Remove min/maj version from SSL context if only one version enabled

If the minor/major version is enforced at compile-time, the `major_ver` and `minor_ver` fields in `mbedtls_ssl_context` are redundant and can be removed.
2019-06-12 14:43:01 +01:00 · 2019-06-12 14:43:01 +01:00 · 381eaa5976
commit 381eaa5976
parent 2881d80138
4 changed files with 39 additions and 0 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -850,8 +850,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )

    if( mbedtls_ssl_get_renego_status( ssl ) == MBEDTLS_SSL_INITIAL_HANDSHAKE )
    {
+#if !defined(MBEDTLS_SSL_CONF_FIXED_MAJOR_VER)
        ssl->major_ver = mbedtls_ssl_conf_get_min_major_ver( ssl->conf );
+#endif /* !MBEDTLS_SSL_CONF_FIXED_MAJOR_VER */
+#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
        ssl->minor_ver = mbedtls_ssl_conf_get_min_minor_ver( ssl->conf );
+#endif /* !MBEDTLS_SSL_CONF_FIXED_MINOR_VER */
    }

    if( mbedtls_ssl_conf_get_max_major_ver( ssl->conf ) == 0 )
@ -1743,8 +1747,13 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
            return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
        }

+#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
        ssl->minor_ver = minor_ver;
+#endif /* !MBEDTLS_SSL_CONF_FIXED_MINOR_VER */
+
+#if !defined(MBEDTLS_SSL_CONF_FIXED_MAJOR_VER)
        ssl->major_ver = major_ver;
+#endif /* !MBEDTLS_SSL_CONF_FIXED_MAJOR_VER */
    }

    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu",