Also compiles / runs without time-based functions in OS
Can now run without need of time() / localtime() and gettimeofday()
diff --git a/ChangeLog b/ChangeLog
index beff0b6..0ee0cee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,7 @@
* PSK and DHE-PSK based ciphersuites added
* Memory allocation abstraction layer added
* Buffer-based memory allocator added (no malloc() / free() / HEAP usage)
+ * Also compiles / runs without time-based functions (!POLARSSL_HAVE_TIME)
Changes
* Introduced separate SSL Ciphersuites module that is based on
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 84f4fe1..5742fe5 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -94,6 +94,15 @@
*
#define POLARSSL_HAVE_SSE2
*/
+
+/**
+ * \def POLARSSL_HAVE_TIME
+ *
+ * System has time.h and time() / localtime() / gettimeofday()
+ *
+ * Comment if your system does not support time functions
+ */
+#define POLARSSL_HAVE_TIME
/* \} name */
/**
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 4bc0fad..eca6879 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -27,8 +27,6 @@
#ifndef POLARSSL_SSL_H
#define POLARSSL_SSL_H
-#include <time.h>
-
#include "config.h"
#include "net.h"
#include "bignum.h"
@@ -60,6 +58,10 @@
#include "zlib.h"
#endif
+#if defined(POLARSSL_HAVE_TIME)
+#include <time.h>
+#endif
+
#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
@@ -306,7 +308,9 @@
*/
struct _ssl_session
{
+#if defined(POLARSSL_HAVE_TIME)
time_t start; /*!< starting time */
+#endif
int ciphersuite; /*!< chosen ciphersuite */
int compression; /*!< chosen compression */
size_t length; /*!< session id length */
diff --git a/include/polarssl/ssl_cache.h b/include/polarssl/ssl_cache.h
index c47330d..979dc14 100644
--- a/include/polarssl/ssl_cache.h
+++ b/include/polarssl/ssl_cache.h
@@ -46,7 +46,9 @@
*/
struct _ssl_cache_entry
{
+#if defined(POLARSSL_HAVE_TIME)
time_t timestamp; /*!< entry timestamp */
+#endif
ssl_session session; /*!< entry session */
#if defined(POLARSSL_X509_PARSE_C)
x509_buf peer_cert; /*!< entry peer_cert */
@@ -87,6 +89,7 @@
*/
int ssl_cache_set( void *data, const ssl_session *session );
+#if defined(POLARSSL_HAVE_TIME)
/**
* \brief Set the cache timeout
* (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day))
@@ -97,6 +100,7 @@
* \param timeout cache entry timeout
*/
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
+#endif /* POLARSSL_HAVE_TIME */
/**
* \brief Set the cache timeout
diff --git a/library/asn1parse.c b/library/asn1parse.c
index d0a2234..5b86aa6 100644
--- a/library/asn1parse.c
+++ b/library/asn1parse.c
@@ -42,7 +42,6 @@
#include <string.h>
#include <stdlib.h>
-#include <time.h>
/*
* ASN.1 DER decoding routines
diff --git a/library/havege.c b/library/havege.c
index ff302c5..4d6f418 100644
--- a/library/havege.c
+++ b/library/havege.c
@@ -38,7 +38,6 @@
#include "polarssl/timing.h"
#include <string.h>
-#include <time.h>
/* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK
diff --git a/library/net.c b/library/net.c
index 7a1818d..da7214d 100644
--- a/library/net.c
+++ b/library/net.c
@@ -1,7 +1,7 @@
/*
* TCP networking functions
*
- * Copyright (C) 2006-2010, Brainspark B.V.
+ * Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
@@ -52,7 +52,9 @@
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#if defined(POLARSSL_HAVE_TIME)
#include <sys/time.h>
+#endif
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
@@ -74,7 +76,10 @@
#include <stdlib.h>
#include <stdio.h>
+
+#if defined(POLARSSL_HAVE_TIME)
#include <time.h>
+#endif
#ifdef _MSC_VER
#include <basetsd.h>
@@ -293,6 +298,7 @@
#endif
}
+#if defined(POLARSSL_HAVE_TIME)
/*
* Portable usleep helper
*/
@@ -303,6 +309,7 @@
tv.tv_usec = usec;
select( 0, NULL, NULL, NULL, &tv );
}
+#endif /* POLARSSL_HAVE_TIME */
/*
* Read at most 'len' characters
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index bc4326a..f5d3e48 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -52,7 +52,9 @@
int ssl_cache_get( void *data, ssl_session *session )
{
+#if defined(POLARSSL_HAVE_TIME)
time_t t = time( NULL );
+#endif
ssl_cache_context *cache = (ssl_cache_context *) data;
ssl_cache_entry *cur, *entry;
@@ -64,9 +66,11 @@
entry = cur;
cur = cur->next;
+#if defined(POLARSSL_HAVE_TIME)
if( cache->timeout != 0 &&
(int) ( t - entry->timestamp ) > cache->timeout )
continue;
+#endif
if( session->ciphersuite != entry->session.ciphersuite ||
session->compression != entry->session.compression ||
@@ -108,9 +112,12 @@
int ssl_cache_set( void *data, const ssl_session *session )
{
+#if defined(POLARSSL_HAVE_TIME)
time_t t = time( NULL ), oldest = 0;
+ ssl_cache_entry *old = NULL;
+#endif
ssl_cache_context *cache = (ssl_cache_context *) data;
- ssl_cache_entry *cur, *prv, *old = NULL;
+ ssl_cache_entry *cur, *prv;
int count = 0;
cur = cache->chain;
@@ -120,21 +127,25 @@
{
count++;
+#if defined(POLARSSL_HAVE_TIME)
if( cache->timeout != 0 &&
(int) ( t - cur->timestamp ) > cache->timeout )
{
cur->timestamp = t;
break; /* expired, reuse this slot, update timestamp */
}
+#endif
if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 )
break; /* client reconnected, keep timestamp for session id */
+#if defined(POLARSSL_HAVE_TIME)
if( oldest == 0 || cur->timestamp < oldest )
{
oldest = cur->timestamp;
old = cur;
}
+#endif
prv = cur;
cur = cur->next;
@@ -142,6 +153,7 @@
if( cur == NULL )
{
+#if defined(POLARSSL_HAVE_TIME)
/*
* Reuse oldest entry if max_entries reached
*/
@@ -157,6 +169,31 @@
}
#endif /* POLARSSL_X509_PARSE_C */
}
+#else /* POLARSSL_HAVE_TIME */
+ /*
+ * Reuse first entry in chain if max_entries reached,
+ * but move to last place
+ */
+ if( count >= cache->max_entries )
+ {
+ if( cache->chain == NULL )
+ return( 1 );
+
+ cur = cache->chain;
+ cache->chain = cur->next;
+
+#if defined(POLARSSL_X509_PARSE_C)
+ if( cur->peer_cert.p != NULL )
+ {
+ polarssl_free( cur->peer_cert.p );
+ memset( &cur->peer_cert, 0, sizeof(x509_buf) );
+ }
+#endif /* POLARSSL_X509_PARSE_C */
+
+ memset( cur, 0, sizeof(ssl_cache_entry) );
+ prv->next = cur;
+ }
+#endif /* POLARSSL_HAVE_TIME */
else
{
cur = (ssl_cache_entry *) polarssl_malloc( sizeof(ssl_cache_entry) );
@@ -171,7 +208,9 @@
prv->next = cur;
}
+#if defined(POLARSSL_HAVE_TIME)
cur->timestamp = t;
+#endif
}
memcpy( &cur->session, session, sizeof( ssl_session ) );
@@ -197,12 +236,14 @@
return( 0 );
}
+#if defined(POLARSSL_HAVE_TIME)
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout )
{
if( timeout < 0 ) timeout = 0;
cache->timeout = timeout;
}
+#endif /* POLARSSL_HAVE_TIME */
void ssl_cache_set_max_entries( ssl_cache_context *cache, int max )
{
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 93d81a6..6496b84 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -32,7 +32,17 @@
#include <stdlib.h>
#include <stdio.h>
+
+#ifdef _MSC_VER
+#include <basetsd.h>
+typedef UINT32 uint32_t;
+#else
+#include <inttypes.h>
+#endif
+
+#if defined(POLARSSL_HAVE_TIME)
#include <time.h>
+#endif
static void ssl_write_hostname_ext( ssl_context *ssl,
unsigned char *buf,
@@ -265,7 +275,9 @@
size_t i, n, olen, ext_len = 0;
unsigned char *buf;
unsigned char *p, *q;
+#if defined(POLARSSL_HAVE_TIME)
time_t t;
+#endif
const int *ciphersuites;
const ssl_ciphersuite_t *ciphersuite_info;
@@ -299,6 +311,7 @@
SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]",
buf[4], buf[5] ) );
+#if defined(POLARSSL_HAVE_TIME)
t = time( NULL );
*p++ = (unsigned char)( t >> 24 );
*p++ = (unsigned char)( t >> 16 );
@@ -306,6 +319,12 @@
*p++ = (unsigned char)( t );
SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
+#else
+ if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 )
+ return( ret );
+
+ p += 4;
+#endif
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
return( ret );
@@ -483,9 +502,7 @@
static int ssl_parse_server_hello( ssl_context *ssl )
{
-#if defined(POLARSSL_DEBUG_C)
- time_t t;
-#endif
+ uint32_t t;
int ret, i, comp;
size_t n;
size_t ext_len = 0;
@@ -548,10 +565,10 @@
}
#if defined(POLARSSL_DEBUG_C)
- t = ( (time_t) buf[6] << 24 )
- | ( (time_t) buf[7] << 16 )
- | ( (time_t) buf[8] << 8 )
- | ( (time_t) buf[9] );
+ t = ( (uint32_t) buf[6] << 24 )
+ | ( (uint32_t) buf[7] << 16 )
+ | ( (uint32_t) buf[8] << 8 )
+ | ( (uint32_t) buf[9] );
#endif
memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 );
@@ -619,7 +636,9 @@
{
ssl->state++;
ssl->handshake->resume = 0;
+#if defined(POLARSSL_HAVE_TIME)
ssl->session_negotiate->start = time( NULL );
+#endif
ssl->session_negotiate->ciphersuite = i;
ssl->session_negotiate->compression = comp;
ssl->session_negotiate->length = n;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 2bf3725..451d445 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -35,7 +35,10 @@
#include <stdlib.h>
#include <stdio.h>
+
+#if defined(POLARSSL_HAVE_TIME)
#include <time.h>
+#endif
static int ssl_parse_servername_ext( ssl_context *ssl,
const unsigned char *buf,
@@ -933,7 +936,9 @@
static int ssl_write_server_hello( ssl_context *ssl )
{
+#if defined(POLARSSL_HAVE_TIME)
time_t t;
+#endif
int ret, n;
size_t ext_len = 0;
unsigned char *buf, *p;
@@ -956,6 +961,7 @@
SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]",
buf[4], buf[5] ) );
+#if defined(POLARSSL_HAVE_TIME)
t = time( NULL );
*p++ = (unsigned char)( t >> 24 );
*p++ = (unsigned char)( t >> 16 );
@@ -963,6 +969,12 @@
*p++ = (unsigned char)( t );
SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
+#else
+ if( ( ret = ssl->f_rng( ssl->p_rng, p, 4 ) ) != 0 )
+ return( ret );
+
+ p += 4;
+#endif
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
return( ret );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3ac60f5..cea90eb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -54,7 +54,6 @@
#endif
#include <stdlib.h>
-#include <time.h>
#if defined _MSC_VER && !defined strcasecmp
#define strcasecmp _stricmp
diff --git a/library/x509parse.c b/library/x509parse.c
index b27faf9..ea3a24a 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -2875,6 +2875,7 @@
/*
* Return 0 if the x509_time is still valid, or 1 otherwise.
*/
+#if defined(POLARSSL_HAVE_TIME)
int x509parse_time_expired( const x509_time *to )
{
int year, mon, day;
@@ -2941,6 +2942,13 @@
return( 0 );
}
+#else /* POLARSSL_HAVE_TIME */
+int x509parse_time_expired( const x509_time *to )
+{
+ ((void) to);
+ return( 0 );
+}
+#endif /* POLARSSL_HAVE_TIME */
/*
* Return 1 if the certificate is revoked, or 0 otherwise.
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 03112ad..e021ebb 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -56,7 +56,7 @@
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_SSL_TLS_C) || \
!defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_NET_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_CTR_DRBG_C) || \
- !defined(POLARSSL_X509_PARSE_C)
+ !defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_TIMING_C)
int main( int argc, char *argv[] )
{
((void) argc);
@@ -65,7 +65,8 @@
printf("POLARSSL_BIGNUM_C and/or POLARSSL_CERTS_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_SRV_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_PARSE_C not defined.\n");
+ "POLARSSL_CTR_DRBG_C and/or POLARSSL_X509_PARSE_C and/or "
+ "POLARSSL_TIMING_C not defined.\n");
return( 0 );
}
#elif defined(_WIN32)