[DO NOT MERGE] Unremove tls files in preparation for the repository merge #384
Conversation
gilles-peskine-arm
added
the
DO NOT MERGE
I'm afraid I'm still seeing the two versions: https://github.com/gilles-peskine-arm/mbed-crypto/blob/unremove-non-crypto-4/include/mbedtls/config.h#L3359 Is git rerere playing tricks on you? |
|
In case it might help others who want to reproduce the unremoval, here's the script I used to reproduce it myself. #!/bin/sh
# Usage:
# 1. git checkout -b my-unremove-branch-name base-branch-or-commit
# 2. Run this script with no arguments
# 3. Stops on conflicts?
# yes: resolve & commit, then back to step 2
# no: done
set -eu
COMMITS='
b8e4ae18cf24644fa8daea6add26ad33aa1e52a7
7242ea688a9c7b1702dd41a026e921a696a5e0e2
dfcf84aea5413ef7c8bc1f30a972ba4ab04bc22b
32577734e2635da3684d03ad04ba07044775cef9
ed05b29ea335dd12415b40570b31b08fa8c8bd09
ef24980e667debd0cb8f1f26218c452bacbbe084
356acc82ad413dfec8d49745793e94a2e2f4c69e
43a450c858c4b4d681fc3cb695622fe8fd05c66a
b58ff9541ba6ce14d34215f8e40d3c0d90ade268
a4308b29a42a00fcbffa7d6d041946feeddc0ce9
bb1f70121218b461a4197224d547e6bcfae4f991
1c66e48670b64b2ac598576cc08df3a715f3957b
7fcc7bc57699ce57fef8e590a0fb502ea6f65c0e
1ad37309e4f17d73c2f22c3ff4bffe2523abe17c
8298d70beecb6c3c1a375954e03f4ed1a80efc0a
986a15199d40f354d467144f0c55ced36d161c1a
0688e4f2668dab8ad95b734c23b35977134a6d21
d874a1fd14bdf3df8ee232f539ac613adaae648c
d832f187f756079552601867348d924582bf65de
b478bb6ddbb1f3b7969ad9d6ccfdb0fa6d4843bd
1264c2a86f0b578b6f82a4c1993a22cbbe956a27
120d571e8e835afde4a5c31fdc26c2452c0b54d7
9afb2e992136db3fae9a669c3faaf6d5d27602a8
e23737c618e93c99143bbe8343f3df4c4888ddc8
4c1fdb51292bbe0450dee6f7e3e794fd498635ec
d8087713aea2bf3d61bb2470a8d74409e74907fb
9b90f2e294970ade3e4aa94879a19470f2c052e0
ed16ca7b63a13358d62f1ad6882ec60fd92158e3
de0a41b716ae4d9e938236771d49a880480eb66e
ebbc5f7940e5271d3cdd31818119d558ba040155
bf564c77fa97e67ac577d28258918ba29cde6af3
47a3635fc7107c7d838816475c6c816d9b47f047
bea98b458136029c2585037c74c114ddc5af896e
'
p=''
for c in $COMMITS; do
if [ -n "$p" ]; then
if ! git merge-base --is-ancestor $c $p; then
echo "$c is not an ancestor of $p"
return 1
fi
fi
p=$c
done
N_COMMITS=$(( $(printf "$COMMITS" | wc -l) - 1 ))
N=0
for c in $COMMITS; do
if git log | grep -F "This reverts commit ${c}." >/dev/null
then
N=$(( N + 1 ))
echo "Skip already reverted commit ${c} (${N}/${N_COMMITS})"
else
if git revert --no-edit $c >/dev/null; then
N=$(( N + 1 ))
echo "Successfully reverted commit ${c} (${N}/${N_COMMITS})"
else
git status
exit 1
fi
fi
done
echo "DONE" |
|
I reproduced the unremoval based on the current development branch in mbed-crypto, and compared the result to your branch. All differences were insignificant (ordering of concurrent additions in ordering-insensitive contexts) except for the duplicated paragraph in I also reviewed the three final commits and I'm happy with them. |
gilles-peskine-arm
force-pushed
the
unremove-non-crypto
branch
from
0ec45ea to
bd62314
Compare
|
I fixed the duplication in |
gilles-peskine-arm
added
the
needs: review
There was a problem hiding this comment.
In:
Revert "scripts: Remove dependency on NET"
This reverts commit 356acc8.
Conflicts:
- scripts/generate_errors.pl: a line consecutive to a changed line has
independently changed in the meantime. Just revert the change done
in the commit that's being reverted.
This is not a line consecutive to a changed line but a line preceding a changed line it seems.
|
@ronald-cron-arm I don't understand: a line immediately preceding another line is consecutive to it, so in what way is the comment incorrect? |
|
@gilles-peskine-arm Perhaps "adjacent" would be less ambiguous, as "consecutive" seems to imply an idea of one thing following the other (hence coming after it, not before it): https://dictionary.cambridge.org/dictionary/english/consecutive |
|
@ronald-cron-arm Btw I gave more details on my review strategy for an earlier version of this branch here, in case you're interested: Mbed-TLS/mbedtls#3078 (review) |
There was a problem hiding this comment.
I've been commit by commit through the revert process and conflict resolution. This PR does what it claims to do. I've only minor comments about some commit messages and found a minor error in a cmake file change in a commit but the code containing the error is removed by the next commit.
ronald-cron-arm
force-pushed
the
unremove-non-crypto
branch
from
bd62314 to
08aa3ad
Compare
I changed "consecutive" by "adjacent". |
This reverts commit 8298d70. Conflicts: * library/Makefile: removal of SOEXT_X509 and SOEXT_TLS vs change of value of SOEXT_CRYPTO. Keep all, with the new value of SOEXT_CRYPTO.
This reverts commit 986a151.
This reverts commit 0688e4f. Run scripts/generate_visualc_files.pl to account for the added programs.
This reverts commit d874a1f. Conflicts: * CMakeLists.txt: * ENABLE_ZLIB_SUPPORT: there has been a change immediately after where it was removed. Just re-add what was removed. * tests/CMakeLists.txt: * ENABLE_ZLIB_SUPPORT: there has been a change immediately after where it was removed. Just re-add what was removed.
This reverts commit d832f18. Conflicts: * CMakeLists.txt: * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before where it was removed. Just re-add what was removed. * tests/CMakeLists.txt: * USE_PKCS11_HELPER_LIBRARY: there has been a change immediately before where it was removed. Just re-add what was removed.
This reverts commit b478bb6. Conflicts: * tests/CMakeLists.txt: revert the introduction of exe_name, but keep the addition of ${CMAKE_SOURCE_DIR}/crypto/library/ to target_include_directories.
This reverts commit 1264c2a.
This reverts commit 120d571. Conflicts: * tests/CMakeLists.txt: * target_include_directories: the instruction whose addition is to be reverted has changed. Remove what is there now.
This reverts commit 9afb2e9. Conflicts: * include/CMakeLists.txt * "Make config.h available" comment: there has been a change adjacent to where it was removed. Just re-add what was removed. * tests/CMakeLists.txt: * compat.sh: there has been a change immediately before where it was removed. Just re-add what was removed.
This reverts commit e23737c.
This reverts commit 4c1fdb5.
This reverts commit d808771.
This reverts commit 9b90f2e. Conflicts: * tests/scripts/all.sh: do the same changes, dancing around the new outcome file feature and components added in the same places. Make sure that the components that are getting added back are at the same locations as where they are now in mbedtls.
This reverts commit ed16ca7.
This reverts commit de0a41b.
This reverts commit ebbc5f7.
This reverts commit bf564c7.
This reverts commit 47a3635.
This reverts commit bea98b4. Conflicts: * programs/Makefile: * APPS: the layout of the definition has changed. re-add dh_client and dh_server appropriately. Run scripts/generate_visualc_files.pl to account for the added programs.
Even if other higher-level libraries were added, these programs would only link with the crypto library, which is the one that contains platform functions.
perl -i -pe 's/\bconfig\.pl/config.py/g' $(git grep -l -Fw config.pl -- . '#!tests/scripts/test_config_script.py')
In the old days, key parsing was part of x509, but these days it's part of crypto.
ronald-cron-arm
force-pushed
the
unremove-non-crypto
branch
from
08aa3ad to
43aa905
Compare
There was a problem hiding this comment.
I checked how the history changed compared to the version I previously approved, using:
git log --reverse --patch 3d5f05b9fb47..bd623148e358 | egrep -v '^commit|^index' > before
git log --reverse --patch 3d5f05b9fb47..43aa905d1e0c | egrep -v '^commit|^index' > after
vimdiff before afterI found that all the differences are expected and addressing one of the comments above (most about improving the commit messages, one about make one commit more correct (previously introduced an issue fixed in a later commit), except one: the addition of a blank line in a CMake file, which is harmless.
Therefore I'm happy to approve this (again, not for merging here, just as a basis for the repo merge).
|
The previous version of the PR ending @ bd62314 can be found here https://github.com/ronald-cron-arm/mbed-crypto/tree/unremove-non-crypto. |
There was a problem hiding this comment.
I reviewed the changes made by @ronald-cron-arm: from https://github.com/gilles-peskine-arm/mbed-crypto/tree/unremove-non-crypto-4 (bd62314) to https://github.com/gilles-peskine-arm/mbed-crypto/tree/unremove-non-crypto-5 (43aa905). The commit histories are very similar; the differences are:
~16(Revert "tests: Add a crypto prefix to submodule tests") fixes a mistake that I'd made in the conflict resolution intests/CMakeLists.txt. This code is removed in~14so there is no impact on the final content.~14(Revert "tests: Use parent module includes when used as a submodule") has an extra blank line intests/CMakeLists.txtwhich is unimportant.- There are a few minor changes to commit messages which are fine.
for n in {30..0}; do diff -u -I '^commit ' --label unremove-non-crypto-4~$n --label unremove-non-crypto-5~$n <(git show unremove-non-crypto-4~$n) <(git show unremove-non-crypto-5~$n); done
I hereby approve the changes made by Ronald.
gilles-peskine-arm
removed
the
needs: review
|
This has been merged into Mbed TLS via Mbed-TLS/mbedtls#3085 |
Revert the commits in mbed-crypto that remove X.509 and TLS files and associated code. Make some additional minor changes to prepare for merging mbed-crypto into mbedtls.
This pull request is not meant to be merged as such. It is a precursor for the repository merge. It will be merged only into mbedtls. See Mbed-TLS/mbedtls#3078
Reversals
Revert the following commits.
The list is in reverse order of application (each commit is a descendent of the following one). To verify, copy the list and:
They are from the following pull requests:
Additional minor changes
all.shwith the mbedtls one.History
unremove-non-crypto-1was a first set of reversals to see whether this strategy was sensible.unremove-non-crypto-2added a few more reversals and supplemental tweaks after gaining experience from merging the firstunremove-non-crypto-1.unremove-non-crypto-3reverted the same commits asunremove-non-crypto-2, but in reverse chronological order (the previous ones were close to reverse chronological order, but not exactly so). It was missing the supplemental tweaks fromunremove-non-crypto-2.unremove-non-crypto-4isunremove-non-crypto-3rebased on top of a more recentmbed-crypto/development, which some slight changes, plus the supplemental tweaks fromunremove-non-crypto-2and a few more. The slight changes in the reversal are:MBEDTLS_PARAM_FAILEDafter the newer one. This time I only keep the latest version.Goals
This pull request is intended for review purposes only.
This pull request is not intended for merging. The result builds under Linux with
makeorcmakein the default configuration, and the crypto tests pass in the default configuration. Non-default configurations and other platforms may or may not build. X509 and TLS tests are not expected to pass.