eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Rename XXX_SINGLE_CIPHERSUITE -> XXX_CONF_SINGLE_CIPHERSUITE

Browse source 
This is in line with the other configurations options used
to hardcoded aspects of the SSL configuration.
This commit is contained in:
Hanno Becker 2019-06-27 13:51:07 +01:00
parent e02758c9c8
commit 73f4cb126d
12 changed files with 86 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

2
configs/baremetal.h
View file

@ -60,7 +60,7 @@
/* Key exchanges */ /* Key exchanges */
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
#define MBEDTLS_SSL_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 #define MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
/* Digests - just SHA-256 */ /* Digests - just SHA-256 */
#define MBEDTLS_MD_C #define MBEDTLS_MD_C

2
include/mbedtls/config.h
View file

@ -3650,7 +3650,7 @@
* *
* If this option is set, the API mbedtls_ssl_conf_ciphersuites() is removed. * If this option is set, the API mbedtls_ssl_conf_ciphersuites() is removed.
*/ */
//#define MBEDTLS_SSL_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 //#define MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
/* \} SECTION: Compile-time SSL configuration */ /* \} SECTION: Compile-time SSL configuration */

16
include/mbedtls/ssl.h
View file

@ -923,9 +923,9 @@ struct mbedtls_ssl_session
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t start; /*!< starting time */ mbedtls_time_t start; /*!< starting time */
#endif #endif
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
int ciphersuite; /*!< chosen ciphersuite */ int ciphersuite; /*!< chosen ciphersuite */
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
int compression; /*!< chosen compression */ int compression; /*!< chosen compression */
size_t id_len; /*!< session id length */ size_t id_len; /*!< session id length */
unsigned char id[32]; /*!< session identifier */ unsigned char id[32]; /*!< session identifier */
@ -974,9 +974,9 @@ struct mbedtls_ssl_config
* Pointers * Pointers
*/ */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */ const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
/** Callback for printing debug output */ /** Callback for printing debug output */
void (*f_dbg)(void *, int, const char *, int, const char *); void (*f_dbg)(void *, int, const char *, int, const char *);
@ -2470,7 +2470,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
*/ */
const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ); const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl );
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
/** /**
* \brief Set the list of allowed ciphersuites and the preference * \brief Set the list of allowed ciphersuites and the preference
* order. First in the list has the highest preference. * order. First in the list has the highest preference.
@ -2485,7 +2485,7 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
* *
* \note On constrained systems, support for a single ciphersuite * \note On constrained systems, support for a single ciphersuite
* (in all versions) can be fixed at compile-time through * (in all versions) can be fixed at compile-time through
* the configuration option MBEDTLS_SSL_SINGLE_CIPHERSUITE. * the configuration option MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE.
* *
* \param conf SSL configuration * \param conf SSL configuration
* \param ciphersuites 0-terminated list of allowed ciphersuites * \param ciphersuites 0-terminated list of allowed ciphersuites
@ -2514,12 +2514,12 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
* *
* \note On constrained systems, support for a single ciphersuite * \note On constrained systems, support for a single ciphersuite
* (in all versions) can be fixed at compile-time through * (in all versions) can be fixed at compile-time through
* the configuration option MBEDTLS_SSL_SINGLE_CIPHERSUITE. * the configuration option MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE.
*/ */
void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
const int *ciphersuites, const int *ciphersuites,
int major, int minor ); int major, int minor );
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0
#define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1 #define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1

44
include/mbedtls/ssl_ciphersuites.h
View file

@ -351,8 +351,8 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
/* Wrapper around MBEDTLS_SSL_SUITE_XXX_T() which makes sure that /* Wrapper around MBEDTLS_SSL_SUITE_XXX_T() which makes sure that
* the argument is macro-expanded before concatenated with the * the argument is macro-expanded before concatenated with the
* field name. This allows to call these macros as * field name. This allows to call these macros as
* MBEDTLS_SSL_SUITE_XXX( MBEDTLS_SSL_SINGLE_CIPHERSUITE ), * MBEDTLS_SSL_SUITE_XXX( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ),
* where MBEDTLS_SSL_SINGLE_CIPHERSUITE expands to MBEDTLS_SSL_SUITE_XXX. */ * where MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE expands to MBEDTLS_SSL_SUITE_XXX. */
#define MBEDTLS_SSL_SUITE_ID( SUITE ) MBEDTLS_SSL_SUITE_ID_T( SUITE ) #define MBEDTLS_SSL_SUITE_ID( SUITE ) MBEDTLS_SSL_SUITE_ID_T( SUITE )
#define MBEDTLS_SSL_SUITE_NAME( SUITE ) MBEDTLS_SSL_SUITE_NAME_T( SUITE ) #define MBEDTLS_SSL_SUITE_NAME( SUITE ) MBEDTLS_SSL_SUITE_NAME_T( SUITE )
#define MBEDTLS_SSL_SUITE_CIPHER( SUITE ) MBEDTLS_SSL_SUITE_CIPHER_T( SUITE ) #define MBEDTLS_SSL_SUITE_CIPHER( SUITE ) MBEDTLS_SSL_SUITE_CIPHER_T( SUITE )
@ -364,7 +364,7 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
#define MBEDTLS_SSL_SUITE_MAX_MINOR_VER( SUITE ) MBEDTLS_SSL_SUITE_MAX_MINOR_VER_T( SUITE ) #define MBEDTLS_SSL_SUITE_MAX_MINOR_VER( SUITE ) MBEDTLS_SSL_SUITE_MAX_MINOR_VER_T( SUITE )
#define MBEDTLS_SSL_SUITE_FLAGS( SUITE ) MBEDTLS_SSL_SUITE_FLAGS_T( SUITE ) #define MBEDTLS_SSL_SUITE_FLAGS( SUITE ) MBEDTLS_SSL_SUITE_FLAGS_T( SUITE )
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
/** /**
* \brief This structure is used for storing ciphersuite information * \brief This structure is used for storing ciphersuite information
*/ */
@ -404,13 +404,13 @@ typedef mbedtls_ssl_ciphersuite_t const * mbedtls_ssl_ciphersuite_handle_t;
MBEDTLS_SSL_SUITE_MAX_MINOR_VER( SUITE ), \ MBEDTLS_SSL_SUITE_MAX_MINOR_VER( SUITE ), \
MBEDTLS_SSL_SUITE_FLAGS( SUITE ) } MBEDTLS_SSL_SUITE_FLAGS( SUITE ) }
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
typedef unsigned char mbedtls_ssl_ciphersuite_handle_t; typedef unsigned char mbedtls_ssl_ciphersuite_handle_t;
#define MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) 0 ) #define MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) 0 )
#define MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) 1 ) #define MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) 1 )
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
/* /*
* Getter functions for the extraction of ciphersuite attributes * Getter functions for the extraction of ciphersuite attributes
@ -421,7 +421,7 @@ typedef unsigned char mbedtls_ssl_ciphersuite_handle_t;
* is passed. * is passed.
*/ */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
/* /*
* Implementation of getter functions when the ciphersuite handle * Implementation of getter functions when the ciphersuite handle
* is a pointer to the ciphersuite information structure. * is a pointer to the ciphersuite information structure.
@ -479,7 +479,7 @@ static inline unsigned char mbedtls_ssl_suite_get_flags(
{ {
return( info->flags ); return( info->flags );
} }
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
/* /*
* Implementations of getter functions in the case of only * Implementations of getter functions in the case of only
* a single possible ciphersuite. In this case, the handle * a single possible ciphersuite. In this case, the handle
@ -493,63 +493,63 @@ static inline int mbedtls_ssl_suite_get_id(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline const char* mbedtls_ssl_suite_get_name( static inline const char* mbedtls_ssl_suite_get_name(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline mbedtls_cipher_type_t mbedtls_ssl_suite_get_cipher( static inline mbedtls_cipher_type_t mbedtls_ssl_suite_get_cipher(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_CIPHER( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_CIPHER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline mbedtls_md_type_t mbedtls_ssl_suite_get_mac( static inline mbedtls_md_type_t mbedtls_ssl_suite_get_mac(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_MAC( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_MAC( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline mbedtls_key_exchange_type_t mbedtls_ssl_suite_get_key_exchange( static inline mbedtls_key_exchange_type_t mbedtls_ssl_suite_get_key_exchange(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_KEY_EXCHANGE( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_KEY_EXCHANGE( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline int mbedtls_ssl_suite_get_min_major_ver( static inline int mbedtls_ssl_suite_get_min_major_ver(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_MIN_MAJOR_VER( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_MIN_MAJOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline int mbedtls_ssl_suite_get_min_minor_ver( static inline int mbedtls_ssl_suite_get_min_minor_ver(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_MIN_MINOR_VER( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_MIN_MINOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline int mbedtls_ssl_suite_get_max_major_ver( static inline int mbedtls_ssl_suite_get_max_major_ver(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_MAX_MAJOR_VER( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_MAX_MAJOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline int mbedtls_ssl_suite_get_max_minor_ver( static inline int mbedtls_ssl_suite_get_max_minor_ver(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_MAX_MINOR_VER( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_MAX_MINOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
static inline unsigned char mbedtls_ssl_suite_get_flags( static inline unsigned char mbedtls_ssl_suite_get_flags(
mbedtls_ssl_ciphersuite_handle_t const info ) mbedtls_ssl_ciphersuite_handle_t const info )
{ {
((void) info); ((void) info);
return( MBEDTLS_SSL_SUITE_FLAGS( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_FLAGS( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
static inline int mbedtls_ssl_ciphersuite_has_pfs( static inline int mbedtls_ssl_ciphersuite_has_pfs(
mbedtls_ssl_ciphersuite_handle_t info ) mbedtls_ssl_ciphersuite_handle_t info )
@ -681,20 +681,20 @@ static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
} }
} }
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
static inline int mbedtls_ssl_session_get_ciphersuite( static inline int mbedtls_ssl_session_get_ciphersuite(
mbedtls_ssl_session const * session ) mbedtls_ssl_session const * session )
{ {
return( session->ciphersuite ); return( session->ciphersuite );
} }
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
static inline int mbedtls_ssl_session_get_ciphersuite( static inline int mbedtls_ssl_session_get_ciphersuite(
mbedtls_ssl_session const * session ) mbedtls_ssl_session const * session )
{ {
((void) session); ((void) session);
return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
} }
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
const int *mbedtls_ssl_list_ciphersuites( void ); const int *mbedtls_ssl_list_ciphersuites( void );

16
include/mbedtls/ssl_internal.h
View file

@ -501,9 +501,9 @@ struct mbedtls_ssl_handshake_params
const unsigned char *, size_t, const unsigned char *, size_t,
unsigned char *, size_t); unsigned char *, size_t);
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
size_t pmslen; /*!< premaster length */ size_t pmslen; /*!< premaster length */
@ -558,20 +558,20 @@ static inline int mbedtls_ssl_hs_get_extended_ms(
} }
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_handshake_get_ciphersuite( static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_handshake_get_ciphersuite(
mbedtls_ssl_handshake_params const *handshake ) mbedtls_ssl_handshake_params const *handshake )
{ {
return( handshake->ciphersuite_info ); return( handshake->ciphersuite_info );
} }
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_handshake_get_ciphersuite( static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_handshake_get_ciphersuite(
mbedtls_ssl_handshake_params const *handshake ) mbedtls_ssl_handshake_params const *handshake )
{ {
((void) handshake); ((void) handshake);
return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ); return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE );
} }
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
@ -1454,7 +1454,7 @@ static inline unsigned int mbedtls_ssl_conf_get_ems_enforced(
* instantiation in case a single ciphersuite is enabled at * instantiation in case a single ciphersuite is enabled at
* compile-time. * compile-time.
*/ */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
#define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \ #define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \
{ \ { \
@ -1472,7 +1472,7 @@ static inline unsigned int mbedtls_ssl_conf_get_ems_enforced(
} \ } \
} }
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \ #define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \
{ \ { \
@ -1482,6 +1482,6 @@ static inline unsigned int mbedtls_ssl_conf_get_ems_enforced(
#define MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE \ #define MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE \
} }
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#endif /* ssl_internal.h */ #endif /* ssl_internal.h */

34
library/ssl_ciphersuites.c
View file

@ -54,7 +54,7 @@
*/ */
static const int ciphersuite_preference[] = static const int ciphersuite_preference[] =
{ {
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
#if defined(MBEDTLS_SSL_CIPHERSUITES) #if defined(MBEDTLS_SSL_CIPHERSUITES)
MBEDTLS_SSL_CIPHERSUITES, MBEDTLS_SSL_CIPHERSUITES,
#else #else
@ -312,13 +312,13 @@ static const int ciphersuite_preference[] =
MBEDTLS_TLS_PSK_WITH_NULL_SHA, MBEDTLS_TLS_PSK_WITH_NULL_SHA,
#endif /* MBEDTLS_SSL_CIPHERSUITES */ #endif /* MBEDTLS_SSL_CIPHERSUITES */
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ), MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ),
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
0 0
}; };
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
{ {
#if defined(MBEDTLS_CHACHAPOLY_C) && \ #if defined(MBEDTLS_CHACHAPOLY_C) && \
@ -2171,9 +2171,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
0, 0, 0, 0, 0 } 0, 0, 0, 0, 0 }
}; };
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_SSL_CIPHERSUITES) || defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if defined(MBEDTLS_SSL_CIPHERSUITES) || defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
const int *mbedtls_ssl_list_ciphersuites( void ) const int *mbedtls_ssl_list_ciphersuites( void )
{ {
return( ciphersuite_preference ); return( ciphersuite_preference );
@ -2232,9 +2232,9 @@ const int *mbedtls_ssl_list_ciphersuites( void )
return( supported_ciphersuites ); return( supported_ciphersuites );
} }
#endif /* !( MBEDTLS_SSL_CIPHERSUITES || MBEDTLS_SSL_SINGLE_CIPHERSUITE ) */ #endif /* !( MBEDTLS_SSL_CIPHERSUITES || MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string( mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string(
const char *ciphersuite_name ) const char *ciphersuite_name )
{ {
@ -2293,13 +2293,13 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
return( cur->id ); return( cur->id );
} }
#else /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string( mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string(
const char *ciphersuite_name ) const char *ciphersuite_name )
{ {
static const char * const single_suite_name = static const char * const single_suite_name =
MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_SINGLE_CIPHERSUITE ); MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE );
if( strcmp( ciphersuite_name, single_suite_name ) == 0 ) if( strcmp( ciphersuite_name, single_suite_name ) == 0 )
return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ); return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE );
@ -2310,7 +2310,7 @@ mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string(
mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
{ {
static const int single_suite_id = static const int single_suite_id =
MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ); MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE );
if( ciphersuite == single_suite_id ) if( ciphersuite == single_suite_id )
return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ); return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE );
@ -2321,10 +2321,10 @@ mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( int ciphersuit
const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
{ {
static const int single_suite_id = static const int single_suite_id =
MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ); MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE );
if( ciphersuite_id == single_suite_id ) if( ciphersuite_id == single_suite_id )
return( MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
return( NULL ); return( NULL );
} }
@ -2332,15 +2332,15 @@ const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
{ {
static const char * const single_suite_name = static const char * const single_suite_name =
MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_SINGLE_CIPHERSUITE ); MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE );
if( strcmp( ciphersuite_name, single_suite_name ) == 0 ) if( strcmp( ciphersuite_name, single_suite_name ) == 0 )
return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ); return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) );
return( 0 ); return( 0 );
} }
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_PK_C) #if defined(MBEDTLS_PK_C)
mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( mbedtls_ssl_ciphersuite_handle_t info ) mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( mbedtls_ssl_ciphersuite_handle_t info )

6
library/ssl_cli.c
View file

@ -1816,7 +1816,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
* Initialize update checksum functions * Initialize update checksum functions
*/ */
server_suite_info = mbedtls_ssl_ciphersuite_from_id( i ); server_suite_info = mbedtls_ssl_ciphersuite_from_id( i );
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
ssl->handshake->ciphersuite_info = server_suite_info; ssl->handshake->ciphersuite_info = server_suite_info;
#endif #endif
if( server_suite_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) if( server_suite_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE )
@ -1874,9 +1874,9 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
ssl->session_negotiate->start = mbedtls_time( NULL ); ssl->session_negotiate->start = mbedtls_time( NULL );
#endif #endif
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
ssl->session_negotiate->ciphersuite = i; ssl->session_negotiate->ciphersuite = i;
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
ssl->session_negotiate->compression = comp; ssl->session_negotiate->compression = comp;
ssl->session_negotiate->id_len = n; ssl->session_negotiate->id_len = n;
memcpy( ssl->session_negotiate->id, buf + 35, n ); memcpy( ssl->session_negotiate->id, buf + 35, n );

16
library/ssl_srv.c
View file

@ -1037,7 +1037,7 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
size_t n; size_t n;
unsigned int ciph_len, sess_len, chal_len; unsigned int ciph_len, sess_len, chal_len;
unsigned char *buf, *p; unsigned char *buf, *p;
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
#endif #endif
@ -1258,7 +1258,7 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
if( ssl_ciphersuite_is_match( ssl, cur_info, NULL ) ) if( ssl_ciphersuite_is_match( ssl, cur_info, NULL ) )
{ {
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
ciphersuite_info = cur_info; ciphersuite_info = cur_info;
#endif #endif
goto have_ciphersuite_v2; goto have_ciphersuite_v2;
@ -1293,7 +1293,7 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
have_ciphersuite_v2: have_ciphersuite_v2:
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
ssl->session_negotiate->ciphersuite = ssl->session_negotiate->ciphersuite =
mbedtls_ssl_suite_get_id( ciphersuite_info ); mbedtls_ssl_suite_get_id( ciphersuite_info );
ssl->handshake->ciphersuite_info = ciphersuite_info; ssl->handshake->ciphersuite_info = ciphersuite_info;
@ -1346,7 +1346,7 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
#endif #endif
int handshake_failure = 0; int handshake_failure = 0;
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
#endif #endif
int major, minor; int major, minor;
@ -2182,9 +2182,9 @@ read_record_header:
if( ssl_ciphersuite_is_match( ssl, cur_info, if( ssl_ciphersuite_is_match( ssl, cur_info,
acceptable_ec_grp_ids) ) acceptable_ec_grp_ids) )
{ {
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
ciphersuite_info = cur_info; ciphersuite_info = cur_info;
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
goto have_ciphersuite; goto have_ciphersuite;
} }
@ -2221,11 +2221,11 @@ read_record_header:
have_ciphersuite: have_ciphersuite:
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
ssl->session_negotiate->ciphersuite = ssl->session_negotiate->ciphersuite =
mbedtls_ssl_suite_get_id( ciphersuite_info ); mbedtls_ssl_suite_get_id( ciphersuite_info );
ssl->handshake->ciphersuite_info = ciphersuite_info; ssl->handshake->ciphersuite_info = ciphersuite_info;
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s",
mbedtls_ssl_get_ciphersuite_name( mbedtls_ssl_get_ciphersuite_name(

20
library/ssl_tls.c
View file

@ -8323,7 +8323,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
} }
#endif /* MBEDTLS_SSL_CLI_C && !MBEDTLS_SSL_NO_SESSION_RESUMPTION */ #endif /* MBEDTLS_SSL_CLI_C && !MBEDTLS_SSL_NO_SESSION_RESUMPTION */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites ) const int *ciphersuites )
{ {
@ -8345,7 +8345,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
conf->ciphersuite_list[minor] = ciphersuites; conf->ciphersuite_list[minor] = ciphersuites;
} }
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
@ -9591,11 +9591,11 @@ static int ssl_session_load( mbedtls_ssl_session *session,
ciphersuite = ( p[0] << 8 ) | p[1]; ciphersuite = ( p[0] << 8 ) | p[1];
p += 2; p += 2;
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
session->ciphersuite = ciphersuite; session->ciphersuite = ciphersuite;
#else #else
if( ciphersuite != if( ciphersuite !=
MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_SINGLE_CIPHERSUITE ) ) MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) )
{ {
return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); return( MBEDTLS_ERR_SSL_VERSION_MISMATCH );
} }
@ -10822,13 +10822,13 @@ static int ssl_preset_default_hashes[] = {
}; };
#endif #endif
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
static int ssl_preset_suiteb_ciphersuites[] = { static int ssl_preset_suiteb_ciphersuites[] = {
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
0 0
}; };
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
static int ssl_preset_suiteb_hashes[] = { static int ssl_preset_suiteb_hashes[] = {
@ -10964,13 +10964,13 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
ssl_preset_suiteb_ciphersuites; ssl_preset_suiteb_ciphersuites;
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; conf->cert_profile = &mbedtls_x509_crt_profile_suiteb;
@ -11005,13 +11005,13 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2;
#endif #endif
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
mbedtls_ssl_list_ciphersuites(); mbedtls_ssl_list_ciphersuites();
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
conf->cert_profile = &mbedtls_x509_crt_profile_default; conf->cert_profile = &mbedtls_x509_crt_profile_default;

4
programs/ssl/ssl_client2.c
View file

@ -1788,10 +1788,10 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ); mbedtls_ssl_conf_session_tickets( &conf, opt.tickets );
#endif #endif
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
#endif /* MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_ARC4_C) #if defined(MBEDTLS_ARC4_C)
if( opt.arc4 != DFL_ARC4 ) if( opt.arc4 != DFL_ARC4 )

4
programs/ssl/ssl_mail_client.c
View file

@ -621,10 +621,10 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )

8
programs/ssl/ssl_server2.c
View file

@ -2662,17 +2662,17 @@ int main( int argc, char *argv[] )
} }
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if defined(MBEDTLS_ARC4_C) #if defined(MBEDTLS_ARC4_C)
if( opt.arc4 != DFL_ARC4 ) if( opt.arc4 != DFL_ARC4 )
mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
#endif #endif
#if !defined(MBEDTLS_SSL_SINGLE_CIPHERSUITE) #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
if( opt.version_suites != NULL ) if( opt.version_suites != NULL )
{ {
mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0],
@ -2688,7 +2688,7 @@ int main( int argc, char *argv[] )
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3 ); MBEDTLS_SSL_MINOR_VERSION_3 );
} }
#endif /* !MBEDTLS_SSL_SINGLE_CIPHERSUITE */ #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
#if !defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION) #if !defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION)
if( opt.allow_legacy != DFL_ALLOW_LEGACY ) if( opt.allow_legacy != DFL_ALLOW_LEGACY )