diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/bullet/rigid_body_bullet.cpp | 3 | ||||
| -rw-r--r-- | modules/bullet/space_bullet.cpp | 2 | ||||
| -rwxr-xr-x | modules/mbedtls/SCsub | 91 | ||||
| -rwxr-xr-x[-rw-r--r--] | modules/mbedtls/config.py (renamed from modules/openssl/config.py) | 0 | ||||
| -rwxr-xr-x[-rw-r--r--] | modules/mbedtls/register_types.cpp (renamed from modules/openssl/register_types.cpp) | 12 | ||||
| -rwxr-xr-x[-rw-r--r--] | modules/mbedtls/register_types.h (renamed from modules/openssl/register_types.h) | 4 | ||||
| -rwxr-xr-x | modules/mbedtls/stream_peer_mbed_tls.cpp | 325 | ||||
| -rwxr-xr-x[-rw-r--r--] | modules/mbedtls/stream_peer_mbed_tls.h (renamed from modules/openssl/stream_peer_openssl.h) | 63 | ||||
| -rw-r--r-- | modules/mono/SCsub | 4 | ||||
| -rw-r--r-- | modules/openssl/SCsub | 696 | ||||
| -rw-r--r-- | modules/openssl/stream_peer_openssl.cpp | 627 | ||||
| -rw-r--r-- | modules/webm/libvpx/SCsub | 4 | ||||
| -rw-r--r-- | modules/websocket/SCsub | 17 |
13 files changed, 467 insertions, 1381 deletions
diff --git a/modules/bullet/rigid_body_bullet.cpp b/modules/bullet/rigid_body_bullet.cpp index 96a53f9f8b..f96218ef46 100644 --- a/modules/bullet/rigid_body_bullet.cpp +++ b/modules/bullet/rigid_body_bullet.cpp @@ -832,7 +832,8 @@ void RigidBodyBullet::on_exit_area(AreaBullet *p_area) { void RigidBodyBullet::reload_space_override_modificator() { - if (!is_active()) + // Make sure that kinematic bodies have their total gravity calculated + if (!is_active() && PhysicsServer::BODY_MODE_KINEMATIC != mode) return; Vector3 newGravity(space->get_gravity_direction() * space->get_gravity_magnitude()); diff --git a/modules/bullet/space_bullet.cpp b/modules/bullet/space_bullet.cpp index 6f0cda8957..88d9c20eba 100644 --- a/modules/bullet/space_bullet.cpp +++ b/modules/bullet/space_bullet.cpp @@ -979,6 +979,8 @@ bool SpaceBullet::test_body_motion(RigidBodyBullet *p_body, const Transform &p_f } else { if (!l_has_penetration) break; + else + has_penetration = true; } } } diff --git a/modules/mbedtls/SCsub b/modules/mbedtls/SCsub new file mode 100755 index 0000000000..b846ae38ad --- /dev/null +++ b/modules/mbedtls/SCsub @@ -0,0 +1,91 @@ +#!/usr/bin/env python + +Import('env') +Import('env_modules') + +env_mbed_tls = env_modules.Clone() + +if env['builtin_mbedtls']: + # Thirdparty source files + thirdparty_sources = [ + "aes.c", + "aesni.c", + "arc4.c", + "asn1parse.c", + "asn1write.c", + "base64.c", + "bignum.c", + "blowfish.c", + "camellia.c", + "ccm.c", + "certs.c", + "cipher.c", + "cipher_wrap.c", + "cmac.c", + "ctr_drbg.c", + "debug.c", + "des.c", + "dhm.c", + "ecdh.c", + "ecdsa.c", + "ecjpake.c", + "ecp.c", + "ecp_curves.c", + "entropy.c", + "entropy_poll.c", + "error.c", + "gcm.c", + "havege.c", + "hmac_drbg.c", + "md2.c", + "md4.c", + "md5.c", + "md.c", + "md_wrap.c", + "memory_buffer_alloc.c", + "net_sockets.c", + "oid.c", + "padlock.c", + "pem.c", + "pk.c", + "pkcs11.c", + "pkcs12.c", + "pkcs5.c", + "pkparse.c", + "pk_wrap.c", + "pkwrite.c", + "platform.c", + "ripemd160.c", + "rsa.c", + "rsa_internal.c", + "sha1.c", + "sha256.c", + "sha512.c", + "ssl_cache.c", + "ssl_ciphersuites.c", + "ssl_cli.c", + "ssl_cookie.c", + "ssl_srv.c", + "ssl_ticket.c", + "ssl_tls.c", + "threading.c", + "timing.c", + "version.c", + "version_features.c", + "x509.c", + "x509_create.c", + "x509_crl.c", + "x509_crt.c", + "x509_csr.c", + "x509write_crt.c", + "x509write_csr.c", + "xtea.c" + ] + + thirdparty_dir = "#thirdparty/mbedtls/library/" + thirdparty_sources = [thirdparty_dir + file for file in thirdparty_sources] + env_mbed_tls.add_source_files(env.modules_sources, thirdparty_sources) + env_mbed_tls.Append(CPPPATH=["#thirdparty/mbedtls/include/"]) + +# Module sources +env_mbed_tls.add_source_files(env.modules_sources, "*.cpp") diff --git a/modules/openssl/config.py b/modules/mbedtls/config.py index 5f133eba90..5f133eba90 100644..100755 --- a/modules/openssl/config.py +++ b/modules/mbedtls/config.py diff --git a/modules/openssl/register_types.cpp b/modules/mbedtls/register_types.cpp index 916acc260e..8548275eec 100644..100755 --- a/modules/openssl/register_types.cpp +++ b/modules/mbedtls/register_types.cpp @@ -30,15 +30,15 @@ #include "register_types.h" -#include "stream_peer_openssl.h" +#include "stream_peer_mbed_tls.h" -void register_openssl_types() { +void register_mbedtls_types() { - ClassDB::register_class<StreamPeerOpenSSL>(); - StreamPeerOpenSSL::initialize_ssl(); + ClassDB::register_class<StreamPeerMbedTLS>(); + StreamPeerMbedTLS::initialize_ssl(); } -void unregister_openssl_types() { +void unregister_mbedtls_types() { - StreamPeerOpenSSL::finalize_ssl(); + StreamPeerMbedTLS::finalize_ssl(); } diff --git a/modules/openssl/register_types.h b/modules/mbedtls/register_types.h index 94d917ca81..3da0b1f1a0 100644..100755 --- a/modules/openssl/register_types.h +++ b/modules/mbedtls/register_types.h @@ -28,5 +28,5 @@ /* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ /*************************************************************************/ -void register_openssl_types(); -void unregister_openssl_types(); +void register_mbedtls_types(); +void unregister_mbedtls_types(); diff --git a/modules/mbedtls/stream_peer_mbed_tls.cpp b/modules/mbedtls/stream_peer_mbed_tls.cpp new file mode 100755 index 0000000000..4135eb40ff --- /dev/null +++ b/modules/mbedtls/stream_peer_mbed_tls.cpp @@ -0,0 +1,325 @@ +/*************************************************************************/ +/* stream_peer_openssl.cpp */ +/*************************************************************************/ +/* This file is part of: */ +/* GODOT ENGINE */ +/* https://godotengine.org */ +/*************************************************************************/ +/* Copyright (c) 2007-2018 Juan Linietsky, Ariel Manzur. */ +/* Copyright (c) 2014-2018 Godot Engine contributors (cf. AUTHORS.md) */ +/* */ +/* Permission is hereby granted, free of charge, to any person obtaining */ +/* a copy of this software and associated documentation files (the */ +/* "Software"), to deal in the Software without restriction, including */ +/* without limitation the rights to use, copy, modify, merge, publish, */ +/* distribute, sublicense, and/or sell copies of the Software, and to */ +/* permit persons to whom the Software is furnished to do so, subject to */ +/* the following conditions: */ +/* */ +/* The above copyright notice and this permission notice shall be */ +/* included in all copies or substantial portions of the Software. */ +/* */ +/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ +/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ +/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/ +/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ +/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ +/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ +/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ +/*************************************************************************/ + +#include "stream_peer_mbed_tls.h" + +static void my_debug(void *ctx, int level, + const char *file, int line, + const char *str) { + + printf("%s:%04d: %s", file, line, str); + fflush(stdout); +} + +void _print_error(int ret) { + printf("mbedtls error: returned -0x%x\n\n", -ret); + fflush(stdout); +} + +int StreamPeerMbedTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) { + + if (buf == NULL || len <= 0) return 0; + + StreamPeerMbedTLS *sp = (StreamPeerMbedTLS *)ctx; + + ERR_FAIL_COND_V(sp == NULL, 0); + + int sent; + Error err = sp->base->put_partial_data((const uint8_t *)buf, len, sent); + if (err != OK) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; + } + if (sent == 0) { + return MBEDTLS_ERR_SSL_WANT_WRITE; + } + return sent; +} + +int StreamPeerMbedTLS::bio_recv(void *ctx, unsigned char *buf, size_t len) { + + if (buf == NULL || len <= 0) return 0; + + StreamPeerMbedTLS *sp = (StreamPeerMbedTLS *)ctx; + + ERR_FAIL_COND_V(sp == NULL, 0); + + int got; + Error err = sp->base->get_partial_data((uint8_t *)buf, len, got); + if (err != OK) { + return MBEDTLS_ERR_SSL_INTERNAL_ERROR; + } + if (got == 0) { + return MBEDTLS_ERR_SSL_WANT_READ; + } + return got; +} + +Error StreamPeerMbedTLS::connect_to_stream(Ref<StreamPeer> p_base, bool p_validate_certs, const String &p_for_hostname) { + + base = p_base; + int ret = 0; + int authmode = p_validate_certs ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE; + + mbedtls_ssl_init(&ssl); + mbedtls_ssl_config_init(&conf); + mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_entropy_init(&entropy); + + ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0); + if (ret != 0) { + ERR_PRINTS(" failed\n ! mbedtls_ctr_drbg_seed returned an error" + itos(ret)); + return FAILED; + } + + mbedtls_ssl_config_defaults(&conf, + MBEDTLS_SSL_IS_CLIENT, + MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_PRESET_DEFAULT); + + mbedtls_ssl_conf_authmode(&conf, authmode); + mbedtls_ssl_conf_ca_chain(&conf, &cacert, NULL); + mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg); + mbedtls_ssl_conf_dbg(&conf, my_debug, stdout); + mbedtls_ssl_setup(&ssl, &conf); + mbedtls_ssl_set_hostname(&ssl, p_for_hostname.utf8().get_data()); + + mbedtls_ssl_set_bio(&ssl, this, bio_send, bio_recv, NULL); + + while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { + if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + ERR_PRINTS("TLS handshake error: " + itos(ret)); + _print_error(ret); + status = STATUS_ERROR_HOSTNAME_MISMATCH; + return FAILED; + } + } + + connected = true; + status = STATUS_CONNECTED; + + return OK; +} + +Error StreamPeerMbedTLS::accept_stream(Ref<StreamPeer> p_base) { + + return ERR_UNAVAILABLE; +} + +Error StreamPeerMbedTLS::put_data(const uint8_t *p_data, int p_bytes) { + + ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); + + Error err; + int sent = 0; + + while (p_bytes > 0) { + err = put_partial_data(p_data, p_bytes, sent); + + if (err != OK) { + return err; + } + + p_data += sent; + p_bytes -= sent; + } + + return OK; +} + +Error StreamPeerMbedTLS::put_partial_data(const uint8_t *p_data, int p_bytes, int &r_sent) { + + ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); + + r_sent = 0; + + if (p_bytes == 0) + return OK; + + int ret = mbedtls_ssl_write(&ssl, p_data, p_bytes); + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { + ret = 0; // non blocking io + } else if (ret <= 0) { + _print_error(ret); + disconnect_from_stream(); + return ERR_CONNECTION_ERROR; + } + + r_sent = ret; + return OK; +} + +Error StreamPeerMbedTLS::get_data(uint8_t *p_buffer, int p_bytes) { + + ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); + + Error err; + + int got = 0; + while (p_bytes > 0) { + + err = get_partial_data(p_buffer, p_bytes, got); + + if (err != OK) { + return err; + } + + p_buffer += got; + p_bytes -= got; + } + + return OK; +} + +Error StreamPeerMbedTLS::get_partial_data(uint8_t *p_buffer, int p_bytes, int &r_received) { + + ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); + + r_received = 0; + + int ret = mbedtls_ssl_read(&ssl, p_buffer, p_bytes); + if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { + ret = 0; // non blocking io + } else if (ret <= 0) { + _print_error(ret); + disconnect_from_stream(); + return ERR_CONNECTION_ERROR; + } + + r_received = ret; + return OK; +} + +void StreamPeerMbedTLS::poll() { + + ERR_FAIL_COND(!connected); + ERR_FAIL_COND(!base.is_valid()); + + int ret = mbedtls_ssl_read(&ssl, NULL, 0); + + if (ret < 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { + _print_error(ret); + disconnect_from_stream(); + return; + } +} + +int StreamPeerMbedTLS::get_available_bytes() const { + + ERR_FAIL_COND_V(!connected, 0); + + return mbedtls_ssl_get_bytes_avail(&ssl); +} +StreamPeerMbedTLS::StreamPeerMbedTLS() { + + connected = false; + status = STATUS_DISCONNECTED; +} + +StreamPeerMbedTLS::~StreamPeerMbedTLS() { + disconnect_from_stream(); +} + +void StreamPeerMbedTLS::disconnect_from_stream() { + + if (!connected) + return; + + mbedtls_ssl_free(&ssl); + mbedtls_ssl_config_free(&conf); + mbedtls_ctr_drbg_free(&ctr_drbg); + mbedtls_entropy_free(&entropy); + + base = Ref<StreamPeer>(); + connected = false; + status = STATUS_DISCONNECTED; +} + +StreamPeerMbedTLS::Status StreamPeerMbedTLS::get_status() const { + + return status; +} + +StreamPeerSSL *StreamPeerMbedTLS::_create_func() { + + return memnew(StreamPeerMbedTLS); +} + +mbedtls_x509_crt StreamPeerMbedTLS::cacert; + +void StreamPeerMbedTLS::_load_certs(const PoolByteArray &p_array) { + int arr_len = p_array.size(); + PoolByteArray::Read r = p_array.read(); + int err = mbedtls_x509_crt_parse(&cacert, &r[0], arr_len); + if (err != 0) { + WARN_PRINTS("Error parsing some certificates: " + itos(err)); + } +} + +void StreamPeerMbedTLS::initialize_ssl() { + + _create = _create_func; + load_certs_func = _load_certs; + + mbedtls_x509_crt_init(&cacert); + +#ifdef DEBUG_ENABLED + mbedtls_debug_set_threshold(1); +#endif + + String certs_path = GLOBAL_DEF("network/ssl/certificates", ""); + ProjectSettings::get_singleton()->set_custom_property_info("network/ssl/certificates", PropertyInfo(Variant::STRING, "network/ssl/certificates", PROPERTY_HINT_FILE, "*.crt")); + + if (certs_path != "") { + + FileAccess *f = FileAccess::open(certs_path, FileAccess::READ); + if (f) { + PoolByteArray arr; + int flen = f->get_len(); + arr.resize(flen + 1); + { + PoolByteArray::Write w = arr.write(); + f->get_buffer(w.ptr(), flen); + w[flen] = 0; //end f string + } + + memdelete(f); + + _load_certs(arr); + print_line("Loaded certs from '" + certs_path); + } + } + + available = true; +} + +void StreamPeerMbedTLS::finalize_ssl() { + + mbedtls_x509_crt_free(&cacert); +} diff --git a/modules/openssl/stream_peer_openssl.h b/modules/mbedtls/stream_peer_mbed_tls.h index 29c8647e58..ce17614d85 100644..100755 --- a/modules/openssl/stream_peer_openssl.h +++ b/modules/mbedtls/stream_peer_mbed_tls.h @@ -35,63 +35,42 @@ #include "os/file_access.h" #include "project_settings.h" -#include "thirdparty/misc/curl_hostcheck.h" - -#include <openssl/bio.h> // BIO objects for I/O -#include <openssl/err.h> // Error reporting -#include <openssl/ssl.h> // SSL and SSL_CTX for SSL connections -#include <openssl/x509v3.h> +#include "mbedtls/config.h" +#include "mbedtls/ctr_drbg.h" +#include "mbedtls/debug.h" +#include "mbedtls/entropy.h" +#include "mbedtls/net.h" +#include "mbedtls/ssl.h" #include <stdio.h> +#include <stdlib.h> -class StreamPeerOpenSSL : public StreamPeerSSL { +class StreamPeerMbedTLS : public StreamPeerSSL { private: - static int _bio_create(BIO *b); - static int _bio_destroy(BIO *b); - static int _bio_read(BIO *b, char *buf, int len); - static int _bio_write(BIO *b, const char *buf, int len); - static long _bio_ctrl(BIO *b, int cmd, long num, void *ptr); - static int _bio_gets(BIO *b, char *buf, int len); - static int _bio_puts(BIO *b, const char *str); - -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) - static BIO_METHOD *_bio_method; -#else - static BIO_METHOD _bio_method; -#endif - static BIO_METHOD *_get_bio_method(); - - static bool _match_host_name(const char *name, const char *hostname); - static Error _match_common_name(const char *hostname, const X509 *server_cert); - static Error _match_subject_alternative_name(const char *hostname, const X509 *server_cert); - - static int _cert_verify_callback(X509_STORE_CTX *x509_ctx, void *arg); - Status status; String hostname; - int max_cert_chain_depth; - SSL_CTX *ctx; - SSL *ssl; - BIO *bio; + bool connected; - int flags; - bool use_blocking; - bool validate_certs; - bool validate_hostname; Ref<StreamPeer> base; static StreamPeerSSL *_create_func(); - void _print_error(int err); - - static Vector<X509 *> certs; - static void _load_certs(const PoolByteArray &p_array); + static int bio_recv(void *ctx, unsigned char *buf, size_t len); + static int bio_send(void *ctx, const unsigned char *buf, size_t len); + protected: + static mbedtls_x509_crt cacert; + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; + mbedtls_ssl_context ssl; + mbedtls_ssl_config conf; + static void _bind_methods(); public: + virtual void poll(); virtual Error accept_stream(Ref<StreamPeer> p_base); virtual Error connect_to_stream(Ref<StreamPeer> p_base, bool p_validate_certs = false, const String &p_for_hostname = String()); virtual Status get_status() const; @@ -109,8 +88,8 @@ public: static void initialize_ssl(); static void finalize_ssl(); - StreamPeerOpenSSL(); - ~StreamPeerOpenSSL(); + StreamPeerMbedTLS(); + ~StreamPeerMbedTLS(); }; #endif // STREAM_PEER_SSL_H diff --git a/modules/mono/SCsub b/modules/mono/SCsub index 320bbe7090..aa8626e6da 100644 --- a/modules/mono/SCsub +++ b/modules/mono/SCsub @@ -57,10 +57,10 @@ if env['tools']: vars = Variables() vars.Add(BoolVariable('mono_glue', 'Build with the mono glue sources', True)) vars.Add(BoolVariable('xbuild_fallback', 'If MSBuild is not found, fallback to xbuild', False)) -vars.Update(env) +vars.Update(env_mono) # Glue sources -if env['mono_glue']: +if env_mono['mono_glue']: env_mono.add_source_files(env.modules_sources, 'glue/*.cpp') else: env_mono.Append(CPPDEFINES=['MONO_GLUE_DISABLED']) diff --git a/modules/openssl/SCsub b/modules/openssl/SCsub deleted file mode 100644 index 84c5e68439..0000000000 --- a/modules/openssl/SCsub +++ /dev/null @@ -1,696 +0,0 @@ -#!/usr/bin/env python - -Import('env') -Import('env_modules') - -env_openssl = env_modules.Clone() - -# Thirdparty source files -if env['builtin_openssl']: - thirdparty_dir = "#thirdparty/openssl/" - - thirdparty_sources = [ - "ssl/t1_lib.c", - "ssl/t1_ext.c", - "ssl/s3_srvr.c", - "ssl/t1_enc.c", - "ssl/t1_meth.c", - "ssl/s23_clnt.c", - "ssl/ssl_asn1.c", - "ssl/tls_srp.c", - "ssl/kssl.c", - "ssl/d1_both.c", - "ssl/t1_clnt.c", - "ssl/bio_ssl.c", - "ssl/d1_srtp.c", - "ssl/t1_reneg.c", - "ssl/ssl_cert.c", - "ssl/s3_lib.c", - "ssl/d1_srvr.c", - "ssl/s23_meth.c", - "ssl/ssl_stat.c", - "ssl/ssl_err.c", - "ssl/ssl_algs.c", - "ssl/s3_cbc.c", - "ssl/d1_clnt.c", - "ssl/s3_pkt.c", - "ssl/d1_meth.c", - "ssl/s3_both.c", - "ssl/s2_enc.c", - "ssl/s3_meth.c", - "ssl/s3_enc.c", - "ssl/s23_pkt.c", - "ssl/s2_pkt.c", - "ssl/d1_pkt.c", - "ssl/ssl_rsa.c", - "ssl/s23_srvr.c", - "ssl/s2_meth.c", - "ssl/s3_clnt.c", - "ssl/s23_lib.c", - "ssl/t1_srvr.c", - "ssl/ssl_lib.c", - "ssl/ssl_txt.c", - "ssl/s2_srvr.c", - "ssl/ssl_sess.c", - "ssl/s2_clnt.c", - "ssl/d1_lib.c", - "ssl/s2_lib.c", - "ssl/ssl_err2.c", - "ssl/ssl_ciph.c", - "crypto/dsa/dsa_lib.c", - "crypto/dsa/dsa_pmeth.c", - "crypto/dsa/dsa_ossl.c", - "crypto/dsa/dsa_gen.c", - "crypto/dsa/dsa_asn1.c", - "crypto/dsa/dsa_prn.c", - "crypto/dsa/dsa_sign.c", - "crypto/dsa/dsa_key.c", - "crypto/dsa/dsa_vrf.c", - "crypto/dsa/dsa_err.c", - "crypto/dsa/dsa_ameth.c", - "crypto/dsa/dsa_depr.c", - "crypto/x509/x509_lu.c", - "crypto/x509/x509cset.c", - "crypto/x509/x509_set.c", - "crypto/x509/x509_d2.c", - "crypto/x509/x509_txt.c", - "crypto/x509/x509rset.c", - "crypto/x509/by_dir.c", - "crypto/x509/x509_vpm.c", - "crypto/x509/x509_vfy.c", - "crypto/x509/x509_trs.c", - "crypto/x509/by_file.c", - "crypto/x509/x509_obj.c", - "crypto/x509/x509spki.c", - "crypto/x509/x509_v3.c", - "crypto/x509/x509_req.c", - "crypto/x509/x509_att.c", - "crypto/x509/x_all.c", - "crypto/x509/x509_ext.c", - "crypto/x509/x509type.c", - "crypto/x509/x509_def.c", - "crypto/x509/x509_err.c", - "crypto/x509/x509name.c", - "crypto/x509/x509_r2x.c", - "crypto/x509/x509_cmp.c", - "crypto/asn1/x_pkey.c", - "crypto/asn1/a_gentm.c", - "crypto/asn1/x_sig.c", - "crypto/asn1/t_req.c", - "crypto/asn1/t_pkey.c", - "crypto/asn1/p8_pkey.c", - "crypto/asn1/a_i2d_fp.c", - "crypto/asn1/x_val.c", - "crypto/asn1/f_string.c", - "crypto/asn1/p5_pbe.c", - "crypto/asn1/bio_ndef.c", - "crypto/asn1/a_bool.c", - "crypto/asn1/asn1_gen.c", - "crypto/asn1/x_algor.c", - "crypto/asn1/bio_asn1.c", - "crypto/asn1/asn_mime.c", - "crypto/asn1/t_x509.c", - "crypto/asn1/a_strex.c", - "crypto/asn1/x_nx509.c", - "crypto/asn1/asn1_err.c", - "crypto/asn1/x_crl.c", - "crypto/asn1/a_print.c", - "crypto/asn1/a_type.c", - "crypto/asn1/tasn_new.c", - "crypto/asn1/n_pkey.c", - "crypto/asn1/x_bignum.c", - "crypto/asn1/asn_pack.c", - "crypto/asn1/evp_asn1.c", - "crypto/asn1/t_bitst.c", - "crypto/asn1/x_req.c", - "crypto/asn1/a_time.c", - "crypto/asn1/x_name.c", - "crypto/asn1/x_pubkey.c", - "crypto/asn1/tasn_typ.c", - "crypto/asn1/asn_moid.c", - "crypto/asn1/a_utctm.c", - "crypto/asn1/asn1_lib.c", - "crypto/asn1/x_x509a.c", - "crypto/asn1/a_set.c", - "crypto/asn1/t_crl.c", - "crypto/asn1/p5_pbev2.c", - "crypto/asn1/tasn_enc.c", - "crypto/asn1/a_mbstr.c", - "crypto/asn1/tasn_dec.c", - "crypto/asn1/x_x509.c", - "crypto/asn1/a_octet.c", - "crypto/asn1/x_long.c", - "crypto/asn1/a_bytes.c", - "crypto/asn1/t_x509a.c", - "crypto/asn1/a_enum.c", - "crypto/asn1/a_int.c", - "crypto/asn1/tasn_prn.c", - "crypto/asn1/i2d_pr.c", - "crypto/asn1/a_utf8.c", - "crypto/asn1/t_spki.c", - "crypto/asn1/a_digest.c", - "crypto/asn1/a_dup.c", - "crypto/asn1/i2d_pu.c", - "crypto/asn1/a_verify.c", - "crypto/asn1/f_enum.c", - "crypto/asn1/a_sign.c", - "crypto/asn1/d2i_pr.c", - "crypto/asn1/asn1_par.c", - "crypto/asn1/x_spki.c", - "crypto/asn1/a_d2i_fp.c", - "crypto/asn1/f_int.c", - "crypto/asn1/x_exten.c", - "crypto/asn1/tasn_utl.c", - "crypto/asn1/nsseq.c", - "crypto/asn1/a_bitstr.c", - "crypto/asn1/x_info.c", - "crypto/asn1/a_strnid.c", - "crypto/asn1/a_object.c", - "crypto/asn1/tasn_fre.c", - "crypto/asn1/d2i_pu.c", - "crypto/asn1/ameth_lib.c", - "crypto/asn1/x_attrib.c", - "crypto/evp/m_sha.c", - "crypto/evp/e_camellia.c", - "crypto/evp/e_aes.c", - "crypto/evp/bio_b64.c", - "crypto/evp/m_sigver.c", - "crypto/evp/m_wp.c", - "crypto/evp/m_sha1.c", - "crypto/evp/p_seal.c", - "crypto/evp/c_alld.c", - "crypto/evp/p5_crpt.c", - "crypto/evp/e_rc4.c", - "crypto/evp/m_ecdsa.c", - "crypto/evp/bio_enc.c", - "crypto/evp/e_des3.c", - "crypto/evp/m_null.c", - "crypto/evp/bio_ok.c", - "crypto/evp/pmeth_gn.c", - "crypto/evp/e_rc5.c", - "crypto/evp/e_rc2.c", - "crypto/evp/p_dec.c", - "crypto/evp/p_verify.c", - "crypto/evp/e_rc4_hmac_md5.c", - "crypto/evp/pmeth_lib.c", - "crypto/evp/m_ripemd.c", - "crypto/evp/m_md5.c", - "crypto/evp/e_bf.c", - "crypto/evp/p_enc.c", - "crypto/evp/m_dss.c", - "crypto/evp/bio_md.c", - "crypto/evp/evp_pbe.c", - "crypto/evp/e_seed.c", - "crypto/evp/e_cast.c", - "crypto/evp/p_open.c", - "crypto/evp/p5_crpt2.c", - "crypto/evp/m_dss1.c", - "crypto/evp/names.c", - "crypto/evp/evp_acnf.c", - "crypto/evp/e_des.c", - "crypto/evp/evp_cnf.c", - "crypto/evp/evp_lib.c", - "crypto/evp/digest.c", - "crypto/evp/evp_err.c", - "crypto/evp/evp_enc.c", - "crypto/evp/e_old.c", - "crypto/evp/c_all.c", - "crypto/evp/m_md2.c", - "crypto/evp/e_xcbc_d.c", - "crypto/evp/pmeth_fn.c", - "crypto/evp/p_lib.c", - "crypto/evp/evp_key.c", - "crypto/evp/encode.c", - "crypto/evp/e_aes_cbc_hmac_sha1.c", - "crypto/evp/e_aes_cbc_hmac_sha256.c", - "crypto/evp/m_mdc2.c", - "crypto/evp/e_null.c", - "crypto/evp/p_sign.c", - "crypto/evp/e_idea.c", - "crypto/evp/c_allc.c", - "crypto/evp/evp_pkey.c", - "crypto/evp/m_md4.c", - "crypto/ex_data.c", - "crypto/pkcs12/p12_p8e.c", - "crypto/pkcs12/p12_crt.c", - "crypto/pkcs12/p12_utl.c", - "crypto/pkcs12/p12_attr.c", - "crypto/pkcs12/p12_npas.c", - "crypto/pkcs12/p12_decr.c", - "crypto/pkcs12/p12_init.c", - "crypto/pkcs12/p12_kiss.c", - "crypto/pkcs12/p12_add.c", - "crypto/pkcs12/p12_p8d.c", - "crypto/pkcs12/p12_mutl.c", - "crypto/pkcs12/p12_crpt.c", - "crypto/pkcs12/pk12err.c", - "crypto/pkcs12/p12_asn.c", - "crypto/pkcs12/p12_key.c", - "crypto/ecdh/ech_key.c", - "crypto/ecdh/ech_ossl.c", - "crypto/ecdh/ech_lib.c", - "crypto/ecdh/ech_err.c", - "crypto/ecdh/ech_kdf.c", - "crypto/o_str.c", - "crypto/conf/conf_api.c", - "crypto/conf/conf_err.c", - "crypto/conf/conf_def.c", - "crypto/conf/conf_lib.c", - "crypto/conf/conf_mall.c", - "crypto/conf/conf_sap.c", - "crypto/conf/conf_mod.c", - "crypto/ebcdic.c", - "crypto/ecdsa/ecs_lib.c", - "crypto/ecdsa/ecs_asn1.c", - "crypto/ecdsa/ecs_ossl.c", - "crypto/ecdsa/ecs_vrf.c", - "crypto/ecdsa/ecs_sign.c", - "crypto/ecdsa/ecs_err.c", - "crypto/dso/dso_win32.c", - "crypto/dso/dso_lib.c", - "crypto/dso/dso_dlfcn.c", - "crypto/dso/dso_dl.c", - "crypto/dso/dso_beos.c", - "crypto/dso/dso_null.c", - "crypto/dso/dso_vms.c", - "crypto/dso/dso_err.c", - "crypto/dso/dso_openssl.c", - "crypto/cryptlib.c", - "crypto/md5/md5_one.c", - "crypto/md5/md5_dgst.c", - "crypto/pkcs7/pkcs7err.c", - "crypto/pkcs7/pk7_smime.c", - "crypto/pkcs7/bio_pk7.c", - "crypto/pkcs7/pk7_mime.c", - "crypto/pkcs7/pk7_lib.c", - "crypto/pkcs7/pk7_asn1.c", - "crypto/pkcs7/pk7_doit.c", - "crypto/pkcs7/pk7_attr.c", - "crypto/md4/md4_one.c", - "crypto/md4/md4_dgst.c", - "crypto/o_dir.c", - "crypto/buffer/buf_err.c", - "crypto/buffer/buf_str.c", - "crypto/buffer/buffer.c", - "crypto/cms/cms_lib.c", - "crypto/cms/cms_io.c", - "crypto/cms/cms_err.c", - "crypto/cms/cms_dd.c", - "crypto/cms/cms_smime.c", - "crypto/cms/cms_att.c", - "crypto/cms/cms_pwri.c", - "crypto/cms/cms_cd.c", - "crypto/cms/cms_sd.c", - "crypto/cms/cms_asn1.c", - "crypto/cms/cms_env.c", - "crypto/cms/cms_enc.c", - "crypto/cms/cms_ess.c", - "crypto/cms/cms_kari.c", - "crypto/mem_dbg.c", - "crypto/uid.c", - "crypto/stack/stack.c", - "crypto/ec/ec_ameth.c", - "crypto/ec/ec_err.c", - "crypto/ec/ec_lib.c", - "crypto/ec/ec_curve.c", - "crypto/ec/ec_oct.c", - "crypto/ec/ec_asn1.c", - "crypto/ec/ecp_oct.c", - "crypto/ec/ec_print.c", - "crypto/ec/ec2_smpl.c", - "crypto/ec/ecp_nistp224.c", - "crypto/ec/ec2_oct.c", - "crypto/ec/eck_prn.c", - "crypto/ec/ec_key.c", - "crypto/ec/ecp_nist.c", - "crypto/ec/ec_check.c", - "crypto/ec/ecp_smpl.c", - "crypto/ec/ec2_mult.c", - "crypto/ec/ecp_mont.c", - "crypto/ec/ecp_nistp521.c", - "crypto/ec/ec_mult.c", - "crypto/ec/ecp_nistputil.c", - "crypto/ec/ec_pmeth.c", - "crypto/ec/ec_cvt.c", - "crypto/ec/ecp_nistp256.c", - "crypto/krb5/krb5_asn.c", - "crypto/hmac/hmac.c", - "crypto/hmac/hm_ameth.c", - "crypto/hmac/hm_pmeth.c", - "crypto/comp/c_rle.c", - "crypto/comp/c_zlib.c", - "crypto/comp/comp_lib.c", - "crypto/comp/comp_err.c", - "crypto/des/fcrypt.c", - "crypto/des/str2key.c", - "crypto/des/cbc_cksm.c", - "crypto/des/des_enc.c", - "crypto/des/ofb_enc.c", - "crypto/des/read2pwd.c", - "crypto/des/ecb3_enc.c", - "crypto/des/rand_key.c", - "crypto/des/cfb64ede.c", - "crypto/des/rpc_enc.c", - "crypto/des/ofb64ede.c", - "crypto/des/qud_cksm.c", - "crypto/des/enc_writ.c", - "crypto/des/set_key.c", - "crypto/des/xcbc_enc.c", - "crypto/des/fcrypt_b.c", - "crypto/des/ede_cbcm_enc.c", - "crypto/des/des_old2.c", - "crypto/des/cfb_enc.c", - "crypto/des/ecb_enc.c", - "crypto/des/enc_read.c", - "crypto/des/des_old.c", - "crypto/des/ofb64enc.c", - "crypto/des/pcbc_enc.c", - "crypto/des/cbc_enc.c", - "crypto/des/cfb64enc.c", - "crypto/lhash/lh_stats.c", - "crypto/lhash/lhash.c", - "crypto/x509v3/v3_genn.c", - "crypto/x509v3/pcy_cache.c", - "crypto/x509v3/v3_sxnet.c", - "crypto/x509v3/v3_scts.c", - "crypto/x509v3/v3err.c", - "crypto/x509v3/v3_conf.c", - "crypto/x509v3/v3_utl.c", - "crypto/x509v3/v3_akeya.c", - "crypto/x509v3/v3_lib.c", - "crypto/x509v3/pcy_lib.c", - "crypto/x509v3/v3_cpols.c", - "crypto/x509v3/v3_ia5.c", - "crypto/x509v3/v3_bitst.c", - "crypto/x509v3/v3_skey.c", - "crypto/x509v3/v3_info.c", - "crypto/x509v3/v3_asid.c", - "crypto/x509v3/pcy_tree.c", - "crypto/x509v3/v3_pcons.c", - "crypto/x509v3/v3_bcons.c", - "crypto/x509v3/v3_pku.c", - "crypto/x509v3/v3_ocsp.c", - "crypto/x509v3/pcy_map.c", - "crypto/x509v3/v3_ncons.c", - "crypto/x509v3/v3_purp.c", - "crypto/x509v3/v3_enum.c", - "crypto/x509v3/v3_pmaps.c", - "crypto/x509v3/pcy_node.c", - "crypto/x509v3/v3_pcia.c", - "crypto/x509v3/v3_crld.c", - "crypto/x509v3/v3_pci.c", - "crypto/x509v3/v3_akey.c", - "crypto/x509v3/v3_addr.c", - "crypto/x509v3/v3_int.c", - "crypto/x509v3/v3_alt.c", - "crypto/x509v3/v3_extku.c", - "crypto/x509v3/v3_prn.c", - "crypto/x509v3/pcy_data.c", - "crypto/aes/aes_ofb.c", - "crypto/aes/aes_ctr.c", - "crypto/aes/aes_ecb.c", - "crypto/aes/aes_cfb.c", - "crypto/aes/aes_wrap.c", - "crypto/aes/aes_ige.c", - "crypto/aes/aes_misc.c", - "crypto/pqueue/pqueue.c", - "crypto/sha/sha_one.c", - "crypto/sha/sha_dgst.c", - "crypto/sha/sha512.c", - "crypto/sha/sha1_one.c", - "crypto/sha/sha1dgst.c", - "crypto/sha/sha256.c", - "crypto/whrlpool/wp_dgst.c", - "crypto/objects/obj_xref.c", - "crypto/objects/o_names.c", - "crypto/objects/obj_err.c", - "crypto/objects/obj_dat.c", - "crypto/objects/obj_lib.c", - "crypto/mem.c", - "crypto/fips_ers.c", - "crypto/o_fips.c", - "crypto/engine/eng_rdrand.c", - "crypto/engine/eng_err.c", - "crypto/engine/tb_ecdsa.c", - "crypto/engine/tb_rsa.c", - "crypto/engine/tb_cipher.c", - "crypto/engine/tb_dsa.c", - "crypto/engine/eng_lib.c", - "crypto/engine/tb_asnmth.c", - "crypto/engine/tb_ecdh.c", - "crypto/engine/tb_dh.c", - "crypto/engine/tb_store.c", - "crypto/engine/eng_init.c", - "crypto/engine/eng_cnf.c", - "crypto/engine/eng_all.c", - "crypto/engine/tb_digest.c", - "crypto/engine/tb_pkmeth.c", - "crypto/engine/eng_table.c", - "crypto/engine/eng_ctrl.c", - "crypto/engine/eng_list.c", - "crypto/engine/eng_cryptodev.c", - "crypto/engine/eng_pkey.c", - "crypto/engine/tb_rand.c", - "crypto/engine/eng_openssl.c", - "crypto/engine/eng_fat.c", - "crypto/engine/eng_dyn.c", - "crypto/ts/ts_rsp_verify.c", - "crypto/ts/ts_req_print.c", - "crypto/ts/ts_verify_ctx.c", - "crypto/ts/ts_req_utils.c", - "crypto/ts/ts_err.c", - "crypto/ts/ts_rsp_print.c", - "crypto/ts/ts_rsp_utils.c", - "crypto/ts/ts_lib.c", - "crypto/ts/ts_conf.c", - "crypto/ts/ts_asn1.c", - "crypto/ts/ts_rsp_sign.c", - "crypto/ocsp/ocsp_ext.c", - "crypto/ocsp/ocsp_cl.c", - "crypto/ocsp/ocsp_ht.c", - "crypto/ocsp/ocsp_lib.c", - "crypto/ocsp/ocsp_srv.c", - "crypto/ocsp/ocsp_vfy.c", - "crypto/ocsp/ocsp_err.c", - "crypto/ocsp/ocsp_prn.c", - "crypto/ocsp/ocsp_asn.c", - "crypto/bf/bf_cfb64.c", - "crypto/bf/bf_ecb.c", - "crypto/bf/bf_enc.c", - "crypto/bf/bf_skey.c", - "crypto/bf/bf_ofb64.c", - "crypto/idea/i_skey.c", - "crypto/idea/i_ofb64.c", - "crypto/idea/i_cbc.c", - "crypto/idea/i_ecb.c", - "crypto/idea/i_cfb64.c", - "crypto/cmac/cm_ameth.c", - "crypto/cmac/cmac.c", - "crypto/cmac/cm_pmeth.c", - "crypto/dh/dh_lib.c", - "crypto/dh/dh_key.c", - "crypto/dh/dh_asn1.c", - "crypto/dh/dh_depr.c", - "crypto/dh/dh_pmeth.c", - "crypto/dh/dh_prn.c", - "crypto/dh/dh_gen.c", - "crypto/dh/dh_ameth.c", - "crypto/dh/dh_check.c", - "crypto/dh/dh_err.c", - "crypto/dh/dh_kdf.c", - "crypto/dh/dh_rfc5114.c", - "crypto/modes/ccm128.c", - "crypto/modes/ofb128.c", - "crypto/modes/cts128.c", - "crypto/modes/ctr128.c", - "crypto/modes/gcm128.c", - "crypto/modes/cbc128.c", - "crypto/modes/cfb128.c", - "crypto/modes/xts128.c", - "crypto/modes/wrap128.c", - "crypto/camellia/cmll_cfb.c", - "crypto/camellia/cmll_ecb.c", - "crypto/camellia/cmll_utl.c", - "crypto/camellia/cmll_misc.c", - "crypto/camellia/cmll_ofb.c", - "crypto/camellia/cmll_ctr.c", - "crypto/seed/seed_ecb.c", - "crypto/seed/seed_cbc.c", - "crypto/seed/seed.c", - "crypto/seed/seed_ofb.c", - "crypto/seed/seed_cfb.c", - "crypto/txt_db/txt_db.c", - "crypto/cpt_err.c", - "crypto/pem/pem_pk8.c", - "crypto/pem/pem_lib.c", - "crypto/pem/pem_sign.c", - "crypto/pem/pem_all.c", - "crypto/pem/pem_info.c", - "crypto/pem/pem_pkey.c", - "crypto/pem/pem_seal.c", - "crypto/pem/pem_err.c", - "crypto/pem/pem_xaux.c", - "crypto/pem/pvkfmt.c", - "crypto/pem/pem_x509.c", - "crypto/pem/pem_oth.c", - "crypto/rand/rand_lib.c", - "crypto/rand/randfile.c", - "crypto/rand/rand_os2.c", - "crypto/rand/rand_unix.c", - "crypto/rand/rand_nw.c", - "crypto/rand/md_rand.c", - "crypto/rand/rand_err.c", - "crypto/rand/rand_win.c", - "crypto/rand/rand_egd.c", - "crypto/cversion.c", - "crypto/cast/c_ecb.c", - "crypto/cast/c_skey.c", - "crypto/cast/c_ofb64.c", - "crypto/cast/c_enc.c", - "crypto/cast/c_cfb64.c", - "crypto/o_time.c", - "crypto/mdc2/mdc2dgst.c", - "crypto/mdc2/mdc2_one.c", - "crypto/rc4/rc4_utl.c", - "crypto/ui/ui_compat.c", - "crypto/ui/ui_util.c", - "crypto/ui/ui_lib.c", - "crypto/ui/ui_err.c", - "crypto/ui/ui_openssl.c", - "crypto/bio/bf_buff.c", - "crypto/bio/bss_null.c", - "crypto/bio/bss_acpt.c", - "crypto/bio/bss_conn.c", - "crypto/bio/bss_fd.c", - "crypto/bio/bf_null.c", - "crypto/bio/bio_err.c", - "crypto/bio/bss_sock.c", - "crypto/bio/bss_mem.c", - "crypto/bio/b_dump.c", - "crypto/bio/b_print.c", - "crypto/bio/b_sock.c", - "crypto/bio/bss_dgram.c", - "crypto/bio/bf_nbio.c", - "crypto/bio/bio_lib.c", - "crypto/bio/bss_file.c", - "crypto/bio/bss_bio.c", - "crypto/bio/bss_log.c", - "crypto/bio/bio_cb.c", - "crypto/o_init.c", - "crypto/rc2/rc2_skey.c", - "crypto/rc2/rc2_cbc.c", - "crypto/rc2/rc2cfb64.c", - "crypto/rc2/rc2_ecb.c", - "crypto/rc2/rc2ofb64.c", - "crypto/bn/bn_x931p.c", - "crypto/bn/bn_blind.c", - "crypto/bn/bn_gf2m.c", - "crypto/bn/bn_const.c", - "crypto/bn/bn_sqr.c", - "crypto/bn/bn_nist.c", - "crypto/bn/bn_rand.c", - "crypto/bn/bn_err.c", - "crypto/bn/bn_div.c", - "crypto/bn/bn_kron.c", - "crypto/bn/bn_ctx.c", - "crypto/bn/bn_shift.c", - "crypto/bn/bn_mod.c", - "crypto/bn/bn_exp2.c", - "crypto/bn/bn_word.c", - "crypto/bn/bn_add.c", - "crypto/bn/bn_exp.c", - "crypto/bn/bn_mont.c", - "crypto/bn/bn_print.c", - "crypto/bn/bn_mul.c", - "crypto/bn/bn_prime.c", - "crypto/bn/bn_depr.c", - "crypto/bn/bn_gcd.c", - "crypto/bn/bn_mpi.c", - "crypto/bn/bn_sqrt.c", - "crypto/bn/bn_recp.c", - "crypto/bn/bn_lib.c", - "crypto/ripemd/rmd_dgst.c", - "crypto/ripemd/rmd_one.c", - "crypto/rsa/rsa_x931.c", - "crypto/rsa/rsa_depr.c", - "crypto/rsa/rsa_saos.c", - "crypto/rsa/rsa_crpt.c", - "crypto/rsa/rsa_pss.c", - "crypto/rsa/rsa_oaep.c", - "crypto/rsa/rsa_null.c", - "crypto/rsa/rsa_gen.c", - "crypto/rsa/rsa_prn.c", - "crypto/rsa/rsa_pmeth.c", - "crypto/rsa/rsa_asn1.c", - "crypto/rsa/rsa_ssl.c", - "crypto/rsa/rsa_ameth.c", - "crypto/rsa/rsa_pk1.c", - "crypto/rsa/rsa_err.c", - "crypto/rsa/rsa_lib.c", - "crypto/rsa/rsa_none.c", - "crypto/rsa/rsa_chk.c", - "crypto/rsa/rsa_eay.c", - "crypto/rsa/rsa_sign.c", - "crypto/srp/srp_lib.c", - "crypto/srp/srp_vfy.c", - "crypto/err/err.c", - "crypto/err/err_prn.c", - "crypto/err/err_all.c", - "crypto/mem_clr.c", - "crypto/rc4/rc4_skey.c", - "crypto/rc4/rc4_enc.c", - "crypto/camellia/camellia.c", - "crypto/camellia/cmll_cbc.c", - #"crypto/aes/aes_x86core.c", - "crypto/aes/aes_core.c", - "crypto/aes/aes_cbc.c", - "crypto/whrlpool/wp_block.c", - "crypto/bn/bn_asm.c", - ] - - if "platform" in env and env["platform"] == "uwp": - thirdparty_sources += ['uwp.cpp'] - - thirdparty_sources = [thirdparty_dir + file for file in thirdparty_sources] - - env_openssl.add_source_files(env.modules_sources, thirdparty_sources) - - # FIXME: Clone the environment to make env_openssl and not pollute the modules env - thirdparty_include_paths = [ - "", - "crypto", - "crypto/asn1", - "crypto/evp", - "crypto/modes", - "openssl", - ] - env_openssl.Append(CPPPATH=[thirdparty_dir + "/" + dir for dir in thirdparty_include_paths]) - - env_openssl.Append(CPPFLAGS=["-DOPENSSL_NO_ASM", "-DOPENSSL_THREADS", "-DL_ENDIAN"]) - - # Workaround for compilation error with GCC/Clang when -Werror is too greedy (GH-4517) - import os - import methods - if not (os.name == "nt" and os.getenv("VCINSTALLDIR")): # not Windows and not MSVC - env_openssl.Append(CFLAGS=["-Wno-error=implicit-function-declaration"]) - - -# Module sources -env_openssl.add_source_files(env.modules_sources, "*.cpp") - - -# Other thirdparty dependencies -thirdparty_misc_dir = "#thirdparty/misc/" -thirdparty_misc_sources = [ - "curl_hostcheck.c", -] -thirdparty_misc_sources = [thirdparty_misc_dir + file for file in thirdparty_misc_sources] -env_openssl.add_source_files(env.modules_sources, thirdparty_misc_sources) - - -# platform/uwp need to know openssl is available, pass to main env -if "platform" in env and env["platform"] == "uwp": - env.Append(CPPPATH=[thirdparty_dir]) - env.Append(CPPFLAGS=['-DOPENSSL_ENABLED']) - -Export('env') diff --git a/modules/openssl/stream_peer_openssl.cpp b/modules/openssl/stream_peer_openssl.cpp deleted file mode 100644 index 84c4e85006..0000000000 --- a/modules/openssl/stream_peer_openssl.cpp +++ /dev/null @@ -1,627 +0,0 @@ -/*************************************************************************/ -/* stream_peer_openssl.cpp */ -/*************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/*************************************************************************/ -/* Copyright (c) 2007-2018 Juan Linietsky, Ariel Manzur. */ -/* Copyright (c) 2014-2018 Godot Engine contributors (cf. AUTHORS.md) */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/*************************************************************************/ - -#include "stream_peer_openssl.h" - -// Compatibility with OpenSSL 1.1.0. -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -#define BIO_set_num(b, n) -#else -#define BIO_set_num(b, n) ((b)->num = (n)) - -#define BIO_set_init(b, i) ((b)->init = (i)) -#define BIO_set_data(b, p) ((b)->ptr = (p)) -#define BIO_get_data(b) ((b)->ptr) -#endif - -//hostname matching code from curl - -bool StreamPeerOpenSSL::_match_host_name(const char *name, const char *hostname) { - - return Tool_Curl_cert_hostcheck(name, hostname) == CURL_HOST_MATCH; -} - -Error StreamPeerOpenSSL::_match_common_name(const char *hostname, const X509 *server_cert) { - - // Find the position of the CN field in the Subject field of the certificate - int common_name_loc = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *)server_cert), NID_commonName, -1); - - ERR_FAIL_COND_V(common_name_loc < 0, ERR_INVALID_PARAMETER); - - // Extract the CN field - X509_NAME_ENTRY *common_name_entry = X509_NAME_get_entry(X509_get_subject_name((X509 *)server_cert), common_name_loc); - - ERR_FAIL_COND_V(common_name_entry == NULL, ERR_INVALID_PARAMETER); - - // Convert the CN field to a C string - ASN1_STRING *common_name_asn1 = X509_NAME_ENTRY_get_data(common_name_entry); - - ERR_FAIL_COND_V(common_name_asn1 == NULL, ERR_INVALID_PARAMETER); - - char *common_name_str = (char *)ASN1_STRING_data(common_name_asn1); - - // Make sure there isn't an embedded NUL character in the CN - bool malformed_certificate = (size_t)ASN1_STRING_length(common_name_asn1) != strlen(common_name_str); - - ERR_FAIL_COND_V(malformed_certificate, ERR_INVALID_PARAMETER); - - // Compare expected hostname with the CN - - return _match_host_name(common_name_str, hostname) ? OK : FAILED; -} - -/** -* Tries to find a match for hostname in the certificate's Subject Alternative Name extension. -* -*/ - -Error StreamPeerOpenSSL::_match_subject_alternative_name(const char *hostname, const X509 *server_cert) { - - Error result = FAILED; - int i; - int san_names_nb = -1; - STACK_OF(GENERAL_NAME) *san_names = NULL; - - // Try to extract the names within the SAN extension from the certificate - san_names = (STACK_OF(GENERAL_NAME) *)X509_get_ext_d2i((X509 *)server_cert, NID_subject_alt_name, NULL, NULL); - if (san_names == NULL) { - return ERR_FILE_NOT_FOUND; - } - san_names_nb = sk_GENERAL_NAME_num(san_names); - - // Check each name within the extension - for (i = 0; i < san_names_nb; i++) { - const GENERAL_NAME *current_name = sk_GENERAL_NAME_value(san_names, i); - - if (current_name->type == GEN_DNS) { - // Current name is a DNS name, let's check it - char *dns_name = (char *)ASN1_STRING_data(current_name->d.dNSName); - - // Make sure there isn't an embedded NUL character in the DNS name - if ((size_t)ASN1_STRING_length(current_name->d.dNSName) != strlen(dns_name)) { - result = ERR_INVALID_PARAMETER; - break; - } else { // Compare expected hostname with the DNS name - if (_match_host_name(dns_name, hostname)) { - result = OK; - break; - } - } - } - } - sk_GENERAL_NAME_pop_free(san_names, GENERAL_NAME_free); - - return result; -} - -/* See http://archives.seul.org/libevent/users/Jan-2013/msg00039.html */ -int StreamPeerOpenSSL::_cert_verify_callback(X509_STORE_CTX *x509_ctx, void *arg) { - - /* This is the function that OpenSSL would call if we hadn't called - * SSL_CTX_set_cert_verify_callback(). Therefore, we are "wrapping" - * the default functionality, rather than replacing it. */ - - bool base_cert_valid = X509_verify_cert(x509_ctx); - if (!base_cert_valid) { - print_line("Cause: " + String(X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509_ctx)))); - ERR_print_errors_fp(stdout); - } - X509 *server_cert = X509_STORE_CTX_get_current_cert(x509_ctx); - - ERR_FAIL_COND_V(!server_cert, 0); - - char cert_str[256]; - X509_NAME_oneline(X509_get_subject_name(server_cert), - cert_str, sizeof(cert_str)); - - if (!base_cert_valid) - return 0; - - StreamPeerOpenSSL *ssl = (StreamPeerOpenSSL *)arg; - - if (ssl->validate_hostname) { - - Error err = _match_subject_alternative_name(ssl->hostname.utf8().get_data(), server_cert); - - if (err == ERR_FILE_NOT_FOUND) { - - err = _match_common_name(ssl->hostname.utf8().get_data(), server_cert); - } - - if (err != OK) { - - ssl->status = STATUS_ERROR_HOSTNAME_MISMATCH; - return 0; - } - } - - return 1; -} - -int StreamPeerOpenSSL::_bio_create(BIO *b) { - BIO_set_init(b, 1); - BIO_set_num(b, 0); - BIO_set_data(b, NULL); - BIO_clear_flags(b, ~0); - return 1; -} - -int StreamPeerOpenSSL::_bio_destroy(BIO *b) { - if (b == NULL) - return 0; - - BIO_set_data(b, NULL); /* sb_tls_remove() will free it */ - BIO_set_init(b, 0); - BIO_clear_flags(b, ~0); - return 1; -} - -int StreamPeerOpenSSL::_bio_read(BIO *b, char *buf, int len) { - - if (buf == NULL || len <= 0) return 0; - - StreamPeerOpenSSL *sp = (StreamPeerOpenSSL *)BIO_get_data(b); - - ERR_FAIL_COND_V(sp == NULL, 0); - - BIO_clear_retry_flags(b); - if (sp->use_blocking) { - - Error err = sp->base->get_data((uint8_t *)buf, len); - if (err != OK) { - return -1; - } - - return len; - } else { - - int got; - Error err = sp->base->get_partial_data((uint8_t *)buf, len, got); - if (err != OK) { - return -1; - } - if (got == 0) { - BIO_set_retry_read(b); - } - return got; - } - - //unreachable - return 0; -} - -int StreamPeerOpenSSL::_bio_write(BIO *b, const char *buf, int len) { - - if (buf == NULL || len <= 0) return 0; - - StreamPeerOpenSSL *sp = (StreamPeerOpenSSL *)BIO_get_data(b); - - ERR_FAIL_COND_V(sp == NULL, 0); - - BIO_clear_retry_flags(b); - if (sp->use_blocking) { - - Error err = sp->base->put_data((const uint8_t *)buf, len); - if (err != OK) { - return -1; - } - - return len; - } else { - - int sent; - Error err = sp->base->put_partial_data((const uint8_t *)buf, len, sent); - if (err != OK) { - return -1; - } - if (sent == 0) { - BIO_set_retry_write(b); - } - return sent; - } - - //unreachable - return 0; -} - -long StreamPeerOpenSSL::_bio_ctrl(BIO *b, int cmd, long num, void *ptr) { - if (cmd == BIO_CTRL_FLUSH) { - /* The OpenSSL library needs this */ - return 1; - } - return 0; -} - -int StreamPeerOpenSSL::_bio_gets(BIO *b, char *buf, int len) { - return -1; -} - -int StreamPeerOpenSSL::_bio_puts(BIO *b, const char *str) { - return _bio_write(b, str, strlen(str)); -} - -#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -BIO_METHOD *StreamPeerOpenSSL::_bio_method = NULL; - -BIO_METHOD *StreamPeerOpenSSL::_get_bio_method() { - if (_bio_method) // already initialized. - return _bio_method; - - /* it's a source/sink BIO */ - _bio_method = BIO_meth_new(100 | 0x400, "streampeer glue"); - BIO_meth_set_write(_bio_method, _bio_write); - BIO_meth_set_read(_bio_method, _bio_read); - BIO_meth_set_puts(_bio_method, _bio_puts); - BIO_meth_set_gets(_bio_method, _bio_gets); - BIO_meth_set_ctrl(_bio_method, _bio_ctrl); - BIO_meth_set_create(_bio_method, _bio_create); - BIO_meth_set_destroy(_bio_method, _bio_destroy); - - return _bio_method; -} -#else -BIO_METHOD StreamPeerOpenSSL::_bio_method = { - /* it's a source/sink BIO */ - (100 | 0x400), - "streampeer glue", - _bio_write, - _bio_read, - _bio_puts, - _bio_gets, - _bio_ctrl, - _bio_create, - _bio_destroy -}; - -BIO_METHOD *StreamPeerOpenSSL::_get_bio_method() { - return &_bio_method; -} -#endif - -Error StreamPeerOpenSSL::connect_to_stream(Ref<StreamPeer> p_base, bool p_validate_certs, const String &p_for_hostname) { - - if (connected) - disconnect_from_stream(); - - hostname = p_for_hostname; - status = STATUS_DISCONNECTED; - - // Set up a SSL_CTX object, which will tell our BIO object how to do its work - ctx = SSL_CTX_new(SSLv23_client_method()); - base = p_base; - validate_certs = p_validate_certs; - validate_hostname = p_for_hostname != ""; - - if (p_validate_certs) { - - if (certs.size()) { - //yay for undocumented OpenSSL functions - - X509_STORE *store = SSL_CTX_get_cert_store(ctx); - for (int i = 0; i < certs.size(); i++) { - - X509_STORE_add_cert(store, certs[i]); - } - } - - //used for testing - //int res = SSL_CTX_load_verify_locations(ctx,"/etc/ssl/certs/ca-certificates.crt",NULL); - //print_line("verify locations res: "+itos(res)); - - /* Ask OpenSSL to verify the server certificate. Note that this - * does NOT include verifying that the hostname is correct. - * So, by itself, this means anyone with any legitimate - * CA-issued certificate for any website, can impersonate any - * other website in the world. This is not good. See "The - * Most Dangerous Code in the World" article at - * https://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html - */ - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); - /* This is how we solve the problem mentioned in the previous - * comment. We "wrap" OpenSSL's validation routine in our - * own routine, which also validates the hostname by calling - * the code provided by iSECPartners. Note that even though - * the "Everything You've Always Wanted to Know About - * Certificate Validation With OpenSSL (But Were Afraid to - * Ask)" paper from iSECPartners says very explicitly not to - * call SSL_CTX_set_cert_verify_callback (at the bottom of - * page 2), what we're doing here is safe because our - * cert_verify_callback() calls X509_verify_cert(), which is - * OpenSSL's built-in routine which would have been called if - * we hadn't set the callback. Therefore, we're just - * "wrapping" OpenSSL's routine, not replacing it. */ - SSL_CTX_set_cert_verify_callback(ctx, _cert_verify_callback, this); - - //Let the verify_callback catch the verify_depth error so that we get an appropriate error in the logfile. (??) - SSL_CTX_set_verify_depth(ctx, max_cert_chain_depth + 1); - } - - ssl = SSL_new(ctx); - bio = BIO_new(_get_bio_method()); - BIO_set_data(bio, this); - SSL_set_bio(ssl, bio, bio); - - if (p_for_hostname != String()) { - SSL_set_tlsext_host_name(ssl, p_for_hostname.utf8().get_data()); - } - - use_blocking = true; // let handshake use blocking - // Set the SSL to automatically retry on failure. - SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); - - // Same as before, try to connect. - int result = SSL_connect(ssl); - - if (result < 1) { - ERR_print_errors_fp(stdout); - _print_error(result); - } - - X509 *peer = SSL_get_peer_certificate(ssl); - - if (peer) { - bool cert_ok = SSL_get_verify_result(ssl) == X509_V_OK; - - } else if (validate_certs) { - status = STATUS_ERROR_NO_CERTIFICATE; - } - - connected = true; - status = STATUS_CONNECTED; - - return OK; -} - -Error StreamPeerOpenSSL::accept_stream(Ref<StreamPeer> p_base) { - - return ERR_UNAVAILABLE; -} - -void StreamPeerOpenSSL::_print_error(int err) { - - err = SSL_get_error(ssl, err); - switch (err) { - case SSL_ERROR_NONE: - ERR_PRINT("NO ERROR: The TLS/SSL I/O operation completed"); - break; - case SSL_ERROR_ZERO_RETURN: - ERR_PRINT("The TLS/SSL connection has been closed."); - break; - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_WRITE: - ERR_PRINT("The operation did not complete."); - break; - case SSL_ERROR_WANT_CONNECT: - case SSL_ERROR_WANT_ACCEPT: - ERR_PRINT("The connect/accept operation did not complete"); - break; - case SSL_ERROR_WANT_X509_LOOKUP: - ERR_PRINT("The operation did not complete because an application callback set by SSL_CTX_set_client_cert_cb() has asked to be called again."); - break; - case SSL_ERROR_SYSCALL: - ERR_PRINT("Some I/O error occurred. The OpenSSL error queue may contain more information on the error."); - break; - case SSL_ERROR_SSL: - ERR_PRINT("A failure in the SSL library occurred, usually a protocol error."); - break; - } -} - -Error StreamPeerOpenSSL::put_data(const uint8_t *p_data, int p_bytes) { - - ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); - - while (p_bytes > 0) { - int ret = SSL_write(ssl, p_data, p_bytes); - if (ret <= 0) { - _print_error(ret); - disconnect_from_stream(); - return ERR_CONNECTION_ERROR; - } - p_data += ret; - p_bytes -= ret; - } - - return OK; -} - -Error StreamPeerOpenSSL::put_partial_data(const uint8_t *p_data, int p_bytes, int &r_sent) { - - ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); - if (p_bytes == 0) - return OK; - - Error err = put_data(p_data, p_bytes); - if (err != OK) - return err; - - r_sent = p_bytes; - return OK; -} - -Error StreamPeerOpenSSL::get_data(uint8_t *p_buffer, int p_bytes) { - - ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); - - while (p_bytes > 0) { - - int ret = SSL_read(ssl, p_buffer, p_bytes); - if (ret <= 0) { - _print_error(ret); - disconnect_from_stream(); - return ERR_CONNECTION_ERROR; - } - p_buffer += ret; - p_bytes -= ret; - } - - return OK; -} - -Error StreamPeerOpenSSL::get_partial_data(uint8_t *p_buffer, int p_bytes, int &r_received) { - - ERR_FAIL_COND_V(!connected, ERR_UNCONFIGURED); - if (p_bytes == 0) { - r_received = 0; - return OK; - } - - Error err = get_data(p_buffer, p_bytes); - if (err != OK) - return err; - r_received = p_bytes; - return OK; -} - -int StreamPeerOpenSSL::get_available_bytes() const { - - ERR_FAIL_COND_V(!connected, 0); - - return SSL_pending(ssl); -} -StreamPeerOpenSSL::StreamPeerOpenSSL() { - - ctx = NULL; - ssl = NULL; - bio = NULL; - connected = false; - use_blocking = true; //might be improved int the future, but for now it always blocks - max_cert_chain_depth = 9; - flags = 0; -} - -void StreamPeerOpenSSL::disconnect_from_stream() { - - if (!connected) - return; - SSL_shutdown(ssl); - SSL_free(ssl); - SSL_CTX_free(ctx); - base = Ref<StreamPeer>(); - connected = false; - validate_certs = false; - validate_hostname = false; - status = STATUS_DISCONNECTED; -} - -StreamPeerOpenSSL::Status StreamPeerOpenSSL::get_status() const { - - return status; -} - -StreamPeerOpenSSL::~StreamPeerOpenSSL() { - disconnect_from_stream(); -} - -StreamPeerSSL *StreamPeerOpenSSL::_create_func() { - - return memnew(StreamPeerOpenSSL); -} - -Vector<X509 *> StreamPeerOpenSSL::certs; - -void StreamPeerOpenSSL::_load_certs(const PoolByteArray &p_array) { - - PoolByteArray::Read r = p_array.read(); - BIO *mem = BIO_new(BIO_s_mem()); - BIO_puts(mem, (const char *)r.ptr()); - while (true) { - X509 *cert = PEM_read_bio_X509(mem, NULL, 0, NULL); - if (!cert) - break; - certs.push_back(cert); - } - BIO_free(mem); -} - -void StreamPeerOpenSSL::initialize_ssl() { - - available = true; - - load_certs_func = _load_certs; - - _create = _create_func; -#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) - CRYPTO_malloc_init(); // Initialize malloc, free, etc for OpenSSL's use -#endif - SSL_library_init(); // Initialize OpenSSL's SSL libraries - SSL_load_error_strings(); // Load SSL error strings - ERR_load_BIO_strings(); // Load BIO error strings - OpenSSL_add_all_algorithms(); // Load all available encryption algorithms - String certs_path = GLOBAL_DEF("network/ssl/certificates", ""); - ProjectSettings::get_singleton()->set_custom_property_info("network/ssl/certificates", PropertyInfo(Variant::STRING, "network/ssl/certificates", PROPERTY_HINT_FILE, "*.crt")); - if (certs_path != "") { - - FileAccess *f = FileAccess::open(certs_path, FileAccess::READ); - if (f) { - PoolByteArray arr; - int flen = f->get_len(); - arr.resize(flen + 1); - { - PoolByteArray::Write w = arr.write(); - f->get_buffer(w.ptr(), flen); - w[flen] = 0; //end f string - } - - memdelete(f); - - _load_certs(arr); - print_line("Loaded certs from '" + certs_path + "': " + itos(certs.size())); - } - } - String config_path = GLOBAL_DEF("network/ssl/config", ""); - ProjectSettings::get_singleton()->set_custom_property_info("network/ssl/config", PropertyInfo(Variant::STRING, "network/ssl/config", PROPERTY_HINT_FILE, "*.cnf")); - if (config_path != "") { - - Vector<uint8_t> data = FileAccess::get_file_as_array(config_path); - if (data.size()) { - data.push_back(0); - BIO *mem = BIO_new(BIO_s_mem()); - BIO_puts(mem, (const char *)data.ptr()); - - while (true) { - X509 *cert = PEM_read_bio_X509(mem, NULL, 0, NULL); - if (!cert) - break; - certs.push_back(cert); - } - BIO_free(mem); - } - print_line("Loaded certs from '" + certs_path + "': " + itos(certs.size())); - } -} - -void StreamPeerOpenSSL::finalize_ssl() { - - for (int i = 0; i < certs.size(); i++) { - X509_free(certs[i]); - } - certs.clear(); -} diff --git a/modules/webm/libvpx/SCsub b/modules/webm/libvpx/SCsub index 73ba17d184..aa282338cb 100644 --- a/modules/webm/libvpx/SCsub +++ b/modules/webm/libvpx/SCsub @@ -333,7 +333,7 @@ if webm_cpu_x86: if webm_cpu_arm: if env["platform"] == 'iphone': env_libvpx["ASFLAGS"] = '-arch armv7' - elif env["platform"] == 'android' or env["platform"] == 'x11' or env["platform"] == 'server': + elif env["platform"] == 'android' and env["android_arch"] == 'armv7' or env["platform"] == 'x11' or env["platform"] == 'server': env_libvpx["ASFLAGS"] = '-mfpu=neon' elif env["platform"] == 'uwp': env_libvpx["AS"] = 'armasm' @@ -389,5 +389,5 @@ elif webm_cpu_arm: env_libvpx.add_source_files(env.modules_sources, libvpx_sources_arm_neon_armasm_ms) elif env["platform"] == 'iphone': env_libvpx.add_source_files(env.modules_sources, libvpx_sources_arm_neon_gas_apple) - else: + elif not env["android_arch"] == 'arm64v8': env_libvpx.add_source_files(env.modules_sources, libvpx_sources_arm_neon_gas) diff --git a/modules/websocket/SCsub b/modules/websocket/SCsub index 067a99ffff..3b0f920bbf 100644 --- a/modules/websocket/SCsub +++ b/modules/websocket/SCsub @@ -9,7 +9,6 @@ env_lws = env_modules.Clone() thirdparty_dir = "#thirdparty/lws/" helper_dir = "win32helpers/" -openssl_dir = "#thirdparty/openssl/" thirdparty_sources = [ "client/client.c", "client/client-handshake.c", @@ -42,6 +41,14 @@ thirdparty_sources = [ "service.c", "ssl.c", + "mbedtls_wrapper/library/ssl_cert.c", + "mbedtls_wrapper/library/ssl_pkey.c", + "mbedtls_wrapper/library/ssl_stack.c", + "mbedtls_wrapper/library/ssl_methods.c", + "mbedtls_wrapper/library/ssl_lib.c", + "mbedtls_wrapper/library/ssl_x509.c", + "mbedtls_wrapper/platform/ssl_port.c", + "mbedtls_wrapper/platform/ssl_pm.c", ] if env_lws["platform"] == "android": # Builtin getifaddrs @@ -61,8 +68,12 @@ else: env_lws.add_source_files(env.modules_sources, thirdparty_sources) env_lws.Append(CPPPATH=[thirdparty_dir]) - if env['builtin_openssl']: - env_lws.Append(CPPPATH=[openssl_dir]) + wrapper_includes = ["#thirdparty/lws/mbedtls_wrapper/include/" + inc for inc in ["internal", "openssl", "platform", ""]] + env_lws.Append(CPPPATH=wrapper_includes) + + if env['builtin_mbedtls']: + mbedtls_includes = "#thirdparty/mbedtls/include" + env_lws.Append(CPPPATH=[mbedtls_includes]) if env_lws["platform"] == "windows": env_lws.Append(CPPPATH=[thirdparty_dir + helper_dir]) |