[incubator-teaclave] branch develop updated: [attestation] Exclude dcap cert when not enalbing the DCAP flag

Tue, 11 Feb 2020 13:14:26 -0800 

This is an automated email from the ASF dual-hosted git repository.

mssun pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave.git


The following commit(s) were added to refs/heads/develop by this push:
     new 49910f0  [attestation] Exclude dcap cert when not enalbing the DCAP 
flag
49910f0 is described below

commit 49910f0acd5c7132efa3b1e1fa8ed870d4641755
Author: Mingshen Sun <[email protected]>
AuthorDate: Tue Feb 11 11:34:49 2020 -0800

    [attestation] Exclude dcap cert when not enalbing the DCAP flag
---
 CMakeLists.txt             | 5 +++++
 attestation/src/service.rs | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index d2a5eb2..28c8ad1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -19,9 +19,14 @@ option(TEST_MODE "Turn on/off test mode" OFF)
 option(SGX_SIM_MODE "Turn on/off sgx simulation mode" OFF)
 option(DCAP "Turn on/off DCAP attestation" OFF)
 
+if(DCAP)
+  set(RUSTFLAGS "${RUSTFLAGS} --cfg dcap")
+endif()
+
 if(TEST_MODE)
   set(RUSTFLAGS "${RUSTFLAGS} --cfg test_mode")
 endif()
+
 if(SGX_SIM_MODE)
   set(RUSTFLAGS "${RUSTFLAGS} --cfg sgx_sim")
   set(SGX_MODE "SW")
diff --git a/attestation/src/service.rs b/attestation/src/service.rs
index c404674..2382ac6 100644
--- a/attestation/src/service.rs
+++ b/attestation/src/service.rs
@@ -33,6 +33,7 @@ use std::net::TcpStream;
 use std::prelude::v1::*;
 use std::sync::Arc;
 
+#[cfg(dcap)]
 const DCAP_ROOT_CA_CERT: &str = 
include_str!("../../keys/dcap_root_ca_cert.pem");
 
 impl EndorsedAttestationReport {
@@ -64,6 +65,7 @@ impl EndorsedAttestationReport {
 fn new_tls_stream(url: &url::Url) -> 
Result<rustls::StreamOwned<rustls::ClientSession, TcpStream>> {
     let dns_name = 
webpki::DNSNameRef::try_from_ascii_str(url.host_str().unwrap())?;
     let mut config = rustls::ClientConfig::new();
+    #[cfg(dcap)]
     config
         .root_store
         .add_pem_file(&mut DCAP_ROOT_CA_CERT.to_string().as_bytes())


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to