yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-05-09 23:52:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove indicators and warnings about unfinished CID implementation

Browse source
This commit is contained in:
Hanno Becker 2019-05-08 13:24:25 +01:00
parent ad8e2c9144
commit 043a2a4869
3 changed files with 23 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
include/mbedtls/ssl.h
View file

@ -1447,7 +1447,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
/** /**
* \brief (STUB) Configure the use of the Connection ID (CID) * \brief Configure the use of the Connection ID (CID)
* extension in the next handshake. * extension in the next handshake.
* *
* Reference: * Reference:
@ -1471,11 +1471,6 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
* extension in the next handshake and to set the value of * extension in the next handshake and to set the value of
* the CID to be used for incoming messages. * the CID to be used for incoming messages.
* *
* \warning The current implementation of this API does nothing!
* It is included solely to allow review and coding against
* the new Connection CID API.
* The actual implementation will be added in the future.
*
* \param ssl The SSL context to configure. This must be initialized. * \param ssl The SSL context to configure. This must be initialized.
* \param enable This value determines whether the CID extension should * \param enable This value determines whether the CID extension should
* be used or not. Possible values are: * be used or not. Possible values are:
@ -1541,15 +1536,9 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
size_t own_cid_len ); size_t own_cid_len );
/** /**
* \brief (STUB) Get information about the current use of the * \brief Get information about the current use of the
* CID extension. * CID extension.
* *
* \warning The current implementation of this API does nothing
* except setting `*enabled` to MBEDTLS_SSL_CID_DISABLED!
* It is included solely to allow review and coding against
* the new Connection CID API.
* The actual implementation will be added in the future.
*
* \param ssl The SSL context to query. * \param ssl The SSL context to query.
* \param enabled The address at which to store whether the CID extension * \param enabled The address at which to store whether the CID extension
* is currently in use or not. If the CID is in use, * is currently in use or not. If the CID is in use,
@ -2160,7 +2149,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_SSL_CID) #if defined(MBEDTLS_SSL_CID)
/** /**
* \brief (STUB) Specify the length of CIDs for incoming encrypted * \brief Specify the length of CIDs for incoming encrypted
* DTLS records. (Default: \c 0) * DTLS records. (Default: \c 0)
* *
* \param conf The SSL configuration to modify. * \param conf The SSL configuration to modify.

2
library/ssl_tls.c
View file

@ -158,8 +158,6 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
return( 0 ); return( 0 );
} }
/* WARNING: The CID feature isn't fully implemented yet
* and will not be used. */
int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
int *enabled, int *enabled,
unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],

40
tests/ssl-opt.sh
View file

@ -1119,7 +1119,7 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
# changed once the CID extension is implemented. # changed once the CID extension is implemented.
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client enabled, server disabled" \ run_test "Connection ID: Client enabled, server disabled" \
"$P_SRV debug_level=3 dtls=1 cid=0" \ "$P_SRV debug_level=3 dtls=1 cid=0" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
0 \ 0 \
@ -1135,7 +1135,7 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \
-c "Use of Connection ID was rejected by the server" -c "Use of Connection ID was rejected by the server"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client disabled, server enabled" \ run_test "Connection ID: Client disabled, server enabled" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=0" \ "$P_CLI debug_level=3 dtls=1 cid=0" \
0 \ 0 \
@ -1150,7 +1150,7 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \
-s "Use of Connection ID was not offered by client" -s "Use of Connection ID was not offered by client"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \
0 \ 0 \
@ -1170,7 +1170,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ run_test "Connection ID: Client+Server enabled, Client CID empty" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=1" \ "$P_CLI debug_level=3 dtls=1 cid=1" \
0 \ 0 \
@ -1190,7 +1190,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ run_test "Connection ID: Client+Server enabled, Server CID empty" \
"$P_SRV debug_level=3 dtls=1 cid=1" \ "$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
0 \ 0 \
@ -1210,7 +1210,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ run_test "Connection ID: Client+Server enabled, Client+Server CID empty" \
"$P_SRV debug_level=3 dtls=1 cid=1" \ "$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1" \ "$P_CLI debug_level=3 dtls=1 cid=1" \
0 \ 0 \
@ -1228,7 +1228,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt
-C "Use of Connection ID has been negotiated" -C "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \ 0 \
@ -1248,7 +1248,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ run_test "Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \ 0 \
@ -1268,7 +1268,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ run_test "Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1" \ "$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \ 0 \
@ -1288,7 +1288,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1" \ "$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \ 0 \
@ -1306,7 +1306,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt
-C "Use of Connection ID has been negotiated" -C "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
0 \ 0 \
@ -1326,7 +1326,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ run_test "Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
0 \ 0 \
@ -1346,7 +1346,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ run_test "Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1" \ "$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
0 \ 0 \
@ -1366,7 +1366,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-
-c "Use of Connection ID has been negotiated" -c "Use of Connection ID has been negotiated"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1" \ "$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
0 \ 0 \
@ -1385,7 +1385,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "(STUB) Connection ID: Client+Server enabled, renegotiate without change of CID" \ run_test "Connection ID: Client+Server enabled, renegotiate without change of CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
0 \ 0 \
@ -1400,7 +1400,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate without ch
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "(STUB) Connection ID: Client+Server enabled, renegotiate with different CID" \ run_test "Connection ID: Client+Server enabled, renegotiate with different CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
0 \ 0 \
@ -1415,7 +1415,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate with diffe
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "(STUB) Connection ID: Client+Server enabled, renegotiate without CID" \ run_test "Connection ID: Client+Server enabled, renegotiate without CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
0 \ 0 \
@ -1430,7 +1430,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate without CI
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "(STUB) Connection ID: Client+Server enabled, CID on renegotiation" \ run_test "Connection ID: Client+Server enabled, CID on renegotiation" \
"$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \ "$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
0 \ 0 \
@ -1443,7 +1443,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, CID on renegotiation"
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "(STUB) Connection ID: Client+Server enabled, client disables on renegotiation" \ run_test "Connection ID: Client+Server enabled, client disables on renegotiation" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
0 \ 0 \
@ -1459,7 +1459,7 @@ run_test "(STUB) Connection ID: Client+Server enabled, client disables on ren
requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_CID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "(STUB) Connection ID: Client+Server enabled, server disables on renegotiation" \ run_test "Connection ID: Client+Server enabled, server disables on renegotiation" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
0 \ 0 \