Add basic flags for DTLS

include/polarssl/check_config.h

@@ -222,6 +222,12 @@
 #error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
 #endif
 
+#if defined(POLARSSL_SSL_PROTO_DTLS) && (       \
+    !defined(POLARSSL_SSL_PROTO_TLS1_1) &&      \
+    !defined(POLARSSL_SSL_PROTO_TLS1_2) )
+#error "POLARSSL_SSL_PROTO_DTLS defined, but not all prerequisites"
+#endif
+
 #if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
 #error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
 #endif

include/polarssl/config.h

@@ -877,27 +877,42 @@
 /**
  * \def POLARSSL_SSL_PROTO_TLS1_1
  *
- * Enable support for TLS 1.1.
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
  *
  * Requires: POLARSSL_MD5_C
  *           POLARSSL_SHA1_C
  *
- * Comment this macro to disable support for TLS 1.1
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
  */
 #define POLARSSL_SSL_PROTO_TLS1_1
 
 /**
  * \def POLARSSL_SSL_PROTO_TLS1_2
  *
- * Enable support for TLS 1.2.
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
  *
  * Requires: POLARSSL_SHA1_C or POLARSSL_SHA256_C or POLARSSL_SHA512_C
  *           (Depends on ciphersuites)
  *
- * Comment this macro to disable support for TLS 1.2
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
  */
 #define POLARSSL_SSL_PROTO_TLS1_2
 
+/**
+ * \def POLARSSL_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and POLARSSL_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and POLARSSL_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: POLARSSL_SSL_PROTO_TLS1_1
+ *        or POLARSSL_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define POLARSSL_SSL_PROTO_DTLS
+
 /**
  * \def POLARSSL_SSL_ALPN
  *

include/polarssl/ssl.h

@@ -156,6 +156,9 @@
 #define SSL_MINOR_VERSION_2             2   /*!< TLS v1.1 */
 #define SSL_MINOR_VERSION_3             3   /*!< TLS v1.2 */
 
+#define SSL_TRANSPORT_STREAM            0   /*!< TLS      */
+#define SSL_TRANSPORT_DATAGRAM          1   /*!< DTLS     */
+
 /* Determine minimum supported version */
 #define SSL_MIN_MAJOR_VERSION           SSL_MAJOR_VERSION_3
 
@@ -686,6 +689,7 @@ struct _ssl_context
      * Miscellaneous
      */
     int state;                  /*!< SSL handshake: current state     */
+    int transport;              /*!< Transport: stream or datagram    */
     int renegotiation;          /*!< Initial or renegotiation         */
     int renego_records_seen;    /*!< Records since renego request     */
 
@@ -947,6 +951,17 @@ int ssl_session_reset( ssl_context *ssl );
  */
 void ssl_set_endpoint( ssl_context *ssl, int endpoint );
 
+/**
+ * \brief          Set the transport type (TLS or DTLS).
+ *                 Default: TLS
+ *
+ * \param ssl      SSL context
+ * \param transport transport type:
+ *                  SSL_TRANSPORT_STREAM for TLS,
+ *                  SSL_TRANSPORT_DATAGRAM for DTLS.
+ */
+void ssl_set_transport( ssl_context *ssl, int transport );
+
 /**
  * \brief          Set the certificate verification mode
  *

library/ssl_tls.c

@@ -3597,6 +3597,11 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint )
 #endif
 }
 
+void ssl_set_transport( ssl_context *ssl, int transport )
+{
+    ssl->transport = transport;
+}
+
 void ssl_set_authmode( ssl_context *ssl, int authmode )
 {
     ssl->authmode   = authmode;