Closed huitema closed 2 months ago
The last failure is in the linker:
/usr/bin/cc -D_GNU_SOURCE -pthread -std=c99 -Wall -O2 -g -DPICOTLS_USE_DTRACE=1 -DPICOTLS_USE_BROTLI=1 -DPTLS_HAVE_FUSION=1 -DPTLS_HAVE_MBEDTLS=1 -rdynamic CMakeFiles/test-mbedtls.t.dir/deps/picotest/picotest.c.o CMakeFiles/test-mbedtls.t.dir/t/hpke.c.o CMakeFiles/test-mbedtls.t.dir/t/picotls.c.o CMakeFiles/test-mbedtls.t.dir/t/mbedtls.c.o picotls-probes.o -o test-mbedtls.t -L"/picotls/(" -L"/picotls/)" -Wl,-rpath,"/picotls/(:/picotls/)" libpicotls-minicrypto.a libpicotls-mbedtls.a /usr/local/lib/libmbedtls.a /usr/local/lib/libmbedcrypto.a /usr/local/lib/libmbedx509.a libpicotls-core.a -lbrotlidec -lbrotlienc
/usr/bin/ld: errno: TLS definition in /lib/x86_64-linux-gnu/libc.so.6 section .tbss mismatches non-TLS reference in libpicotls-mbedtls.a(mbedtls_sign.c.o)
/usr/bin/ld: /lib/x86_64-linux-gnu/libc.so.6: error adding symbols: bad value
The diagnostic error adding symbols: bad value
supposedly happens because some function was present in multiple binaries, but these binaries were not compiled with exactly the same flags -- see this page on stack overflow.
The error only happens after we tried to use errno, so maybe removing that will solve the issue.
@kazuho This is finally ready. I am sorry for the mess yesterday. I was down with a fever, trying to make it work and missing basic stuff. The latest fix was to add a final NULL byte to the returned buffer -- just copying the content of the file was not enough. Overall, a very small fix, and very contained.
@kazuho Since this PR was not checked in, I am adding the missing pieces to fully support MbedTLS as a backend: loading of certificates, implementation of the sign certificate and verify certificates call back.
@kazuho The tests are failing because this branch somehow picked the wrong version of picotest
, which does not support adding arguments to the "subtest" function. This is weird, because the test scripts supposedly load the latest version.
The issue is probably happening when building the docker image in the github actions, but I don't know how to fix that.
Develop a static function to load file content in memory, as a replacement for the API mbedtls_pk_load_file issue() that is not available in recent versions of MbedTLS.
Also fix missing parentheses in cmake/FindMbedTLS.cmake
Edited on May 16, 2024: the PR now includes the complete code needed for using MbedTLS as a back end.