Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build library failed for server mode only: missing-prototypes for mbedtls_ssl_conf_has_static_psk #9186

Closed
M-Bab opened this issue May 27, 2024 · 1 comment · Fixed by #9189
Closed

Build library failed for server mode only: missing-prototypes for mbedtls_ssl_conf_has_static_psk #9186

M-Bab opened this issue May 27, 2024 · 1 comment · Fixed by #9189
Labels
bug component-tls size-xs Estimated task size: extra small (a few hours at most)

Comments

@M-Bab
Copy link

M-Bab commented May 27, 2024

Summary

I stumbled on this bug using mbedtls with the ESP-IDF Framework. But I was unsure if this is a general bug of mbedtls, so I cloned the original code and could reproduce the build fail with the most recent v3.6.0 and develop

System information

Mbed TLS version (number or commit id): v3.6.0 and develop
Operating system and version: Manjaro 24.0
Configuration (if not default, please attach mbedtls_config.h): Undefine MBEDTLS_SSL_CLI_C
Compiler and options (if you used a pre-built binary, please indicate how you obtained it): GCC 13
Additional environment information: -

Expected behavior

I should be able to build the mbedtls library without client mode. After all it looks like MBEDTLS_SSL_CLI_C is a selectable option in mbedtls_config.h. More technical insight in "Additional information".

Actual behavior

Build fails with:

Software/mbedtls/library/ssl_tls.c:2120:5: error: no previous prototype for ‘mbedtls_ssl_conf_has_static_psk’ [-Werror=missing-prototypes]
 2120 | int mbedtls_ssl_conf_has_static_psk(mbedtls_ssl_config const *conf)

More technical insight in "Additional information".

Steps to reproduce

From an unmodified clone: Undefine MBEDTLS_SSL_CLI_C (e.g. comment it out) and try to build the library using CMake.

Additional information

I think I figured the problem out already:

  1. If we are in the MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED situation ssl_tls.c defines and uses the function mbedtls_ssl_conf_has_static_psk.
  2. But for the prototype declaration of the external function the define above is not enough: It also needs MBEDTLS_SSL_CLI_C
  3. This leads to the situation of a used function without prototype and mbedtls takes this pretty seriously. At least it looks like the Werror=missing-prototypes setting is very intentional in the CMake configuration file.
  4. Solution: Definitely declaration, definition and usage of the functions should all be aligned under the same define-requirements. Most likely either the MBEDTLS_SSL_CLI_C needs to be removed from the header or added in the source. But I am not enough of an mbedtls expert to create a PR right away.
@misch7
Copy link
Contributor

misch7 commented May 27, 2024

I can confirm the issue (and the proposed solution :). Ran into it just a few days ago and created a local (working) patch. My PR will follow today.

misch7 added a commit to misch7/mbedtls that referenced this issue May 27, 2024
@misch7
Fix server mode only build of 3.6 with MBEDTLS_SSL_CLI_C unset (fixes M…
9cd2e4c 
…bed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
@misch7 misch7 mentioned this issue May 27, 2024
Merged
5 tasks
@gilles-peskine-arm gilles-peskine-arm added bug component-tls size-xs Estimated task size: extra small (a few hours at most) labels May 27, 2024
misch7 added a commit to misch7/mbedtls that referenced this issue Jun 5, 2024
@misch7
Fix server mode only build of 3.6 with MBEDTLS_SSL_CLI_C unset (fixes M…
bf2de5b 
…bed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
misch7 added a commit to misch7/mbedtls that referenced this issue Jun 11, 2024
@misch7
Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes
7331902 
…Mbed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
misch7 added a commit to misch7/mbedtls that referenced this issue Jul 18, 2024
@misch7
Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes
d53a803 
…Mbed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
misch7 added a commit to misch7/mbedtls that referenced this issue Jul 24, 2024
@misch7
Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes
830d704 
…Mbed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
@minosgalanakis minosgalanakis moved this to 3.6.1 patch release in Mbed TLS Epics Aug 2, 2024
minosgalanakis pushed a commit to minosgalanakis/mbedtls that referenced this issue Aug 6, 2024
@misch7 @minosgalanakis
Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes
c9184fe 
…Mbed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
@minosgalanakis minosgalanakis mentioned this issue Aug 6, 2024
Merged
5 tasks
minosgalanakis pushed a commit to misch7/mbedtls that referenced this issue Aug 9, 2024
@misch7 @minosgalanakis
Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes
4394067 
…Mbed-TLS#9186)

Signed-off-by: Michael Schuster <michael@schuster.ms>
github-merge-queue bot pushed a commit that referenced this issue Aug 12, 2024
@gilles-peskine-arm
Merge pull request #9189 from misch7/fix-v3.6-issues-9186-and-9188
0858fdc 
Fix build of v3.6 (issues #9186 and #9188)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug component-tls size-xs Estimated task size: extra small (a few hours at most)
Projects
Mbed TLS Epics
Status: 3.6.1 patch release
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix build of v3.6 (issues #9186 and #9188) misch7/mbedtls
3 participants
@M-Bab @gilles-peskine-arm @misch7