An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
I stumbled on this bug using mbedtls with the ESP-IDF Framework. But I was unsure if this is a general bug of mbedtls, so I cloned the original code and could reproduce the build fail with the most recent v3.6.0 and develop
System information
Mbed TLS version (number or commit id): v3.6.0 and develop
Operating system and version: Manjaro 24.0
Configuration (if not default, please attach mbedtls_config.h): Undefine MBEDTLS_SSL_CLI_C
Compiler and options (if you used a pre-built binary, please indicate how you obtained it): GCC 13
Additional environment information: -
Expected behavior
I should be able to build the mbedtls library without client mode. After all it looks like MBEDTLS_SSL_CLI_C is a selectable option in mbedtls_config.h. More technical insight in "Additional information".
Actual behavior
Build fails with:
Software/mbedtls/library/ssl_tls.c:2120:5: error: no previous prototype for ‘mbedtls_ssl_conf_has_static_psk’ [-Werror=missing-prototypes]
2120 | int mbedtls_ssl_conf_has_static_psk(mbedtls_ssl_config const *conf)
More technical insight in "Additional information".
Steps to reproduce
From an unmodified clone: Undefine MBEDTLS_SSL_CLI_C (e.g. comment it out) and try to build the library using CMake.
Additional information
I think I figured the problem out already:
If we are in the MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED situation ssl_tls.c defines and uses the function mbedtls_ssl_conf_has_static_psk.
But for the prototype declaration of the external function the define above is not enough: It also needs MBEDTLS_SSL_CLI_C
This leads to the situation of a used function without prototype and mbedtls takes this pretty seriously. At least it looks like the Werror=missing-prototypes setting is very intentional in the CMake configuration file.
Solution: Definitely declaration, definition and usage of the functions should all be aligned under the same define-requirements. Most likely either the MBEDTLS_SSL_CLI_C needs to be removed from the header or added in the source. But I am not enough of an mbedtls expert to create a PR right away.
Summary
I stumbled on this bug using mbedtls with the ESP-IDF Framework. But I was unsure if this is a general bug of mbedtls, so I cloned the original code and could reproduce the build fail with the most recent v3.6.0 and develop
System information
Mbed TLS version (number or commit id): v3.6.0 and develop Operating system and version: Manjaro 24.0 Configuration (if not default, please attach
mbedtls_config.h
): UndefineMBEDTLS_SSL_CLI_C
Compiler and options (if you used a pre-built binary, please indicate how you obtained it): GCC 13 Additional environment information: -Expected behavior
I should be able to build the mbedtls library without client mode. After all it looks like
MBEDTLS_SSL_CLI_C
is a selectable option in mbedtls_config.h. More technical insight in "Additional information".Actual behavior
Build fails with:
More technical insight in "Additional information".
Steps to reproduce
From an unmodified clone: Undefine
MBEDTLS_SSL_CLI_C
(e.g. comment it out) and try to build the library using CMake.Additional information
I think I figured the problem out already:
MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
situation ssl_tls.c defines and uses the functionmbedtls_ssl_conf_has_static_psk
.MBEDTLS_SSL_CLI_C
needs to be removed from the header or added in the source. But I am not enough of an mbedtls expert to create a PR right away.