Move set_cbc_record_splitting() to conf

2024-10-18 18:01:11 +00:00 · 2015-05-05 16:34:53 +01:00 · 2015-05-05 16:34:53 +01:00 · 17eab2b65c
parent d36e33fc07
commit 17eab2b65c
3 changed files with 14 additions and 10 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -258,8 +258,8 @@
 #define MBEDTLS_SSL_SESSION_TICKETS_DISABLED     0
 #define MBEDTLS_SSL_SESSION_TICKETS_ENABLED      1

-#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED   -1
-#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED     0
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED    0
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED     1

 #define MBEDTLS_SSL_ARC4_ENABLED                0
 #define MBEDTLS_SSL_ARC4_DISABLED               1
@ -1047,8 +1047,7 @@ struct mbedtls_ssl_context
    unsigned char *compress_buf;        /*!<  zlib data buffer        */
 #endif
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-    signed char split_done;     /*!< flag for record splitting:
-                                     -1 disabled, 0 todo, 1 done      */
+    signed char split_done;     /*!< current record already splitted? */
 #endif

    /*
@ -1914,11 +1913,11 @@ int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
 * \note           Only affects SSLv3 and TLS 1.0, not higher versions.
 *                 Does not affect non-CBC ciphersuites in any version.
 *
- * \param ssl      SSL context
+ * \param conf     SSL configuration
 * \param split    MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or
 *                 MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
 */
-void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_context *ssl, char split );
+void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
 #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */

 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -5619,9 +5619,9 @@ int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
 #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */

 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_context *ssl, char split )
+void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
 {
-    ssl->split_done = split;
+    conf->cbc_record_splitting = split;
 }
 #endif

@ -6320,7 +6320,8 @@ static int ssl_write_split( mbedtls_ssl_context *ssl,
 {
    int ret;

-    if( ssl->split_done == MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
+    if( ssl->conf->cbc_record_splitting ==
+            MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
        len <= 1 ||
        ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 ||
        mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
@ -6658,6 +6659,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
    conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
 #endif

+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED;
+#endif
+
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
    conf->ticket_lifetime = MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME;
 #endif
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -1101,7 +1101,7 @@ int main( int argc, char *argv[] )

 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
    if( opt.recsplit != DFL_RECSPLIT )
-        mbedtls_ssl_set_cbc_record_splitting( &ssl, opt.recsplit
+        mbedtls_ssl_set_cbc_record_splitting( &conf, opt.recsplit
                                    ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
                                    : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
 #endif