diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7efb411f3..e3548422f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -139,11 +139,19 @@ /* * Various constants */ +#if !defined(MBEDTLS_SSL_PROTO_NO_TLS) #define MBEDTLS_SSL_MAJOR_VERSION_3 3 #define MBEDTLS_SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ #define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ #define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ #define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ +#else /* MBEDTLS_SSL_PROTO_NO_TLS */ +#define MBEDTLS_SSL_MAJOR_VERSION_3 254 +#define MBEDTLS_SSL_MINOR_VERSION_0 257 /*!< unused */ +#define MBEDTLS_SSL_MINOR_VERSION_1 256 /*!< unused */ +#define MBEDTLS_SSL_MINOR_VERSION_2 255 /*!< DTLS v1.0 */ +#define MBEDTLS_SSL_MINOR_VERSION_3 253 /*!< DTLS v1.2 */ +#endif /* MBEDTLS_SSL_PROTO_NO_TLS */ #define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */ #define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */ @@ -1151,18 +1159,18 @@ struct mbedtls_ssl_config unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ #endif -#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) - unsigned char max_major_ver; /*!< max. major version used */ -#endif /* !MBEDTLS_SSL_CONF_MAX_MAJOR_VER */ -#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) - unsigned char max_minor_ver; /*!< max. minor version used */ -#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */ #if !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER) unsigned char min_major_ver; /*!< min. major version used */ #endif /* !MBEDTLS_SSL_CONF_MIN_MAJOR_VER */ +#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) + unsigned char max_major_ver; /*!< max. major version used */ +#endif /* !MBEDTLS_SSL_CONF_MAX_MAJOR_VER */ #if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER) - unsigned char min_minor_ver; /*!< min. minor version used */ + uint16_t min_minor_ver; /*!< min. minor version used */ #endif /* !MBEDTLS_SSL_CONF_MIN_MINOR_VER */ +#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) + uint16_t max_minor_ver; /*!< max. minor version used */ +#endif /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */ /* * Flags (bitfields) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index a1acc8462..a16811542 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -1176,6 +1176,8 @@ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ MBEDTLS_SSL_PROTO_TLS1_2 */ +#if defined(MBEDTLS_SSL_PROTO_TLS) + /* * Convert version numbers to/from wire format * and, for DTLS, to/from TLS equivalent. @@ -1258,6 +1260,50 @@ MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_gt( int v0, int v1 ) return( v0 > v1 ); } +#else /* MBEDTLS_SSL_PROTO_TLS */ + +/* If only DTLS is enabled, we can match the internal encoding + * with the standard's encoding of versions. */ +static inline void mbedtls_ssl_write_version( int major, int minor, + int transport, + unsigned char ver[2] ) +{ + ((void) transport); + ver[0] = (unsigned char) major; + ver[1] = (unsigned char) minor; +} + +static inline void mbedtls_ssl_read_version( int *major, int *minor, + int transport, + const unsigned char ver[2] ) +{ + ((void) transport); + *major = ver[0]; + *minor = ver[1]; +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_leq( int v0, int v1 ) +{ + return( v0 >= v1 ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_lt( int v0, int v1 ) +{ + return( v0 > v1 ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_geq( int v0, int v1 ) +{ + return( v0 <= v1 ); +} + +MBEDTLS_ALWAYS_INLINE static inline int mbedtls_ssl_ver_gt( int v0, int v1 ) +{ + return( v0 < v1 ); +} + +#endif /* MBEDTLS_SSL_PROTO_TLS */ + MBEDTLS_ALWAYS_INLINE static inline size_t mbedtls_ssl_minor_ver_index( int ver ) {