );
#endif
@@ -2284,13 +2284,13 @@
if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
char vrfy_buf[512];
#endif
mbedtls_printf( " failed\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ),
" ! ", flags );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 7990376..428c643 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -208,13 +208,13 @@
/* In real life, we probably want to bail out when ret != 0 */
if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 )
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
char vrfy_buf[512];
#endif
mbedtls_printf( " failed\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
mbedtls_printf( "%s\n", vrfy_buf );
@@ -223,7 +223,7 @@
else
mbedtls_printf( " ok\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_printf( " . Peer certificate information ...\n" );
mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
mbedtls_ssl_get_peer_cert( ssl ) );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 6d1ef6c..d3a4ed3 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -3134,7 +3134,7 @@
{
mbedtls_printf( " failed\n ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
{
char vrfy_buf[512];
@@ -3188,13 +3188,13 @@
if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
{
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
char vrfy_buf[512];
#endif
mbedtls_printf( " failed\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), " ! ", flags );
mbedtls_printf( "%s\n", vrfy_buf );
@@ -3203,7 +3203,7 @@
else
mbedtls_printf( " ok\n" );
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL )
{
char crt_buf[512];
@@ -3213,7 +3213,7 @@
mbedtls_ssl_get_peer_cert( &ssl ) );
mbedtls_printf( "%s\n", crt_buf );
}
-#endif /* MBEDTLS_X509_INFO */
+#endif /* MBEDTLS_X509_REMOVE_INFO */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 98ea30e..0cd3b81 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -1643,13 +1643,13 @@
}
#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
-#if defined(MBEDTLS_X509_INFO)
- if( strcmp( "MBEDTLS_X509_INFO", config ) == 0 )
+#if defined(MBEDTLS_X509_REMOVE_INFO)
+ if( strcmp( "MBEDTLS_X509_REMOVE_INFO", config ) == 0 )
{
- MACRO_EXPANSION_TO_STR( MBEDTLS_X509_INFO );
+ MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_INFO );
return( 0 );
}
-#endif /* MBEDTLS_X509_INFO */
+#endif /* MBEDTLS_X509_REMOVE_INFO */
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 )
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index 765a82e..5319474 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -41,14 +41,14 @@
!defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_CLI_C) || \
!defined(MBEDTLS_NET_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_X509_INFO) || !defined(MBEDTLS_CTR_DRBG_C)
+ !!defined(MBEDTLS_X509_REMOVE_INFO) || !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
"MBEDTLS_SSL_TLS_C and/or MBEDTLS_SSL_CLI_C and/or "
"MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_X509_CRT_PARSE_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_X509_INFO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
+ "MBEDTLS_X509_REMOVE_INFO and/or MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit( 0 );
}
#else
diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c
index 8502812..029bdd3 100644
--- a/programs/x509/crl_app.c
+++ b/programs/x509/crl_app.c
@@ -36,12 +36,12 @@
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CRL_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_X509_INFO)
+ !!defined(MBEDTLS_X509_REMOVE_INFO)
int main( void )
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_X509_CRL_PARSE_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_X509_INFO not defined.\n");
+ "MBEDTLS_X509_REMOVE_INFO not defined.\n");
mbedtls_exit( 0 );
}
#else
diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c
index df1dba8..351dd16 100644
--- a/programs/x509/req_app.c
+++ b/programs/x509/req_app.c
@@ -36,12 +36,12 @@
#if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(MBEDTLS_X509_CSR_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
- !defined(MBEDTLS_X509_INFO)
+ !!defined(MBEDTLS_X509_REMOVE_INFO)
int main( void )
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
"MBEDTLS_X509_CSR_PARSE_C and/or MBEDTLS_FS_IO and/or "
- "MBEDTLS_X509_INFO not defined.\n");
+ "MBEDTLS_X509_REMOVE_INFO not defined.\n");
mbedtls_exit( 0 );
}
#else