diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 7f813a3cf..2b0d00e4c 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -68,11 +68,6 @@ mbedtls_debug_printf_ecdh(ssl, level, __FILE__, __LINE__, ecdh, attr) #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag) \ - mbedtls_debug_print_ticket_flags(ssl, level, __FILE__, __LINE__, flag) -#endif - #else /* MBEDTLS_DEBUG_C */ #define MBEDTLS_SSL_DEBUG_MSG(level, args) do { } while (0) @@ -82,9 +77,6 @@ #define MBEDTLS_SSL_DEBUG_ECP(level, text, X) do { } while (0) #define MBEDTLS_SSL_DEBUG_CRT(level, text, crt) do { } while (0) #define MBEDTLS_SSL_DEBUG_ECDH(level, ecdh, attr) do { } while (0) -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag) do { } while (0) -#endif #endif /* MBEDTLS_DEBUG_C */ @@ -313,13 +305,6 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, mbedtls_debug_ecdh_attr attr); #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -void mbedtls_debug_print_ticket_flags( - const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - mbedtls_ssl_tls13_ticket_flags flag); -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ - #ifdef __cplusplus } #endif diff --git a/library/debug.c b/library/debug.c index 76ed7521d..12559afe3 100644 --- a/library/debug.c +++ b/library/debug.c @@ -386,40 +386,4 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, } #endif /* MBEDTLS_ECDH_C */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define ARRAY_LENGTH(a) (sizeof(a) / sizeof(*(a))) - -static const char *ticket_flag_name_table[] = -{ - [0] = "ALLOW_PSK_RESUMPTION", - [2] = "ALLOW_PSK_EPHEMERAL_RESUMPTION", - [3] = "ALLOW_EARLY_DATA", -}; - -void mbedtls_debug_print_ticket_flags( - const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - mbedtls_ssl_tls13_ticket_flags flag) -{ - size_t i; - - if (NULL == ssl || - NULL == ssl->conf || - NULL == ssl->conf->f_dbg || - level > debug_threshold) { - return; - } - - mbedtls_debug_print_msg(ssl, level, file, line, - "print ticket_flags (0x%02x)", flag); - - for (i = 0; i < ARRAY_LENGTH(ticket_flag_name_table); i++) { - if ((flag & (1 << i)) & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK) { - mbedtls_debug_print_msg(ssl, level, file, line, "- %s is set.", - ticket_flag_name_table[i]); - } - } -} -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ - #endif /* MBEDTLS_DEBUG_C */ diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 4d2a170ed..880ff6967 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -55,6 +55,12 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, int hs_msg_type, unsigned int extension_type, const char *extra_msg0, const char *extra_msg1); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) +void mbedtls_debug_print_ticket_flags(const mbedtls_ssl_context *ssl, + int level, const char *file, int line, + mbedtls_ssl_tls13_ticket_flags flag); +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ + #define MBEDTLS_SSL_PRINT_EXTS(level, hs_msg_type, extensions_mask) \ mbedtls_ssl_print_extensions(ssl, level, __FILE__, __LINE__, \ hs_msg_type, extensions_mask, NULL) @@ -63,12 +69,22 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, mbedtls_ssl_print_extension(ssl, level, __FILE__, __LINE__, \ hs_msg_type, extension_type, \ extra, NULL) + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) +#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag) \ + mbedtls_debug_print_ticket_flags(ssl, level, __FILE__, __LINE__, flag) +#endif + #else #define MBEDTLS_SSL_PRINT_EXTS(level, hs_msg_type, extension_mask) #define MBEDTLS_SSL_PRINT_EXT(level, hs_msg_type, extension_type, extra) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) +#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag) +#endif + #endif /* MBEDTLS_DEBUG_C */ #endif /* MBEDTLS_SSL_DEBUG_HELPERS_H */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bd8fd8cf7..375233d57 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -735,6 +735,35 @@ void mbedtls_ssl_print_extensions(const mbedtls_ssl_context *ssl, } } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) +#define ARRAY_LENGTH(a) (sizeof(a) / sizeof(*(a))) + +static const char *ticket_flag_name_table[] = +{ + [0] = "ALLOW_PSK_RESUMPTION", + [2] = "ALLOW_PSK_EPHEMERAL_RESUMPTION", + [3] = "ALLOW_EARLY_DATA", +}; + +void mbedtls_debug_print_ticket_flags( + const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + mbedtls_ssl_tls13_ticket_flags flag) +{ + size_t i; + + mbedtls_debug_print_msg(ssl, level, file, line, + "print ticket_flags (0x%02x)", flag); + + for (i = 0; i < ARRAY_LENGTH(ticket_flag_name_table); i++) { + if ((flag & (1 << i)) & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK) { + mbedtls_debug_print_msg(ssl, level, file, line, "- %s is set.", + ticket_flag_name_table[i]); + } + } +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ + #endif /* MBEDTLS_DEBUG_C */ void mbedtls_ssl_optimize_checksum(mbedtls_ssl_context *ssl,