[cmake] generate a mbedtls-config.h without private headers (#5084)
diff --git a/third_party/mbedtls/CMakeLists.txt b/third_party/mbedtls/CMakeLists.txt
index 7725d93..ecff0ad 100644
--- a/third_party/mbedtls/CMakeLists.txt
+++ b/third_party/mbedtls/CMakeLists.txt
@@ -26,15 +26,37 @@
# POSSIBILITY OF SUCH DAMAGE.
#
-set(OT_MBEDTLS_DEFAULT_CONFIG_FILE \"${CMAKE_CURRENT_SOURCE_DIR}/mbedtls-config.h\")
+set(OT_MBEDTLS_DEFAULT_CONFIG_FILE \"${CMAKE_CURRENT_BINARY_DIR}/mbedtls-config.h\")
set(OT_MBEDTLS_CONFIG_FILE "" CACHE STRING "The mbedTLS config file")
set(ENABLE_TESTING OFF CACHE BOOL "Disable mbedtls test" FORCE)
set(ENABLE_PROGRAMS OFF CACHE BOOL "Disable mbetls program" FORCE)
+find_program(UNIFDEFALL_EXE unifdefall)
+find_program(SED_EXE sed)
+
add_subdirectory(repo)
+if(UNIFDEFALL_EXE AND SED_EXE)
+ add_custom_target(mbedtls-config.h
+ ${UNIFDEFALL_EXE}
+ "'-D$<JOIN:$<TARGET_PROPERTY:ot-config,INTERFACE_COMPILE_DEFINITIONS>,';'-D>'"
+ "-I$<JOIN:$<TARGET_PROPERTY:ot-config,INTERFACE_INCLUDE_DIRECTORIES>,;-I>"
+ "-I$<JOIN:${OT_PUBLIC_INCLUDES},;-I>"
+ "-I${CMAKE_CURRENT_SOURCE_DIR}/repo/include"
+ "${CMAKE_CURRENT_SOURCE_DIR}/mbedtls-config.h" |
+ ${SED_EXE} '/openthread-core-config\.h/d' >
+ ${OT_MBEDTLS_DEFAULT_CONFIG_FILE}
+ COMMAND_EXPAND_LISTS
+ )
+ add_dependencies(mbedtls mbedtls-config.h)
+ add_dependencies(mbedx509 mbedtls-config.h)
+ add_dependencies(mbedcrypto mbedtls-config.h)
+else()
+ configure_file(mbedtls-config.h mbedtls-config.h COPYONLY)
+endif()
+
target_compile_definitions(mbedtls
PUBLIC
"MBEDTLS_CONFIG_FILE=$<IF:$<BOOL:${OT_MBEDTLS_CONFIG_FILE}>,${OT_MBEDTLS_CONFIG_FILE},${OT_MBEDTLS_DEFAULT_CONFIG_FILE}>"
diff --git a/third_party/mbedtls/mbedtls-config.h b/third_party/mbedtls/mbedtls-config.h
index 4ce7a57..6de6cfd 100644
--- a/third_party/mbedtls/mbedtls-config.h
+++ b/third_party/mbedtls/mbedtls-config.h
@@ -26,7 +26,9 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef MBEDTLS_CONFIG_H
+// Spans multiple lines to avoid being processed by unifdef
+#ifndef \
+ MBEDTLS_CONFIG_H
#define MBEDTLS_CONFIG_H
#include "openthread-core-config.h"
@@ -76,8 +78,7 @@
#define MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_TLS_C
-#if OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE || OPENTHREAD_CONFIG_COMMISSIONER_ENABLE || \
- OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE
+#if OPENTHREAD_CONFIG_BORDER_AGENT_ENABLE || OPENTHREAD_CONFIG_COMMISSIONER_ENABLE || OPENTHREAD_CONFIG_COAP_SECURE_API_ENABLE
#define MBEDTLS_SSL_COOKIE_C
#define MBEDTLS_SSL_SRV_C
#endif
@@ -129,7 +130,9 @@
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
-#if defined(MBEDTLS_USER_CONFIG_FILE)
+// Spans multiple lines to avoid being processed by unifdef
+#if defined(\
+ MBEDTLS_USER_CONFIG_FILE)
#include MBEDTLS_USER_CONFIG_FILE
#endif