From 0b1ff29328f108a8994711f32a873669a686200f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Thu, 6 Feb 2014 13:04:16 +0100
Subject: [PATCH] Add basic flags for DTLS
---
include/polarssl/check_config.h | 6 ++++++
include/polarssl/config.h | 23 +++++++++++++++++++----
include/polarssl/ssl.h | 15 +++++++++++++++
library/ssl_tls.c | 5 +++++
4 files changed, 45 insertions(+), 4 deletions(-)
diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h
index 328b881ea..9a64c1062 100644
--- a/include/polarssl/check_config.h
+++ b/include/polarssl/check_config.h
@@ -222,6 +222,12 @@
#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif
+#if defined(POLARSSL_SSL_PROTO_DTLS) && ( \
+ !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
+ !defined(POLARSSL_SSL_PROTO_TLS1_2) )
+#error "POLARSSL_SSL_PROTO_DTLS defined, but not all prerequisites"
+#endif
+
#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
#endif
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 50b4e339e..05bcd8653 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -877,27 +877,42 @@
/**
* \def POLARSSL_SSL_PROTO_TLS1_1
*
- * Enable support for TLS 1.1.
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
*
* Requires: POLARSSL_MD5_C
* POLARSSL_SHA1_C
*
- * Comment this macro to disable support for TLS 1.1
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
*/
#define POLARSSL_SSL_PROTO_TLS1_1
/**
* \def POLARSSL_SSL_PROTO_TLS1_2
*
- * Enable support for TLS 1.2.
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
*
* Requires: POLARSSL_SHA1_C or POLARSSL_SHA256_C or POLARSSL_SHA512_C
* (Depends on ciphersuites)
*
- * Comment this macro to disable support for TLS 1.2
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
*/
#define POLARSSL_SSL_PROTO_TLS1_2
+/**
+ * \def POLARSSL_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and POLARSSL_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and POLARSSL_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: POLARSSL_SSL_PROTO_TLS1_1
+ * or POLARSSL_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define POLARSSL_SSL_PROTO_DTLS
+
/**
* \def POLARSSL_SSL_ALPN
*
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 194e94471..6543d5545 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -156,6 +156,9 @@
#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */
#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */
+#define SSL_TRANSPORT_STREAM 0 /*!< TLS */
+#define SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */
+
/* Determine minimum supported version */
#define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3
@@ -686,6 +689,7 @@ struct _ssl_context
* Miscellaneous
*/
int state; /*!< SSL handshake: current state */
+ int transport; /*!< Transport: stream or datagram */
int renegotiation; /*!< Initial or renegotiation */
int renego_records_seen; /*!< Records since renego request */
@@ -947,6 +951,17 @@ int ssl_session_reset( ssl_context *ssl );
*/
void ssl_set_endpoint( ssl_context *ssl, int endpoint );
+/**
+ * \brief Set the transport type (TLS or DTLS).
+ * Default: TLS
+ *
+ * \param ssl SSL context
+ * \param transport transport type:
+ * SSL_TRANSPORT_STREAM for TLS,
+ * SSL_TRANSPORT_DATAGRAM for DTLS.
+ */
+void ssl_set_transport( ssl_context *ssl, int transport );
+
/**
* \brief Set the certificate verification mode
*
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5f080defe..0b8b0d075 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3597,6 +3597,11 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint )
#endif
}
+void ssl_set_transport( ssl_context *ssl, int transport )
+{
+ ssl->transport = transport;
+}
+
void ssl_set_authmode( ssl_context *ssl, int authmode )
{
ssl->authmode = authmode;