Closed AxelLin closed 4 months ago
Hi @AxelLin
It looks like lwip is missing mbedtls headers.
Could you please share your lwip/mbedtls configuration? (makefiles, custom flags, changes to IDF)
I'm only interested how did you tell lwip to use mbedtls? (using LWIP_HAVE_MBEDTLS
, or with ALTCP
, or maybe setting LWIP_MBEDTLS_INCLUDE_DIRS
?)
Hi @david-cermak
I only change "#define LWIP_USE_EXTERNAL_MBEDTLS 1" in components/lwip/lwip/src/include/netif/ppp/ppp_opts.h. I didn't change anything related to LWIP_HAVE_MBEDTLS, or with ALTCP.
BTW, the main reason that I try define LWIP_USE_EXTERNAL_MBEDTLS 1 is because when I compile with external library I got build error as:
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(md5.c.obj): in function `md5_update':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/polarssl/md5.c:212: multiple definition of `md5_update'; esp-idf/libssh/liblibssh.a(md_mbedcrypto.c.obj):/home/axel/esp/esp-idf-dev/libssh/libssh/src/md_mbedcrypto.c:389: first defined here
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(sha1.c.obj): in function `sha1_update':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/polarssl/sha1.c:246: multiple definition of `sha1_update'; esp-idf/libssh/liblibssh.a(md_mbedcrypto.c.obj):/home/axel/esp/esp-idf-dev/libssh/libssh/src/md_mbedcrypto.c:74: first defined here
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(sha1.c.obj): in function `sha1':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/polarssl/sha1.c:327: multiple definition of `sha1'; esp-idf/libssh/liblibssh.a(md_mbedcrypto.c.obj):/home/axel/esp/esp-idf-dev/libssh/libssh/src/md_mbedcrypto.c:96: first defined here
If there is a better way to resolve this build issue without changing LWIP_USE_EXTERNAL_MBEDTLS, that would be fine.
Could you please try to remove these polarssl sources from the lwip build?
while keeping LWIP_USE_EXTERNAL_MBEDTLS
disabled?
Then you'll probably have to add
idf_component_optional_requires(PRIVATE mbedtls)
to the end of the lwip makefile for the linker to locate these symbols
Hi @david-cermak
I made below changes base on above comment:
diff --git a/components/lwip/CMakeLists.txt b/components/lwip/CMakeLists.txt
index 671da81e20..866e2caff7 100644
--- a/components/lwip/CMakeLists.txt
+++ b/components/lwip/CMakeLists.txt
@@ -125,12 +125,7 @@ if(CONFIG_LWIP_PPP_SUPPORT)
"lwip/src/netif/ppp/pppos.c"
"lwip/src/netif/ppp/upap.c"
"lwip/src/netif/ppp/utils.c"
- "lwip/src/netif/ppp/vj.c"
- "lwip/src/netif/ppp/polarssl/arc4.c"
- "lwip/src/netif/ppp/polarssl/des.c"
- "lwip/src/netif/ppp/polarssl/md4.c"
- "lwip/src/netif/ppp/polarssl/md5.c"
- "lwip/src/netif/ppp/polarssl/sha1.c")
+ "lwip/src/netif/ppp/vj.c")
endif()
if(NOT ${target} STREQUAL "linux")
@@ -207,3 +202,4 @@ if(${target} STREQUAL "linux")
find_package(Threads REQUIRED)
target_link_libraries(${COMPONENT_LIB} PRIVATE Threads::Threads)
endif()
+idf_component_optional_requires(PRIVATE mbedtls)
I got below build error:
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.NTPasswordHash+0x0): undefined reference to md4_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.NTPasswordHash+0x4): undefined reference to
md4_update'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.NTPasswordHash+0x8): undefined reference to md4_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.ChallengeResponse+0x0): undefined reference to
des_setkey_enc'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.ChallengeResponse+0x4): undefined reference to des_crypt_ecb' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.Set_Start_Key+0x0): undefined reference to
sha1_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj):(.literal.Set_Start_Key+0x4): undefined reference to sha1_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function
NTPasswordHash':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:576: undefined reference to md4_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:577: undefined reference to
md4_update'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:578: undefined reference to md4_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function
ChallengeResponse':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:513: undefined reference to des_setkey_enc' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:514: undefined reference to
des_crypt_ecb'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:517: undefined reference to des_setkey_enc' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:519: undefined reference to
des_crypt_ecb'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:523: undefined reference to des_setkey_enc' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:525: undefined reference to
des_crypt_ecb'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function Set_Start_Key': /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:724: undefined reference to
sha1_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:729: undefined reference to sha1_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function
ChallengeHash':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:547: undefined reference to sha1_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:550: undefined reference to
sha1_finish'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function GenerateAuthenticatorResponsePlain': /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:702: undefined reference to
sha1_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function GenerateAuthenticatorResponse': /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:669: undefined reference to
sha1_finish'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:671: undefined reference to sha1_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:679: undefined reference to
sha1_finish'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap_ms.c.obj): in function SetMasterKeys': /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:786: undefined reference to
sha1_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:791: undefined reference to sha1_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:792: undefined reference to
sha1_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:806: undefined reference to sha1_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:808: undefined reference to
sha1_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap_ms.c:823: undefined reference to sha1_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(mppe.c.obj):(.literal.mppe_rekey+0xc): undefined reference to
arc4_setup'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(mppe.c.obj):(.literal.mppe_rekey+0x10): undefined reference to arc4_crypt' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(mppe.c.obj): in function
mppe_rekey':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:71: undefined reference to sha1_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:75: undefined reference to
sha1_finish'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:78: undefined reference to arc4_setup' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:82: undefined reference to
arc4_crypt'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:88: undefined reference to arc4_setup' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(mppe.c.obj): in function
mppe_compress':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:246: undefined reference to arc4_crypt' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(mppe.c.obj): in function
mppe_decompress':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/mppe.c:385: undefined reference to arc4_crypt' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(chap-md5.c.obj): in function
chap_md5_make_response':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:99: undefined reference to md5_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:109: undefined reference to
md5_finish'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(magic.c.obj):(.literal.magic_init+0x8): undefined reference to md5_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(magic.c.obj):(.literal.magic_init+0xc): undefined reference to
md5_finish'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(magic.c.obj): in function magic_churnrand': /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/magic.c:105: undefined reference to
md5_starts'
/home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/magic.c:123: undefined reference to md5_finish' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: esp-idf/lwip/liblwip.a(magic.c.obj): in function
magic_random_bytes':
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/magic.c:169: undefined reference to md5_starts' /home/axel/.espressif/tools/xtensa-esp32-elf/esp-12.2.0_20230208/xtensa-esp32-elf/bin/../lib/gcc/xtensa-esp32-elf/12.2.0/../../../../xtensa-esp32-elf/bin/ld: /home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/magic.c:172: undefined reference to
md5_finish'
I'm sorry, I misread the previous error message. The symbol duplication comes from the libssh -- an external library. I'm afraid I cannot provide any quick workaround (other that running objcopy
to namespace the symbols in SSH with a given prefix).
And it looks like the mbedtls alternative in PPP was left long unmaintained...
I'll take a look into it.
Hi @david-cermak
FYI, I made some progress to compile with LWIP_USE_EXTERNAL_MBEDTLS=1.
I can compile with below settings: CONFIG_LWIP_PPP_SUPPORT=y CONFIG_LWIP_PPP_NOTIFY_PHASE_SUPPORT=y CONFIG_LWIP_PPP_PAP_SUPPORT=y CONFIG_LWIP_PPP_CHAP_SUPPORT=y CONFIG_LWIP_PPP_MSCHAP_SUPPORT=n CONFIG_LWIP_PPP_MPPE_SUPPORT=n
With below changes in esp-idf and lwip:
// Changes in esp-idf
diff --git a/components/lwip/CMakeLists.txt b/components/lwip/CMakeLists.txt
index 671da81e20..4d7fb022ac 100644
--- a/components/lwip/CMakeLists.txt
+++ b/components/lwip/CMakeLists.txt
@@ -207,3 +207,4 @@ if(${target} STREQUAL "linux")
find_package(Threads REQUIRED)
target_link_libraries(${COMPONENT_LIB} PRIVATE Threads::Threads)
endif()
+idf_component_optional_requires(PRIVATE mbedtls)
// Changes in lwip
diff --git a/src/include/netif/ppp/ppp_opts.h b/src/include/netif/ppp/ppp_opts.h
index 479a006d..3b5dc69c 100644
--- a/src/include/netif/ppp/ppp_opts.h
+++ b/src/include/netif/ppp/ppp_opts.h
@@ -362,7 +362,7 @@
* LWIP_USE_EXTERNAL_MBEDTLS: Use external mbed TLS library
*/
#ifndef LWIP_USE_EXTERNAL_MBEDTLS
-#define LWIP_USE_EXTERNAL_MBEDTLS 0
+#define LWIP_USE_EXTERNAL_MBEDTLS 1
#endif
/*
diff --git a/src/include/netif/ppp/pppcrypt.h b/src/include/netif/ppp/pppcrypt.h
index c0230bbc..9e750279 100644
--- a/src/include/netif/ppp/pppcrypt.h
+++ b/src/include/netif/ppp/pppcrypt.h
@@ -97,6 +97,9 @@ extern "C" {
* Map hashes and ciphers functions to mbed TLS
*/
#if LWIP_USE_EXTERNAL_MBEDTLS
+#include "mbedtls/des.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/sha1.h"
#define lwip_md4_context mbedtls_md4_context
#define lwip_md4_init mbedtls_md4_init
Also note, I hit compile error if CONFIG_LWIP_PPP_MSCHAP_SUPPORT=y CONFIG_LWIP_PPP_MPPE_SUPPORT=y
// if CONFIG_LWIP_PPP_MPPE_SUPPORT=y
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:130:27: error: unknown type name 'mbedtls_arc4_context'
130 | #define lwip_arc4_context mbedtls_arc4_context
| ^~~~~~~~
// if CONFIG_LWIP_PPP_MSCHAP_SUPPORT=y
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:103:26: error: unknown type name 'mbedtls_md4_context'; did you mean 'mbedtls_md5_context'?
103 | #define lwip_md4_context mbedtls_md4_context
| ^~~~~~~
mbedtls_arc4_context and mbedtls_md4_context are not exist in mbedtls-3.x. see https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md#remove-md2-md4-rc4-blowfish-and-xtea-algorithms . I'm not sure how to addess this build error.
Thanks for the update! It seems that you only need to add the optional dependency to mbedtls
, as both the define and includes can be provided via the build system or hook files.
mbedtls_arc4_context and mbedtls_md4_context are not exist in mbedtls-3.x. I'm not sure how to addess this build error.
You can probably report the problem to lwip upstream, but I think that the assesment would be that MPPE
and MSCHAP
won't be supported with mbedtls, and mbedtls > v3.0
Thanks for the update! It seems that you only need to add the optional dependency to
mbedtls
, as both the define and includes can be provided via the build system or hook files.
Is it possible to achieve this without touching esp-idf ? (Is it possible to just change it in my application's CMakeLists.txt? )
Yes, it's possible to make the changes in the project makefile:
1) enable LWIP_USE_EXTERNAL_MBEDTLS
using https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/lwip.html#customized-lwip-options-from-esp-idf-build-system
2) pre-include mbedTLS headers via the lwip hook file: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/lwip.html#customized-lwip-hooks
# idf_component_get_property(lwip lwip COMPONENT_LIB) -- already done in step 1), 2)
idf_component_get_property(mbedtls mbedtls COMPONENT_LIB)
target_link_libraries(${lwip} PRIVATE ${mbedtls})
but I think we should provide a cleaner way for the points 2)
and 3)
at some point in IDF.
- pre-include mbedTLS headers via the lwip hook file: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/lwip.html#customized-lwip-hooks
This does not work, I still got build error:
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c: In function 'chap_md5_make_response':
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:108:26: error: unknown type name 'mbedtls_md5_context'; did you mean 'lwip_md5_context'?
108 | #define lwip_md5_context mbedtls_md5_context
| ^~~~~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:98:9: note: in expansion of macro 'lwip_md5_context'
98 | lwip_md5_context ctx;
| ^~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:109:23: error: implicit declaration of function 'mbedtls_md5_init' [-Werror=implicit-function-declaration]
109 | #define lwip_md5_init mbedtls_md5_init
| ^~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:105:9: note: in expansion of macro 'lwip_md5_init'
105 | lwip_md5_init(&ctx);
| ^~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:110:25: error: implicit declaration of function 'mbedtls_md5_starts' [-Werror=implicit-function-declaration]
110 | #define lwip_md5_starts mbedtls_md5_starts
| ^~~~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:106:9: note: in expansion of macro 'lwip_md5_starts'
106 | lwip_md5_starts(&ctx);
| ^~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:111:25: error: implicit declaration of function 'mbedtls_md5_update' [-Werror=implicit-function-declaration]
111 | #define lwip_md5_update mbedtls_md5_update
| ^~~~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:107:9: note: in expansion of macro 'lwip_md5_update'
107 | lwip_md5_update(&ctx, &idbyte, 1);
| ^~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:112:25: error: implicit declaration of function 'mbedtls_md5_finish' [-Werror=implicit-function-declaration]
112 | #define lwip_md5_finish mbedtls_md5_finish
| ^~~~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:110:9: note: in expansion of macro 'lwip_md5_finish'
110 | lwip_md5_finish(&ctx, &response[1]);
| ^~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/include/netif/ppp/pppcrypt.h:113:23: error: implicit declaration of function 'mbedtls_md5_free' [-Werror=implicit-function-declaration]
113 | #define lwip_md5_free mbedtls_md5_free
| ^~~~~~~~~~~~~~~~
/home/axel/esp/esp-idf/components/lwip/lwip/src/netif/ppp/chap-md5.c:111:9: note: in expansion of macro 'lwip_md5_free'
111 | lwip_md5_free(&ctx);
| ^~~~~~~~~~~~~
According to the comment in https://github.com/espressif/esp-lwip/blob/2.1.2-esp/src/include/netif/ppp/pppcrypt.h#L41-L44
This means I need to change the code in esp-idf again.. (or maybe you can check if this should be fix in esp-idf upstream?)
diff --git a/components/lwip/port/esp32xx/include/arch/cc.h b/components/lwip/port/esp32xx/include/arch/cc.h
index 486e2782bd..f2b0ff0248 100644
--- a/components/lwip/port/esp32xx/include/arch/cc.h
+++ b/components/lwip/port/esp32xx/include/arch/cc.h
@@ -96,6 +96,12 @@ typedef int sys_prot_t;
#endif /* NDEBUG */
+#if LWIP_USE_EXTERNAL_MBEDTLS
+#include "mbedtls/des.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/sha1.h"
+#endif
+
#ifdef __cplusplus
}
#endif
Hi @AxelLin
You were right about the include injection, it's not possible to add them to the hook file, as it comes a bit later after processing the pppots.h
.
I think it makes sense to support this option (lwip to use mbedTLS) on IDF level as well, as it may also be used in other modules (like snmp or altcp) and helps reducing build time/binary size a little. Although I'd prefer not adding those dependencies to cc.h
, since that would require PUBLIC
dependency on mbedTLS (rather than private). I'll address it directly in pppcrypt.h
together with explanation of deprecating some auth methods.
Reopening the issue.
As of now, I can offer this workaround:
LWIP_USE_EXTERNAL_POLARSSL=1
LWIP_INCLUDED_POLARSSL_MD5=1
LWIP_INCLUDED_POLARSSL_SHA1=1
...
and removing the polarssl sources from lwip:
idf_component_get_property(lwip lwip COMPONENT_LIB)
idf_component_get_property(lwip_dir lwip COMPONENT_DIR)
get_target_property(srcs ${lwip} SOURCES)
list(REMOVE_ITEM srcs "${lwip_dir}/lwip/src/netif/ppp/polarssl/md5.c")
...
set_property(TARGET ${lwip} PROPERTY SOURCES ${srcs})
(you may also need to add the idf_component_optional_requires()
to the libssh to fix potential unresolved symbols...)
Hi @david-cermak I'm not sure if MSCHAP and MPPE are still used or not nowdays. Just wondering is it safe to remove(disable) CONFIG_LWIP_PPP_MSCHAP_SUPPORT and CONFIG_LWIP_PPP_MPPE_SUPPORT ?
Hi @david-cermak I'm not sure if MSCHAP and MPPE are still used or not nowdays. Just wondering is it safe to remove(disable) CONFIG_LWIP_PPP_MSCHAP_SUPPORT and CONFIG_LWIP_PPP_MPPE_SUPPORT ?
Never mind, we don't use MSCHAP/MPPE.
I'm not sure if MSCHAP and MPPE are still used or not nowdays.
These are probably not much used these days with real modems (but could be still used with a pppd
server?) Maybe we can deprecate these options in the next IDF version?
I'd probably keep the options available for now, as they might still be used with some operators in some countries...
we don't use MSCHAP/MPPE.
Noted, thsnks!
Answers checklist.
IDF version.
v5.1.3-416-gd23b7a0361
Operating System used.
Linux
How did you build your project?
Command line with idf.py
If you are using Windows, please specify command line type.
None
What is the expected behavior?
It should pass compilation with LWIP_USE_EXTERNAL_MBEDTLS=1.
What is the actual behavior?
"#define LWIP_USE_EXTERNAL_MBEDTLS 1" with below config: CONFIG_LWIP_PPP_SUPPORT=y CONFIG_LWIP_PPP_NOTIFY_PHASE_SUPPORT=y CONFIG_LWIP_PPP_PAP_SUPPORT=y CONFIG_LWIP_PPP_CHAP_SUPPORT=y CONFIG_LWIP_PPP_MSCHAP_SUPPORT=y CONFIG_LWIP_PPP_MPPE_SUPPORT=y
I got below error:
Set CONFIG_LWIP_PPP_CHAP_SUPPORT=n CONFIG_LWIP_PPP_MSCHAP_SUPPORT=n
I got below error:
Steps to reproduce.
define LWIP_USE_EXTERNAL_MBEDTLS 1
Build or installation Logs.
No response
More Information.
No response