Rename ssl_set_xxx() to ssl_conf_xxx()

2025-01-30 23:11:10 +00:00 · 2015-05-11 09:50:24 +02:00 · 2015-05-11 09:50:24 +02:00 · 6729e79482
parent 22bfa4bb53
commit 6729e79482
18 changed files with 296 additions and 296 deletions
--- a/include/mbedtls/compat-1.3.h
+++ b/include/mbedtls/compat-1.3.h
@ -2443,7 +2443,7 @@
 #define ssl_hw_record_write mbedtls_ssl_hw_record_write
 #define ssl_init mbedtls_ssl_init
 #define ssl_key_cert mbedtls_ssl_key_cert
-#define ssl_legacy_renegotiation mbedtls_set_ssl_legacy_renegotiation
+#define ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
 #define ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
 #define ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
 #define ssl_optimize_checksum mbedtls_ssl_optimize_checksum
@ -2471,49 +2471,49 @@
 #define ssl_session_free mbedtls_ssl_session_free
 #define ssl_session_init mbedtls_ssl_session_init
 #define ssl_session_reset mbedtls_ssl_session_reset
-#define ssl_set_alpn_protocols mbedtls_ssl_set_alpn_protocols
+#define ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
-#define ssl_set_arc4_support mbedtls_ssl_set_arc4_support
+#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
-#define ssl_set_authmode mbedtls_ssl_set_authmode
+#define ssl_set_authmode mbedtls_ssl_conf_authmode
 #define ssl_set_bio mbedtls_ssl_set_bio
 #define ssl_set_bio mbedtls_ssl_set_bio_timeout
-#define ssl_set_ca_chain mbedtls_ssl_set_ca_chain
+#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
-#define ssl_set_cbc_record_splitting mbedtls_ssl_set_cbc_record_splitting
+#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
-#define ssl_set_ciphersuites mbedtls_ssl_set_ciphersuites
+#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
-#define ssl_set_ciphersuites_for_version mbedtls_ssl_set_ciphersuites_for_version
+#define ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
 #define ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
-#define ssl_set_curves mbedtls_ssl_set_curves
+#define ssl_set_curves mbedtls_ssl_conf_curves
-#define ssl_set_dbg mbedtls_ssl_set_dbg
+#define ssl_set_dbg mbedtls_ssl_conf_dbg
-#define ssl_set_dh_param mbedtls_ssl_set_dh_param
+#define ssl_set_dh_param mbedtls_ssl_conf_dh_param
-#define ssl_set_dh_param_ctx mbedtls_ssl_set_dh_param_ctx
+#define ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
-#define ssl_set_dtls_anti_replay mbedtls_ssl_set_dtls_anti_replay
+#define ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
-#define ssl_set_dtls_badmac_limit mbedtls_ssl_set_dtls_badmac_limit
+#define ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
-#define ssl_set_dtls_cookies mbedtls_ssl_set_dtls_cookies
+#define ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
-#define ssl_set_encrypt_then_mac mbedtls_ssl_set_encrypt_then_mac
+#define ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
-#define ssl_set_endpoint mbedtls_ssl_set_endpoint
+#define ssl_set_endpoint mbedtls_ssl_conf_endpoint
-#define ssl_set_extended_master_secret mbedtls_ssl_set_extended_master_secret
+#define ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
-#define ssl_set_fallback mbedtls_ssl_set_fallback
+#define ssl_set_fallback mbedtls_ssl_conf_fallback
-#define ssl_set_handshake_timeout mbedtls_ssl_set_handshake_timeout
+#define ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
 #define ssl_set_hostname mbedtls_ssl_set_hostname
-#define ssl_set_max_frag_len mbedtls_ssl_set_max_frag_len
+#define ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
-#define ssl_set_max_version mbedtls_ssl_set_max_version
+#define ssl_set_max_version mbedtls_ssl_conf_max_version
-#define ssl_set_min_version mbedtls_ssl_set_min_version
+#define ssl_set_min_version mbedtls_ssl_conf_min_version
-#define ssl_set_own_cert mbedtls_ssl_set_own_cert
+#define ssl_set_own_cert mbedtls_ssl_conf_own_cert
 #define ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt
 #define ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa
-#define ssl_set_psk mbedtls_ssl_set_psk
+#define ssl_set_psk mbedtls_ssl_conf_psk
-#define ssl_set_psk_cb mbedtls_ssl_set_psk_cb
+#define ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
-#define ssl_set_renegotiation mbedtls_ssl_set_renegotiation
+#define ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
-#define ssl_set_renegotiation_enforced mbedtls_ssl_set_renegotiation_enforced
+#define ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
-#define ssl_set_renegotiation_period mbedtls_ssl_set_renegotiation_period
+#define ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
-#define ssl_set_rng mbedtls_ssl_set_rng
+#define ssl_set_rng mbedtls_ssl_conf_rng
 #define ssl_set_session mbedtls_ssl_set_session
-#define ssl_set_session_cache mbedtls_ssl_set_session_cache
+#define ssl_set_session_cache mbedtls_ssl_conf_session_cache
-#define ssl_set_session_ticket_lifetime mbedtls_ssl_set_session_ticket_lifetime
+#define ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime
-#define ssl_set_session_tickets mbedtls_ssl_set_session_tickets
+#define ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
-#define ssl_set_sni mbedtls_ssl_set_sni
+#define ssl_set_sni mbedtls_ssl_conf_sni
-#define ssl_set_transport mbedtls_ssl_set_transport
+#define ssl_set_transport mbedtls_ssl_conf_transport
-#define ssl_set_truncated_hmac mbedtls_ssl_set_truncated_hmac
+#define ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
-#define ssl_set_verify mbedtls_ssl_set_verify
+#define ssl_set_verify mbedtls_ssl_conf_verify
 #define ssl_sig_from_pk mbedtls_ssl_sig_from_pk
 #define ssl_states mbedtls_ssl_states
 #define ssl_ticket_keys mbedtls_ssl_ticket_keys
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -361,7 +361,7 @@
 * Remove RC4 ciphersuites by default in SSL / TLS.
 * This flag removes the ciphersuites based on RC4 from the default list as
 * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
- * enable (some of) them with mbedtls_ssl_set_ciphersuites() by including them
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
 * explicitly.
 *
 * Uncomment this macro to remove RC4 ciphersuites by default.
@ -1064,7 +1064,7 @@
 *           MBEDTLS_SSL_PROTO_DTLS
 *
 * \warning Disabling this is often a security risk!
- * See mbedtls_ssl_set_dtls_anti_replay() for details.
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
 *
 * Comment this to disable anti-replay in DTLS.
 */
@ -1094,7 +1094,7 @@
 *
 * Enable support for a limit of records with bad MAC.
 *
- * See mbedtls_ssl_set_dtls_badmac_limit().
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
 *
 * Requires: MBEDTLS_SSL_PROTO_DTLS
 */
@ -1136,14 +1136,14 @@
 /**
 * \def MBEDTLS_SSL_SET_CURVES
 *
- * Enable mbedtls_ssl_set_curves().
+ * Enable mbedtls_ssl_conf_curves().
 *
 * This is disabled by default since it breaks binary compatibility with the
 * 1.3.x line. If you choose to enable it, you will need to rebuild your
 * application against the new header files, relinking will not be enough.
 * It will be enabled by default, or no longer an option, in the 1.4 branch.
 *
- * Uncomment to make mbedtls_ssl_set_curves() available.
+ * Uncomment to make mbedtls_ssl_conf_curves() available.
 */
 //#define MBEDTLS_SSL_SET_CURVES
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -789,7 +789,7 @@ struct mbedtls_ssl_flight_item
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 /**
- * SSL/TLS configuration to be shared between ssl_context structures.
+ * SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
 */
 typedef struct
 {
@ -1179,7 +1179,7 @@ int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
 * \param conf     SSL configuration
 * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
 */
-void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint );
+void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
 /**
 * \brief           Set the transport type (TLS or DTLS).
@ -1193,9 +1193,9 @@ void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint );
 *
 * \note            For DTLS, you must either provide a recv callback that
 *                  doesn't block, or one that handles timeouts, see
- *                  mbedtls_ssl_set_bio()
+ *                  mbedtls_ssl_conf_bio()
 */
-int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport );
+int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
 /**
 * \brief          Set the certificate verification mode
@ -1222,7 +1222,7 @@ int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport );
 * the verification as soon as possible. For example, REQUIRED was protecting
 * against the "triple handshake" attack even before it was found.
 */
-void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode );
+void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 /**
@ -1236,7 +1236,7 @@ void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode );
 * \param f_vrfy   verification function
 * \param p_vrfy   verification parameter
 */
-void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
                     void *p_vrfy );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -1248,7 +1248,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
 * \param f_rng    RNG function
 * \param p_rng    RNG parameter
 */
-void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
                  int (*f_rng)(void *, unsigned char *, size_t),
                  void *p_rng );
@ -1259,7 +1259,7 @@ void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
 * \param f_dbg    debug function
 * \param p_dbg    debug parameter
 */
-void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
                  void (*f_dbg)(void *, int, const char *),
                  void  *p_dbg );
@ -1296,7 +1296,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
 * \note           With blocking I/O, this will only work if a non-NULL
 *                 \c f_recv_timeout was set with \c mbedtls_ssl_set_bio().
 */
-void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
+void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
 /**
@ -1376,7 +1376,7 @@ typedef int mbedtls_ssl_cookie_check_t( void *ctx,
 * \param f_cookie_check    Cookie check callback
 * \param p_cookie          Context for both callbacks
 */
-void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
                           mbedtls_ssl_cookie_write_t *f_cookie_write,
                           mbedtls_ssl_cookie_check_t *f_cookie_check,
                           void *p_cookie );
@ -1398,7 +1398,7 @@ void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
 *                 packets and needs information about them to adjust its
 *                 transmission strategy, then you'll want to disable this.
 */
-void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
+void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
@ -1425,7 +1425,7 @@ void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
 *                 might make us waste resources checking authentication on
 *                 many bogus packets.
 */
-void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
+void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
 #endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
@ -1445,7 +1445,7 @@ void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit
 *                 handshake latency. Lower values may increase the risk of
 *                 network congestion by causing more retransmissions.
 */
-void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_SSL_SRV_C)
@ -1486,7 +1486,7 @@ void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min,
 * \param f_get_cache    session get callback
 * \param f_set_cache    session set callback
 */
-void mbedtls_ssl_set_session_cache( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
        void *p_cache,
        int (*f_get_cache)(void *, mbedtls_ssl_session *),
        int (*f_set_cache)(void *, const mbedtls_ssl_session *) );
@ -1522,7 +1522,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
 * \param conf          SSL configuration
 * \param ciphersuites  0-terminated list of allowed ciphersuites
 */
-void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
                                   const int *ciphersuites );
 /**
@ -1541,7 +1541,7 @@ void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
 * \note                With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0
 *                      and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
 */
-void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
                                       const int *ciphersuites,
                                       int major, int minor );
@ -1553,7 +1553,7 @@ void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
 * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
 * \param ca_crl   trusted CA CRLs
 */
-void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
                               mbedtls_x509_crt *ca_chain,
                               mbedtls_x509_crl *ca_crl );
@ -1580,7 +1580,7 @@ void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
 *
 * \return         0 on success or MBEDTLS_ERR_SSL_MALLOC_FAILED
 */
-int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
                              mbedtls_x509_crt *own_cert,
                              mbedtls_pk_context *pk_key );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -1590,7 +1590,7 @@ int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
 * \brief          Set the Pre Shared Key (PSK) and the expected identity name
 *
 * \note           This is mainly useful for clients. Servers will usually
- *                 want to use \c mbedtls_ssl_set_psk_cb() instead.
+ *                 want to use \c mbedtls_ssl_conf_psk_cb() instead.
 *
 * \param conf     SSL configuration
 * \param psk      pointer to the pre-shared key
@ -1600,7 +1600,7 @@ int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
 *
 * \return         0 if successful or MBEDTLS_ERR_SSL_MALLOC_FAILED
 */
-int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
                const unsigned char *psk, size_t psk_len,
                const unsigned char *psk_identity, size_t psk_identity_len );
@ -1609,7 +1609,7 @@ int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
 * \brief          Set the Pre Shared Key (PSK) for the current handshake
 *
 * \note           This should only be called inside the PSK callback,
- *                 ie the function passed to \c mbedtls_ssl_set_psk_cb().
+ *                 ie the function passed to \c mbedtls_ssl_conf_psk_cb().
 *
 * \param ssl      SSL context
 * \param psk      pointer to the pre-shared key
@ -1638,13 +1638,13 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
 *
 * \note           If you set a PSK callback using this function, then you
 *                 don't need to set a PSK key and identity using
- *                 \c mbedtls_ssl_set_psk().
+ *                 \c mbedtls_ssl_conf_psk().
 *
 * \param conf     SSL configuration
 * \param f_psk    PSK identity function
 * \param p_psk    PSK identity parameter
 */
-void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
                     int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
                                  size_t),
                     void *p_psk );
@ -1662,7 +1662,7 @@ void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
 *
 * \return         0 if successful
 */
-int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G );
+int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G );
 /**
 * \brief          Set the Diffie-Hellman public P and G values,
@ -1673,7 +1673,7 @@ int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const
 *
 * \return         0 if successful
 */
-int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
+int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
 #endif /* MBEDTLS_DHM_C */
 #if defined(MBEDTLS_SSL_SET_CURVES)
@ -1695,7 +1695,7 @@ int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
 * \param curves   Ordered list of allowed curves,
 *                 terminated by MBEDTLS_ECP_DP_NONE.
 */
-void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
+void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
 #endif /* MBEDTLS_SSL_SET_CURVES */
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -1716,7 +1716,7 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
 /**
 * \brief          Set own certificate and key for the current handshake
 *
- * \note           Same as \c mbedtls_ssl_set_own_cert() but for use within
+ * \note           Same as \c mbedtls_ssl_conf_own_cert() but for use within
 *                 the SNI callback.
 *
 * \param ssl      SSL context
@ -1733,7 +1733,7 @@ int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
 * \brief          Set the data required to verify peer certificate for the
 *                 current handshake
 *
- * \note           Same as \c mbedtls_ssl_set_ca_chain() but for use within
+ * \note           Same as \c mbedtls_ssl_conf_ca_chain() but for use within
 *                 the SNI callback.
 *
 * \param ssl      SSL context
@ -1764,7 +1764,7 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
 * \param f_sni    verification function
 * \param p_sni    verification parameter
 */
-void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
                  int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
                               size_t),
                  void *p_sni );
@ -1780,7 +1780,7 @@ void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
 *
 * \return         0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
 */
-int mbedtls_ssl_set_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
+int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
 /**
 * \brief          Get the name of the negotiated Application Layer Protocol.
@ -1811,7 +1811,7 @@ const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
 * \note           With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
 *                 MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
 */
-int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor );
+int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
 /**
 * \brief          Set the minimum accepted SSL/TLS protocol version
@ -1832,7 +1832,7 @@ int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor
 * \note           With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
 *                 MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
 */
-int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor );
+int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
 #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
 /**
@ -1854,7 +1854,7 @@ int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor
 * \param conf     SSL configuration
 * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
 */
-void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback );
+void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
 #endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
@ -1869,7 +1869,7 @@ void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback );
 * \param conf      SSL configuration
 * \param etm       MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
 */
-void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
+void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
 #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
@ -1884,7 +1884,7 @@ void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
 * \param conf      SSL configuration
 * \param ems       MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
 */
-void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems );
+void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
 #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
 /**
@ -1900,7 +1900,7 @@ void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems
 * \param conf     SSL configuration
 * \param arc4     MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
 */
-void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 );
+void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 );
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
 /**
@ -1918,7 +1918,7 @@ void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 );
 *
 * \return         O if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
 */
-int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
+int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
@ -1932,7 +1932,7 @@ int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_co
 *
 * \return         Always 0.
 */
-int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
+int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
 #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
@ -1947,7 +1947,7 @@ int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
 * \param split    MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or
 *                 MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
 */
-void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
+void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
 #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
@ -1956,7 +1956,7 @@ void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split
 *                 (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED on client,
 *                           MBEDTLS_SSL_SESSION_TICKETS_DISABLED on server)
 *
- * \note           On server, mbedtls_ssl_set_rng() must be called before this function
+ * \note           On server, mbedtls_ssl_conf_rng() must be called before this function
 *                 to allow generating the ticket encryption and
 *                 authentication keys.
 *
@ -1967,7 +1967,7 @@ void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split
 * \return         O if successful,
 *                 or a specific error code (server only).
 */
-int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
+int mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
 /**
 * \brief          Set session ticket lifetime (server only)
@ -1976,7 +1976,7 @@ int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
 * \param conf     SSL configuration
 * \param lifetime session ticket lifetime
 */
-void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime );
+void mbedtls_ssl_conf_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime );
 #endif /* MBEDTLS_SSL_SESSION_TICKETS */
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
@ -1993,7 +1993,7 @@ void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int life
 * \param renegotiation     Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
 *                                             MBEDTLS_SSL_RENEGOTIATION_DISABLED)
 */
-void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
+void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 /**
@ -2023,7 +2023,7 @@ void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation
 *                                        SSL_ALLOW_LEGACY_RENEGOTIATION or
 *                                        MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
 */
-void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
+void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
 /**
@ -2063,7 +2063,7 @@ void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_l
 *                 enforce renegotiation, or a non-negative value to enforce
 *                 it but allow for a grace period of max_records records.
 */
-void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
+void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
 /**
 * \brief          Set record counter threshold for periodic renegotiation.
@ -2082,7 +2082,7 @@ void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_r
 * \param period   The threshold value: a big-endian 64-bit number.
 *                 Set to 2^64 - 1 to disable periodic renegotiation
 */
-void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
                                   const unsigned char period[8] );
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
@ -2295,7 +2295,7 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
 *
 * \param conf     SSL configuration context
 *
- * \note           See \c mbedtls_ssl_set_transport() for notes on DTLS.
+ * \note           See \c mbedtls_ssl_conf_transport() for notes on DTLS.
 *
 * \return         0 if successful, or
 *                 MBEDTLS_ERR_XXX_ALLOC_FAILED on memorr allocation error.
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -377,7 +377,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
    return( 0 );
 }
-void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
                           mbedtls_ssl_cookie_write_t *f_cookie_write,
                           mbedtls_ssl_cookie_check_t *f_cookie_check,
                           void *p_cookie )
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1952,7 +1952,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
                             ssl->in_msglen );
            mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec,
                             ssl->in_msg + ssl->in_msglen );
-            /* Call md_process at least once due to cache attacks */
+            /* Call mbedtls_md_process at least once due to cache attacks */
            for( j = 0; j < extra_run + 1; j++ )
                mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg );
@ -5180,12 +5180,12 @@ static int ssl_ticket_keys_init( mbedtls_ssl_config *conf )
 /*
 * SSL set accessors
 */
-void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint )
+void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint )
 {
    conf->endpoint   = endpoint;
 }
-int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport )
+int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
 {
    conf->transport = transport;
@ -5193,34 +5193,34 @@ int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport )
 }
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
+void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
 {
    conf->anti_replay = mode;
 }
 #endif
 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
+void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
 {
    conf->badmac_limit = limit;
 }
 #endif
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
 {
    conf->hs_timeout_min = min;
    conf->hs_timeout_max = max;
 }
 #endif
-void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode )
+void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode )
 {
    conf->authmode   = authmode;
 }
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
-void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
                     void *p_vrfy )
 {
@ -5229,7 +5229,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
                  int (*f_rng)(void *, unsigned char *, size_t),
                  void *p_rng )
 {
@ -5237,7 +5237,7 @@ void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
    conf->p_rng      = p_rng;
 }
-void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
                  void (*f_dbg)(void *, int, const char *),
                  void  *p_dbg )
 {
@ -5257,13 +5257,13 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
    ssl->f_recv_timeout = f_recv_timeout;
 }
-void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
+void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
 {
    conf->read_timeout   = timeout;
 }
 #if defined(MBEDTLS_SSL_SRV_C)
-void mbedtls_ssl_set_session_cache( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
        void *p_cache,
        int (*f_get_cache)(void *, mbedtls_ssl_session *),
        int (*f_set_cache)(void *, const mbedtls_ssl_session *) )
@ -5296,7 +5296,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
 }
 #endif /* MBEDTLS_SSL_CLI_C */
-void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
                                   const int *ciphersuites )
 {
    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
@ -5305,7 +5305,7 @@ void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
 }
-void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
                                       const int *ciphersuites,
                                       int major, int minor )
 {
@ -5350,14 +5350,14 @@ static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
    return( 0 );
 }
-int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
                              mbedtls_x509_crt *own_cert,
                              mbedtls_pk_context *pk_key )
 {
    return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) );
 }
-void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
                               mbedtls_x509_crt *ca_chain,
                               mbedtls_x509_crl *ca_crl )
 {
@ -5385,7 +5385,7 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
                const unsigned char *psk, size_t psk_len,
                const unsigned char *psk_identity, size_t psk_identity_len )
 {
@ -5443,7 +5443,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
    return( 0 );
 }
-void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
                     int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
                     size_t),
                     void *p_psk )
@ -5454,7 +5454,7 @@ void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 #if defined(MBEDTLS_DHM_C)
-int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
+int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
 {
    int ret;
@ -5469,7 +5469,7 @@ int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const
    return( 0 );
 }
-int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
+int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
 {
    int ret;
@ -5489,7 +5489,7 @@ int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
 /*
 * Set the allowed elliptic curves
 */
-void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
                             const mbedtls_ecp_group_id *curve_list )
 {
    conf->curve_list = curve_list;
@ -5523,7 +5523,7 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )
 #endif
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
                  int (*f_sni)(void *, mbedtls_ssl_context *,
                                const unsigned char *, size_t),
                  void *p_sni )
@ -5534,7 +5534,7 @@ void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
 #if defined(MBEDTLS_SSL_ALPN)
-int mbedtls_ssl_set_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
+int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
 {
    size_t cur_len, tot_len;
    const char **p;
@ -5588,7 +5588,7 @@ static int ssl_check_version( const mbedtls_ssl_config *conf,
    return( 0 );
 }
-int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor )
+int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
 {
    if( ssl_check_version( conf, major, minor ) != 0 )
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -5599,7 +5599,7 @@ int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor
    return( 0 );
 }
-int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor )
+int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
 {
    if( ssl_check_version( conf, major, minor ) != 0 )
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -5611,33 +5611,33 @@ int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor
 }
 #if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback )
+void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
 {
    conf->fallback = fallback;
 }
 #endif
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
+void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
 {
    conf->encrypt_then_mac = etm;
 }
 #endif
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems )
+void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems )
 {
    conf->extended_ms = ems;
 }
 #endif
-void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 )
+void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 )
 {
    conf->arc4_disabled = arc4;
 }
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
+int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
 {
    if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
        mfl_code_to_length[mfl_code] > MBEDTLS_SSL_MAX_CONTENT_LEN )
@ -5652,7 +5652,7 @@ int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_co
 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
+int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
 {
    conf->trunc_hmac = truncate;
@ -5661,29 +5661,29 @@ int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
 #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
+void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
 {
    conf->cbc_record_splitting = split;
 }
 #endif
-void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
+void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
 {
    conf->allow_legacy_renegotiation = allow_legacy;
 }
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
+void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
 {
    conf->disable_renegotiation = renegotiation;
 }
-void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
+void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
 {
    conf->renego_max_records = max_records;
 }
-void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
                                   const unsigned char period[8] )
 {
    memcpy( conf->renego_period, period, 8 );
@ -5691,7 +5691,7 @@ void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
-int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
+int mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
 {
    conf->session_tickets = use_tickets;
@ -5706,7 +5706,7 @@ int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
    return( ssl_ticket_keys_init( conf ) );
 }
-void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
+void mbedtls_ssl_conf_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
 {
    conf->ticket_lifetime = lifetime;
 }
@ -6735,7 +6735,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
    if( endpoint == MBEDTLS_SSL_IS_SERVER )
    {
-        if( ( ret = mbedtls_ssl_set_dh_param( conf,
+        if( ( ret = mbedtls_ssl_conf_dh_param( conf,
                        MBEDTLS_DHM_RFC5114_MODP_2048_P,
                        MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 )
        {
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@ -179,16 +179,16 @@ int main( int argc, char *argv[] )
    /* OPTIONAL is usually a bad choice for security, but makes interop easier
     * in this simplified example, in which the ca chain is hardcoded.
     * Production code should set a proper ca chain and use REQUIRED. */
-    mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
+    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-    mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
        goto exit;
    }
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
    mbedtls_ssl_set_bio( &ssl, &server_fd,
                         mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout );
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@ -206,19 +206,19 @@ int main( void )
        goto exit;
    }
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 #if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_set_session_cache( &conf, &cache,
+    mbedtls_ssl_conf_session_cache( &conf, &cache,
                                   mbedtls_ssl_cache_get,
                                   mbedtls_ssl_cache_set );
 #endif
-    mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-   if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+   if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
    {
-        printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+        printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
        goto exit;
    }
@ -229,7 +229,7 @@ int main( void )
        goto exit;
    }
-    mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
+    mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
                               &cookie_ctx );
    printf( " ok\n" );
@ -275,7 +275,7 @@ reset:
                                           sizeof( client_ip ) ) ) != 0 )
    {
        printf( " failed\n  ! "
-                "ssl_set_client_tranport_id() returned -0x%x\n\n", -ret );
+                "ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
        goto exit;
    }
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@ -203,10 +203,10 @@ int main( void )
        goto exit;
    }
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-    mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ),
+    mbedtls_ssl_conf_psk( &ssl, psk, sizeof( psk ),
                (const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
 #endif
@ -217,13 +217,13 @@ int main( void )
        goto exit;
    }
-    mbedtls_ssl_set_ca_chain( &conf, &ca, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL );
    if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 )
    {
        ret = hostname_failed;
        goto exit;
    }
-    mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
+    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
 #endif
    /*
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@ -168,16 +168,16 @@ int main( void )
    /* OPTIONAL is not optimal for security,
     * but makes interop easier in this simplified example */
-    mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
+    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-    mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    if( ( ret = mbedtls_ssl_set_hostname( &ssl, "mbed TLS Server 1" ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
        goto exit;
    }
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
    mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
    /*
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -1065,58 +1065,58 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    if( opt.debug_level > 0 )
-        mbedtls_ssl_set_verify( &conf, my_verify, NULL );
+        mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
 #endif
    if( opt.auth_mode != DFL_AUTH_MODE )
-        mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
+        mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
-        mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
+        mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( ( ret = mbedtls_ssl_set_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
        goto exit;
    }
 #endif
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
    if( opt.trunc_hmac != DFL_TRUNC_HMAC )
-        mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
+        mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
 #endif
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
    if( opt.extended_ms != DFL_EXTENDED_MS )
-        mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
+        mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
 #endif
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
    if( opt.etm != DFL_ETM )
-        mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
+        mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
 #endif
 #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
    if( opt.recsplit != DFL_RECSPLIT )
-        mbedtls_ssl_set_cbc_record_splitting( &conf, opt.recsplit
+        mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit
                                    ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
                                    : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
 #endif
 #if defined(MBEDTLS_SSL_ALPN)
    if( opt.alpn_string != NULL )
-        if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
            goto exit;
        }
 #endif
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
    if( opt.nbio == 2 )
        mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv, NULL );
@ -1128,40 +1128,40 @@ int main( int argc, char *argv[] )
                             NULL
 #endif
                );
-    mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout );
+    mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_session_tickets returned %d\n\n", ret );
        goto exit;
    }
 #endif
    if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
-        mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
+        mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
    if( opt.arc4 != DFL_ARC4 )
-        mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
+        mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
    if( opt.allow_legacy != DFL_ALLOW_LEGACY )
-        mbedtls_set_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
+        mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-    mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
+    mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
 #endif
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    if( strcmp( opt.ca_path, "none" ) != 0 &&
        strcmp( opt.ca_file, "none" ) != 0 )
    {
-        mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+        mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    }
    if( strcmp( opt.crt_file, "none" ) != 0 &&
        strcmp( opt.key_file, "none" ) != 0 )
    {
-        if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
            goto exit;
        }
    }
@ -1173,18 +1173,18 @@ int main( int argc, char *argv[] )
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-    if( ( ret = mbedtls_ssl_set_psk( &conf, psk, psk_len,
+    if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
                             (const unsigned char *) opt.psk_identity,
                             strlen( opt.psk_identity ) ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_psk returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk returned %d\n\n", ret );
        goto exit;
    }
 #endif
    if( opt.min_version != DFL_MIN_VERSION )
    {
-        ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
+        ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
        if( ret != 0 )
        {
            mbedtls_printf( " failed\n  ! selected min_version is not available\n" );
@ -1194,7 +1194,7 @@ int main( int argc, char *argv[] )
    if( opt.max_version != DFL_MAX_VERSION )
    {
-        ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
+        ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
        if( ret != 0 )
        {
            mbedtls_printf( " failed\n  ! selected max_version is not available\n" );
@ -1204,7 +1204,7 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_SSL_FALLBACK_SCSV)
    if( opt.fallback != DFL_FALLBACK )
-        mbedtls_ssl_set_fallback( &conf, opt.fallback );
+        mbedtls_ssl_conf_fallback( &conf, opt.fallback );
 #endif
    mbedtls_printf( " ok\n" );
@ -1520,7 +1520,7 @@ reconnect:
        if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_session returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_session returned %d\n\n", ret );
            goto exit;
        }
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@ -265,14 +265,14 @@ int main( void )
        mbedtls_printf( " ok\n" );
-        mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+        mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-        mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+        mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
        mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-        mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
+        mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-        if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
            goto exit;
        }
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@ -602,24 +602,24 @@ int main( int argc, char *argv[] )
    /* OPTIONAL is not optimal for security,
     * but makes interop easier in this simplified example */
-    mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
+    mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
    mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
    if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
-        mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
+        mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
-    mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
        goto exit;
    }
-    if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
        goto exit;
    }
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@ -176,22 +176,22 @@ static void *handle_ssl_connection( void *data )
        goto thread_exit;
    }
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_mutexed_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout );
    /* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
     * MBEDTLS_THREADING_C is set.
     */
 #if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_set_session_cache( &conf,
+    mbedtls_ssl_conf_session_cache( &conf,
                                   mbedtls_ssl_cache_get, thread_info->cache,
                                   mbedtls_ssl_cache_set, thread_info->cache );
 #endif
-    mbedtls_ssl_set_ca_chain( &conf, thread_info->ca_chain, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, thread_info->ca_chain, NULL );
-    if( ( ret = mbedtls_ssl_set_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
        goto thread_exit;
    }
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@ -205,19 +205,19 @@ int main( void )
        goto exit;
    }
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 #if defined(MBEDTLS_SSL_CACHE_C)
-    mbedtls_ssl_set_session_cache( &conf, &cache,
+    mbedtls_ssl_conf_session_cache( &conf, &cache,
                                   mbedtls_ssl_cache_get,
                                   mbedtls_ssl_cache_set );
 #endif
-    mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
+    mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
-    if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
        goto exit;
    }
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -1534,47 +1534,47 @@ int main( int argc, char *argv[] )
    }
    if( opt.auth_mode != DFL_AUTH_MODE )
-        mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
+        mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
-        mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
+        mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-    if( ( ret = mbedtls_ssl_set_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
        goto exit;
    };
 #endif
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
    if( opt.trunc_hmac != DFL_TRUNC_HMAC )
-        mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
+        mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
 #endif
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
    if( opt.extended_ms != DFL_EXTENDED_MS )
-        mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
+        mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
 #endif
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
    if( opt.etm != DFL_ETM )
-        mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
+        mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
 #endif
 #if defined(MBEDTLS_SSL_ALPN)
    if( opt.alpn_string != NULL )
-        if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
            goto exit;
        }
 #endif
-    mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+    mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-    mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+    mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
 #if defined(MBEDTLS_SSL_CACHE_C)
    if( opt.cache_max != -1 )
@ -1583,20 +1583,20 @@ int main( int argc, char *argv[] )
    if( opt.cache_timeout != -1 )
        mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
-    mbedtls_ssl_set_session_cache( &conf, &cache,
+    mbedtls_ssl_conf_session_cache( &conf, &cache,
                                   mbedtls_ssl_cache_get,
                                   mbedtls_ssl_cache_set );
 #endif
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
-    if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 )
+    if( ( ret = mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ) ) != 0 )
    {
-        mbedtls_printf( " failed\n  ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret );
+        mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_session_tickets returned %d\n\n", ret );
        goto exit;
    }
    if( opt.ticket_timeout != -1 )
-        mbedtls_ssl_set_session_ticket_lifetime( &conf, opt.ticket_timeout );
+        mbedtls_ssl_conf_session_ticket_lifetime( &conf, opt.ticket_timeout );
 #endif
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
@ -1612,7 +1612,7 @@ int main( int argc, char *argv[] )
                goto exit;
            }
-            mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
+            mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
                                       &cookie_ctx );
        }
        else
@ -1620,7 +1620,7 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
        if( opt.cookies == 0 )
        {
-            mbedtls_ssl_set_dtls_cookies( &conf, NULL, NULL, NULL );
+            mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL );
        }
        else
 #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
@ -1630,50 +1630,50 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
        if( opt.anti_replay != DFL_ANTI_REPLAY )
-            mbedtls_ssl_set_dtls_anti_replay( &conf, opt.anti_replay );
+            mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay );
 #endif
 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
        if( opt.badmac_limit != DFL_BADMAC_LIMIT )
-            mbedtls_ssl_set_dtls_badmac_limit( &conf, opt.badmac_limit );
+            mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit );
 #endif
    }
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
    if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
-        mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
+        mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
    if( opt.arc4 != DFL_ARC4 )
-        mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
+        mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
    if( opt.version_suites != NULL )
    {
-        mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[0],
+        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0],
                                          MBEDTLS_SSL_MAJOR_VERSION_3,
                                          MBEDTLS_SSL_MINOR_VERSION_0 );
-        mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[1],
+        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1],
                                          MBEDTLS_SSL_MAJOR_VERSION_3,
                                          MBEDTLS_SSL_MINOR_VERSION_1 );
-        mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[2],
+        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2],
                                          MBEDTLS_SSL_MAJOR_VERSION_3,
                                          MBEDTLS_SSL_MINOR_VERSION_2 );
-        mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[3],
+        mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3],
                                          MBEDTLS_SSL_MAJOR_VERSION_3,
                                          MBEDTLS_SSL_MINOR_VERSION_3 );
    }
    if( opt.allow_legacy != DFL_ALLOW_LEGACY )
-        mbedtls_set_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
+        mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-    mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
+    mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
    if( opt.renego_delay != DFL_RENEGO_DELAY )
-        mbedtls_ssl_set_renegotiation_enforced( &conf, opt.renego_delay );
+        mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay );
    if( opt.renego_period != DFL_RENEGO_PERIOD )
    {
        renego_period[7] = opt.renego_period;
-        mbedtls_ssl_set_renegotiation_period( &conf, renego_period );
+        mbedtls_ssl_conf_renegotiation_period( &conf, renego_period );
    }
 #endif
@ -1681,42 +1681,42 @@ int main( int argc, char *argv[] )
    if( strcmp( opt.ca_path, "none" ) != 0 &&
        strcmp( opt.ca_file, "none" ) != 0 )
    {
-        mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+        mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
    }
    if( key_cert_init )
-        if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
            goto exit;
        }
    if( key_cert_init2 )
-        if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
            goto exit;
        }
 #endif
 #if defined(SNI_OPTION)
    if( opt.sni != NULL )
-        mbedtls_ssl_set_sni( &conf, sni_callback, sni_info );
+        mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info );
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
    if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
    {
-        ret = mbedtls_ssl_set_psk( &conf, psk, psk_len,
+        ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
                           (const unsigned char *) opt.psk_identity,
                           strlen( opt.psk_identity ) );
        if( ret != 0 )
        {
-            mbedtls_printf( "  failed\n  mbedtls_ssl_set_psk returned -0x%04X\n\n", - ret );
+            mbedtls_printf( "  failed\n  mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
            goto exit;
        }
    }
    if( opt.psk_list != NULL )
-        mbedtls_ssl_set_psk_cb( &conf, psk_callback, psk_info );
+        mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
 #endif
 #if defined(MBEDTLS_DHM_C)
@ -1725,18 +1725,18 @@ int main( int argc, char *argv[] )
     */
 #if defined(MBEDTLS_FS_IO)
    if( opt.dhm_file != NULL )
-        ret = mbedtls_ssl_set_dh_param_ctx( &conf, &dhm );
+        ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm );
 #endif
    if( ret != 0 )
    {
-        mbedtls_printf( "  failed\n  mbedtls_ssl_set_dh_param returned -0x%04X\n\n", - ret );
+        mbedtls_printf( "  failed\n  mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret );
        goto exit;
    }
 #endif
    if( opt.min_version != DFL_MIN_VERSION )
    {
-        ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
+        ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
        if( ret != 0 )
        {
            mbedtls_printf( " failed\n  ! selected min_version is not available\n" );
@ -1746,7 +1746,7 @@ int main( int argc, char *argv[] )
    if( opt.max_version != DFL_MIN_VERSION )
    {
-        ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
+        ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
        if( ret != 0 )
        {
            mbedtls_printf( " failed\n  ! selected max_version is not available\n" );
@ -1823,7 +1823,7 @@ reset:
                             NULL
 #endif
                );
-    mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout );
+    mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
    if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
@ -1832,7 +1832,7 @@ reset:
                                               sizeof( client_ip ) ) ) != 0 )
        {
            mbedtls_printf( " failed\n  ! "
-                    "ssl_set_client_tranport_id() returned -0x%x\n\n", -ret );
+                    "ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
            goto exit;
        }
    }
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@ -412,20 +412,20 @@ int main( int argc, char *argv[] )
        if( verify )
        {
-            mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
+            mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
-            mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+            mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
-            mbedtls_ssl_set_verify( &conf, my_verify, NULL );
+            mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
        }
        else
-            mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
+            mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
-        mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+        mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
-        mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+        mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
        mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
-        if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
+        if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
        {
-            mbedtls_printf( " failed\n  ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
            goto ssl_exit;
        }
--- a/scripts/data_files/rename-1.3-2.0.txt
+++ b/scripts/data_files/rename-1.3-2.0.txt
@ -1969,7 +1969,7 @@ ssl_hw_record_reset mbedtls_ssl_hw_record_reset
 ssl_hw_record_write mbedtls_ssl_hw_record_write
 ssl_init mbedtls_ssl_init
 ssl_key_cert mbedtls_ssl_key_cert
-ssl_legacy_renegotiation mbedtls_set_ssl_legacy_renegotiation
+ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
 ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
 ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
 ssl_optimize_checksum mbedtls_ssl_optimize_checksum
@ -1997,49 +1997,49 @@ ssl_session mbedtls_ssl_session
 ssl_session_free mbedtls_ssl_session_free
 ssl_session_init mbedtls_ssl_session_init
 ssl_session_reset mbedtls_ssl_session_reset
-ssl_set_alpn_protocols mbedtls_ssl_set_alpn_protocols
+ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
-ssl_set_arc4_support mbedtls_ssl_set_arc4_support
+ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
-ssl_set_authmode mbedtls_ssl_set_authmode
+ssl_set_authmode mbedtls_ssl_conf_authmode
 ssl_set_bio mbedtls_ssl_set_bio
 ssl_set_bio_timeout mbedtls_ssl_set_bio_timeout
-ssl_set_ca_chain mbedtls_ssl_set_ca_chain
+ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
-ssl_set_cbc_record_splitting mbedtls_ssl_set_cbc_record_splitting
+ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
-ssl_set_ciphersuites mbedtls_ssl_set_ciphersuites
+ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
-ssl_set_ciphersuites_for_version mbedtls_ssl_set_ciphersuites_for_version
+ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
 ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
-ssl_set_curves mbedtls_ssl_set_curves
+ssl_set_curves mbedtls_ssl_conf_curves
-ssl_set_dbg mbedtls_ssl_set_dbg
+ssl_set_dbg mbedtls_ssl_conf_dbg
-ssl_set_dh_param mbedtls_ssl_set_dh_param
+ssl_set_dh_param mbedtls_ssl_conf_dh_param
-ssl_set_dh_param_ctx mbedtls_ssl_set_dh_param_ctx
+ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
-ssl_set_dtls_anti_replay mbedtls_ssl_set_dtls_anti_replay
+ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
-ssl_set_dtls_badmac_limit mbedtls_ssl_set_dtls_badmac_limit
+ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
-ssl_set_dtls_cookies mbedtls_ssl_set_dtls_cookies
+ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
-ssl_set_encrypt_then_mac mbedtls_ssl_set_encrypt_then_mac
+ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
-ssl_set_endpoint mbedtls_ssl_set_endpoint
+ssl_set_endpoint mbedtls_ssl_conf_endpoint
-ssl_set_extended_master_secret mbedtls_ssl_set_extended_master_secret
+ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
-ssl_set_fallback mbedtls_ssl_set_fallback
+ssl_set_fallback mbedtls_ssl_conf_fallback
-ssl_set_handshake_timeout mbedtls_ssl_set_handshake_timeout
+ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
 ssl_set_hostname mbedtls_ssl_set_hostname
-ssl_set_max_frag_len mbedtls_ssl_set_max_frag_len
+ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
-ssl_set_max_version mbedtls_ssl_set_max_version
+ssl_set_max_version mbedtls_ssl_conf_max_version
-ssl_set_min_version mbedtls_ssl_set_min_version
+ssl_set_min_version mbedtls_ssl_conf_min_version
-ssl_set_own_cert mbedtls_ssl_set_own_cert
+ssl_set_own_cert mbedtls_ssl_conf_own_cert
 ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt
 ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa
-ssl_set_psk mbedtls_ssl_set_psk
+ssl_set_psk mbedtls_ssl_conf_psk
-ssl_set_psk_cb mbedtls_ssl_set_psk_cb
+ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
-ssl_set_renegotiation mbedtls_ssl_set_renegotiation
+ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
-ssl_set_renegotiation_enforced mbedtls_ssl_set_renegotiation_enforced
+ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
-ssl_set_renegotiation_period mbedtls_ssl_set_renegotiation_period
+ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
-ssl_set_rng mbedtls_ssl_set_rng
+ssl_set_rng mbedtls_ssl_conf_rng
 ssl_set_session mbedtls_ssl_set_session
-ssl_set_session_cache mbedtls_ssl_set_session_cache
+ssl_set_session_cache mbedtls_ssl_conf_session_cache
-ssl_set_session_ticket_lifetime mbedtls_ssl_set_session_ticket_lifetime
+ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime
-ssl_set_session_tickets mbedtls_ssl_set_session_tickets
+ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
-ssl_set_sni mbedtls_ssl_set_sni
+ssl_set_sni mbedtls_ssl_conf_sni
-ssl_set_transport mbedtls_ssl_set_transport
+ssl_set_transport mbedtls_ssl_conf_transport
-ssl_set_truncated_hmac mbedtls_ssl_set_truncated_hmac
+ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
-ssl_set_verify mbedtls_ssl_set_verify
+ssl_set_verify mbedtls_ssl_conf_verify
 ssl_sig_from_pk mbedtls_ssl_sig_from_pk
 ssl_states mbedtls_ssl_states
 ssl_ticket_keys mbedtls_ssl_ticket_keys
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@ -46,7 +46,7 @@ void debug_print_msg_threshold( int threshold, int level, char *file, int line,
    mbedtls_debug_set_log_mode( MBEDTLS_DEBUG_LOG_FULL );
    mbedtls_debug_set_threshold( threshold );
-    mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
    mbedtls_debug_print_msg( &ssl, level, file, line,
                     mbedtls_debug_fmt("Text message, 2 == %d", 2 ) );
@ -75,7 +75,7 @@ void mbedtls_debug_print_ret( int mode, char *file, int line, char *text, int va
    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
    mbedtls_debug_set_log_mode( mode );
-    mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
    mbedtls_debug_print_ret( &ssl, 0, file, line, text, value);
@ -108,7 +108,7 @@ void mbedtls_debug_print_buf( int mode, char *file, int line, char *text,
    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
    mbedtls_debug_set_log_mode( mode );
-    mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
    mbedtls_debug_print_buf( &ssl, 0, file, line, text, data, data_len );
@ -138,7 +138,7 @@ void mbedtls_debug_print_crt( int mode, char *crt_file, char *file, int line,
    TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
    mbedtls_debug_set_log_mode( mode );
-    mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
    TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
    mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt);
@ -172,7 +172,7 @@ void mbedtls_debug_print_mpi( int mode, int radix, char *value, char *file, int
    TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
    mbedtls_debug_set_log_mode( mode );
-    mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+    mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
    mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val);