From d9382f85e7b8f5d518a4ad713045f2891b705280 Mon Sep 17 00:00:00 2001 From: Jarno Lamsa Date: Mon, 10 Jun 2019 10:27:14 +0300 Subject: [PATCH] Add definitions for enforce flag values --- include/mbedtls/ssl.h | 7 +++++-- library/ssl_tls.c | 4 +++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 6a6d8aed3..38546ac2d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -158,6 +158,9 @@ #define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 #define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 +#define MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED 0 +#define MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED 1 + #define MBEDTLS_SSL_CID_DISABLED 0 #define MBEDTLS_SSL_CID_ENABLED 1 @@ -2834,10 +2837,10 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems * * \param conf SSL configuration * \param ems_enf MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED or - * MBEDTLS_SSL_EXTENDED_MS_DISABLED + * MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED */ void mbedtls_ssl_conf_extended_master_secret_enforce( mbedtls_ssl_config *conf, - char ems_enf); + char ems_enf ); #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #if defined(MBEDTLS_ARC4_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8cf9a497e..ca9131aea 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8343,7 +8343,7 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems } void mbedtls_ssl_conf_extended_master_secret_enforce( mbedtls_ssl_config *conf, - char ems_enf); + char ems_enf ); { conf->enforce_extended_master_secret = ems_enf; } @@ -10301,6 +10301,8 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; + conf->enforce_extended_master_secret = + MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED; #endif #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)