mbedtls_dhm_context dhp;
mbedtls_ssl_config server_cfg;
mbedtls_ssl_config client_cfg;
- int suites[RB_MAX_CIPHERSUITES + 1];
size_t refcount;
+ int suites[RB_MAX_CIPHERSUITES + 1];
} rb_mbedtls_cfg_context;
typedef struct
lrb_assert(F->accept->callback != NULL);
lrb_assert(F->ssl != NULL);
+ (void) data;
+
const int ret = mbedtls_ssl_handshake(SSL_P(F));
switch(ret)
}
static const char *
-rb_ssl_strerror(const int err)
+rb_ssl_strerror(int err)
{
static char errbuf[512];
+ if (err < 0)
+ err = -err;
+
#ifdef MBEDTLS_ERROR_C
char mbed_errbuf[512];
mbedtls_strerror(err, mbed_errbuf, sizeof mbed_errbuf);
- (void) rb_snprintf(errbuf, sizeof errbuf, "-0x%x: %s", -err, mbed_errbuf);
+ (void) rb_snprintf(errbuf, sizeof errbuf, "-0x%X: %s", (unsigned int) err, mbed_errbuf);
#else
- (void) rb_snprintf(errbuf, sizeof errbuf, "-0x%x", -err);
+ (void) rb_snprintf(errbuf, sizeof errbuf, "-0x%X", (unsigned int) err);
#endif
return errbuf;
if(spki)
{
+ // Compiler may complain about dropping const qualifier on the cast below
+ // See <https://github.com/ARMmbed/mbedtls/issues/396> -- this is okay
+
unsigned char der_pubkey[8192];
if((ret = mbedtls_pk_write_pubkey_der((mbedtls_pk_context *)&peer_cert->pk,
der_pubkey, sizeof der_pubkey)) < 0)
int
rb_init_prng(const char *const path, prng_seed_t seed_type)
{
+ (void) path;
+ (void) seed_type;
+
rb_lib_log("%s: Skipping PRNG initialisation; not required by MbedTLS backend", __func__);
return 1;
}
rb_get_ssl_strerror(rb_fde_t *const F)
{
const int err = (int) F->ssl_errno;
- return rb_ssl_strerror(-err);
+ return rb_ssl_strerror(err);
}
int
static void
rb_ssl_timeout_cb(rb_fde_t *const F, void *const data)
{
+ (void) data;
+
lrb_assert(F->accept != NULL);
lrb_assert(F->accept->callback != NULL);