Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO

The introduction of positive options to control the presence of pre-existing functionality breaks the build for users of handwritten configurations. Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2026-04-04 14:08:39 +00:00 · 2020-10-09 09:19:39 +01:00 · 2020-10-09 09:19:39 +01:00 · 612a2f1504
commit 612a2f1504
parent 9a969b66c1
28 changed files with 112 additions and 112 deletions
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@ -241,13 +241,13 @@ int main( int argc, char *argv[] )
     * MBEDTLS_SSL_VERIFY_OPTIONAL, we would bail out here if ret != 0 */
    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
    {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        char vrfy_buf[512];
 #endif

        mbedtls_printf( " failed\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );

        mbedtls_printf( "%s\n", vrfy_buf );
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@ -216,13 +216,13 @@ int main( void )
    /* In real life, we probably want to bail out when ret != 0 */
    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
    {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        char vrfy_buf[512];
 #endif

        mbedtls_printf( " failed\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );

        mbedtls_printf( "%s\n", vrfy_buf );
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -529,12 +529,12 @@ static unsigned char peer_crt_info[1024];
 static int my_verify( void *data, mbedtls_x509_crt *crt,
                      int depth, uint32_t *flags )
 {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
    char buf[1024];
 #endif
    ((void) data);

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
    mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
    if( depth == 0 )
        memcpy( peer_crt_info, buf, sizeof( buf ) );
@ -553,7 +553,7 @@ static int my_verify( void *data, mbedtls_x509_crt *crt,
        mbedtls_printf( "  This certificate has no flags\n" );
    else
    {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        mbedtls_x509_crt_verify_info( buf, sizeof( buf ), "  ! ", *flags );
        mbedtls_printf( "%s\n", buf );
 #endif
@ -2284,13 +2284,13 @@ int main( int argc, char *argv[] )

    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
    {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        char vrfy_buf[512];
 #endif

        mbedtls_printf( " failed\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ),
                                      "  ! ", flags );

--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@ -208,13 +208,13 @@ static int do_handshake( mbedtls_ssl_context *ssl )
    /* In real life, we probably want to bail out when ret != 0 */
    if( ( flags = mbedtls_ssl_get_verify_result( ssl ) ) != 0 )
    {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        char vrfy_buf[512];
 #endif

        mbedtls_printf( " failed\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );

        mbedtls_printf( "%s\n", vrfy_buf );
@ -223,7 +223,7 @@ static int do_handshake( mbedtls_ssl_context *ssl )
    else
        mbedtls_printf( " ok\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
    mbedtls_printf( "  . Peer certificate information    ...\n" );
    mbedtls_x509_crt_info( (char *) buf, sizeof( buf ) - 1, "      ",
                   mbedtls_ssl_get_peer_cert( ssl ) );
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -3134,7 +3134,7 @@ handshake:
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n", (unsigned int) -ret );

-#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_X509_INFO)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO)
        if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
        {
            char vrfy_buf[512];
@ -3188,13 +3188,13 @@ handshake:

    if( ( flags = mbedtls_ssl_get_verify_result( &ssl ) ) != 0 )
    {
-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        char vrfy_buf[512];
 #endif

        mbedtls_printf( " failed\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
        mbedtls_x509_crt_verify_info( vrfy_buf, sizeof( vrfy_buf ), "  ! ", flags );

        mbedtls_printf( "%s\n", vrfy_buf );
@ -3203,7 +3203,7 @@ handshake:
    else
        mbedtls_printf( " ok\n" );

-#if defined(MBEDTLS_X509_INFO)
+#if !defined(MBEDTLS_X509_REMOVE_INFO)
    if( mbedtls_ssl_get_peer_cert( &ssl ) != NULL )
    {
        char crt_buf[512];
@ -3213,7 +3213,7 @@ handshake:
                       mbedtls_ssl_get_peer_cert( &ssl ) );
        mbedtls_printf( "%s\n", crt_buf );
    }
-#endif /* MBEDTLS_X509_INFO */
+#endif /* MBEDTLS_X509_REMOVE_INFO */
 #endif /* MBEDTLS_X509_CRT_PARSE_C */

 #if defined(MBEDTLS_SSL_EXPORT_KEYS)