mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 06:15:37 +00:00
Rename MBEDTLS_SSL_CID to MBEDTLS_SSL_DTLS_CONNECTION_ID
Files modified via sed -i 's/MBEDTLS_SSL_CID\([^_]\|$\)/MBEDTLS_SSL_DTLS_CONNECTION_ID\1/g' **/*.c **/*.h **/*.sh **/*.function
This commit is contained in:
parent
ebcc9137ca
commit
a0e20d04b2
|
@ -641,18 +641,18 @@
|
|||
#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID) && \
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
|
||||
( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
|
||||
#error "MBEDTLS_SSL_CID defined, but not all prerequisites"
|
||||
#error "MBEDTLS_SSL_DTLS_CONNECTION_ID defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID) && \
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
|
||||
defined(MBEDTLS_SSL_CID_IN_LEN_MAX) && \
|
||||
MBEDTLS_SSL_CID_IN_LEN_MAX > 255
|
||||
#error "MBEDTLS_SSL_CID_IN_LEN_MAX too large (max 255)"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID) && \
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
|
||||
defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) && \
|
||||
MBEDTLS_SSL_CID_OUT_LEN_MAX > 255
|
||||
#error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)"
|
||||
|
|
|
@ -1327,7 +1327,7 @@
|
|||
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_CID
|
||||
* \def MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
*
|
||||
* Enable support for the DTLS Connection ID extension
|
||||
* (version draft-ietf-tls-dtls-connection-id-05,
|
||||
|
@ -1352,7 +1352,7 @@
|
|||
*
|
||||
* Uncomment to enable the Connection ID extension.
|
||||
*/
|
||||
#define MBEDTLS_SSL_CID
|
||||
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_ASYNC_PRIVATE
|
||||
|
|
|
@ -965,9 +965,9 @@ struct mbedtls_ssl_config
|
|||
void *p_export_keys; /*!< context for key export callback */
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
size_t cid_len; /*!< The length of CIDs for incoming DTLS records. */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */
|
||||
|
@ -1115,11 +1115,11 @@ struct mbedtls_ssl_config
|
|||
unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in
|
||||
Certificate Request messages? */
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS
|
||||
* record with unexpected CID
|
||||
* should lead to failure. */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
};
|
||||
|
||||
|
||||
|
@ -1193,10 +1193,10 @@ struct mbedtls_ssl_context
|
|||
TLS: maintained by us
|
||||
DTLS: read from peer */
|
||||
unsigned char *in_hdr; /*!< start of record header */
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
unsigned char *in_cid; /*!< The start of the CID;
|
||||
* (the end is marked by in_len). */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
unsigned char *in_len; /*!< two-bytes message length field */
|
||||
unsigned char *in_iv; /*!< ivlen-byte IV */
|
||||
unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */
|
||||
|
@ -1233,10 +1233,10 @@ struct mbedtls_ssl_context
|
|||
unsigned char *out_buf; /*!< output buffer */
|
||||
unsigned char *out_ctr; /*!< 64-bit outgoing message counter */
|
||||
unsigned char *out_hdr; /*!< start of record header */
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
unsigned char *out_cid; /*!< The start of the CID;
|
||||
* (the end is marked by in_len). */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
unsigned char *out_len; /*!< two-bytes message length field */
|
||||
unsigned char *out_iv; /*!< ivlen-byte IV */
|
||||
unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */
|
||||
|
@ -1295,7 +1295,7 @@ struct mbedtls_ssl_context
|
|||
char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */
|
||||
#endif /* MBEDTLS_SSL_RENEGOTIATION */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* CID configuration to use in subsequent handshakes. */
|
||||
|
||||
/*! The next incoming CID, chosen by the user and applying to
|
||||
|
@ -1308,7 +1308,7 @@ struct mbedtls_ssl_context
|
|||
* be negotiated in the next handshake or not.
|
||||
* Possible values are #MBEDTLS_SSL_CID_ENABLED
|
||||
* and #MBEDTLS_SSL_CID_DISABLED. */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
};
|
||||
|
||||
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
|
||||
|
@ -1534,7 +1534,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
|
||||
|
||||
/**
|
||||
|
@ -1661,7 +1661,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
|
|||
unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
|
||||
size_t *peer_cid_len );
|
||||
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/**
|
||||
* \brief Set the Maximum Tranport Unit (MTU).
|
||||
|
@ -2310,7 +2310,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
|
|||
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
|
||||
const int *ciphersuites );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0
|
||||
#define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1
|
||||
/**
|
||||
|
@ -2346,7 +2346,7 @@ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
|
|||
*/
|
||||
int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len,
|
||||
int ignore_other_cids );
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/**
|
||||
* \brief Set the list of allowed ciphersuites and the
|
||||
|
|
|
@ -175,7 +175,7 @@
|
|||
#define MBEDTLS_SSL_PADDING_ADD 0
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_PADDING_GRANULARITY
|
||||
#else
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION 0
|
||||
|
@ -238,7 +238,7 @@
|
|||
implicit sequence number. */
|
||||
#define MBEDTLS_SSL_HEADER_LEN 13
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define MBEDTLS_SSL_IN_BUFFER_LEN \
|
||||
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) )
|
||||
#else
|
||||
|
@ -247,7 +247,7 @@
|
|||
+ ( MBEDTLS_SSL_CID_IN_LEN_MAX ) )
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define MBEDTLS_SSL_OUT_BUFFER_LEN \
|
||||
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) )
|
||||
#else
|
||||
|
@ -391,7 +391,7 @@ struct mbedtls_ssl_handshake_params
|
|||
unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter
|
||||
for resending messages */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* The state of CID configuration in this handshake. */
|
||||
|
||||
uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
|
||||
|
@ -401,7 +401,7 @@ struct mbedtls_ssl_handshake_params
|
|||
unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
|
||||
uint8_t peer_cid_len; /*!< The length of
|
||||
* \c peer_cid. */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
struct
|
||||
{
|
||||
|
@ -628,12 +628,12 @@ struct mbedtls_ssl_transform
|
|||
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
|
||||
int minor_ver;
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
uint8_t in_cid_len;
|
||||
uint8_t out_cid_len;
|
||||
unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
|
||||
unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/*
|
||||
* Session specific compression layer
|
||||
|
@ -681,11 +681,10 @@ typedef struct
|
|||
size_t data_offset; /* Offset of record content */
|
||||
size_t data_len; /* Length of record content */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
uint8_t cid_len; /* Length of the CID (0 if not present) */
|
||||
unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID */
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
} mbedtls_record;
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
|
|
|
@ -475,7 +475,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
size_t *olen )
|
||||
|
@ -521,7 +521,7 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*olen = ssl->own_cid_len + 5;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
||||
|
@ -1133,10 +1133,10 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
|
|||
ext_len += olen;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
|
||||
ext_len += olen;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||
ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen );
|
||||
|
@ -1295,7 +1295,7 @@ static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -1349,7 +1349,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
||||
|
@ -2002,7 +2002,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
|
|||
break;
|
||||
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
case MBEDTLS_TLS_EXT_CID:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
|
||||
|
||||
|
@ -2014,7 +2014,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
break;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
|
||||
|
|
|
@ -475,7 +475,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
|
@ -545,7 +545,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
|
||||
static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
|
||||
|
@ -1895,7 +1895,7 @@ read_record_header:
|
|||
break;
|
||||
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
case MBEDTLS_TLS_EXT_CID:
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
|
||||
|
||||
|
@ -2182,7 +2182,7 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
size_t *olen )
|
||||
|
@ -2228,7 +2228,7 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
|
|||
|
||||
*olen = ssl->own_cid_len + 5;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||
static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
|
||||
|
@ -2751,7 +2751,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
|
|||
ext_len += olen;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
|
||||
ext_len += olen;
|
||||
#endif
|
||||
|
|
|
@ -117,7 +117,7 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl );
|
|||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* Top-level Connection ID API */
|
||||
|
||||
int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf,
|
||||
|
@ -202,7 +202,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/* Forward declarations for functions related to message buffering. */
|
||||
static void ssl_buffering_free( mbedtls_ssl_context *ssl );
|
||||
|
@ -969,7 +969,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* Copy own and peer's CID if the use of the CID
|
||||
* extension has been negotiated. */
|
||||
if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED )
|
||||
|
@ -987,7 +987,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid,
|
||||
transform->out_cid_len );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/*
|
||||
* Set appropriate PRF function and other SSL / TLS / TLS1.2 functions
|
||||
|
@ -1984,7 +1984,7 @@ static void ssl_read_memory( unsigned char *p, size_t len )
|
|||
* Encryption/decryption functions
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* This functions transforms a DTLS plaintext fragment and a record content
|
||||
* type into an instance of the DTLSInnerPlaintext structure:
|
||||
*
|
||||
|
@ -2059,7 +2059,7 @@ static int ssl_cid_parse_inner_plaintext( unsigned char const *content,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/* `add_data` must have size 13 Bytes if the CID extension is disabled,
|
||||
* and 13 + 1 + CID-length Bytes if the CID extension is enabled. */
|
||||
|
@ -2087,7 +2087,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
|
|||
add_data[8] = rec->type;
|
||||
memcpy( add_data + 9, rec->ver, sizeof( rec->ver ) );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( rec->cid_len != 0 )
|
||||
{
|
||||
memcpy( add_data + 11, rec->cid, rec->cid_len );
|
||||
|
@ -2097,7 +2097,7 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
|
|||
*add_data_len = 13 + 1 + rec->cid_len;
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
{
|
||||
add_data[11 + 0] = ( rec->data_len >> 8 ) & 0xFF;
|
||||
add_data[11 + 1] = ( rec->data_len >> 0 ) & 0xFF;
|
||||
|
@ -2145,7 +2145,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
|| rec->buf == NULL
|
||||
|| rec->buf_len < rec->data_offset
|
||||
|| rec->buf_len - rec->data_offset < rec->data_len
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
|| rec->cid_len != 0
|
||||
#endif
|
||||
)
|
||||
|
@ -2169,7 +2169,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/*
|
||||
* Add CID information
|
||||
*/
|
||||
|
@ -2196,7 +2196,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
|
||||
rec->type = MBEDTLS_SSL_MSG_CID;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
|
||||
|
||||
|
@ -2570,7 +2570,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
|||
data = rec->buf + rec->data_offset;
|
||||
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/*
|
||||
* Match record's CID with incoming CID.
|
||||
*/
|
||||
|
@ -2579,7 +2579,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
|||
{
|
||||
return( MBEDTLS_ERR_SSL_UNEXPECTED_CID );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
|
||||
if( mode == MBEDTLS_MODE_STREAM )
|
||||
|
@ -3117,7 +3117,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
|||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( rec->cid_len != 0 )
|
||||
{
|
||||
ret = ssl_cid_parse_inner_plaintext( data, &rec->data_len,
|
||||
|
@ -3125,7 +3125,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context *ssl,
|
|||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
|
||||
|
||||
|
@ -4156,10 +4156,10 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
|
|||
ssl->conf->transport, rec.ver );
|
||||
rec.type = ssl->out_msgtype;
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* The CID is set by mbedtls_ssl_encrypt_buf(). */
|
||||
rec.cid_len = 0;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
if( ( ret = mbedtls_ssl_encrypt_buf( ssl, ssl->transform_out, &rec,
|
||||
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
|
||||
|
@ -4176,9 +4176,9 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
|
|||
|
||||
/* Update the record content type and CID. */
|
||||
ssl->out_msgtype = rec.type;
|
||||
#if defined(MBEDTLS_SSL_CID )
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID )
|
||||
memcpy( ssl->out_cid, rec.cid, rec.cid_len );
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->out_msglen = len = rec.data_len;
|
||||
ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
|
||||
ssl->out_len[1] = (unsigned char)( rec.data_len );
|
||||
|
@ -4853,7 +4853,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
|
|||
mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 );
|
||||
|
||||
/* Check record type */
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
|
||||
ssl->in_msgtype == MBEDTLS_SSL_MSG_CID &&
|
||||
ssl->conf->cid_len != 0 )
|
||||
|
@ -4876,7 +4876,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
|
|||
ssl->in_iv = ssl->in_msg = ssl->in_len + 2;
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
if( ssl_check_record_type( ssl->in_msgtype ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
|
||||
|
@ -5083,10 +5083,10 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl )
|
|||
- ( ssl->in_iv - ssl->in_buf );
|
||||
rec.data_len = ssl->in_msglen;
|
||||
rec.data_offset = 0;
|
||||
#if defined(MBEDTLS_SSL_CID )
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID )
|
||||
rec.cid_len = (uint8_t)( ssl->in_len - ssl->in_cid );
|
||||
memcpy( rec.cid, ssl->in_cid, rec.cid_len );
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
memcpy( &rec.ctr[0], ssl->in_ctr, 8 );
|
||||
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
|
||||
|
@ -5097,14 +5097,14 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl )
|
|||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID &&
|
||||
ssl->conf->ignore_unexpected_cid
|
||||
== MBEDTLS_SSL_UNEXPECTED_CID_IGNORE )
|
||||
{
|
||||
ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
@ -5131,7 +5131,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
|
||||
ssl->in_msg, ssl->in_msglen );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* We have already checked the record content type
|
||||
* in ssl_parse_record_header(), failing or silently
|
||||
* dropping the record in the case of an unknown type.
|
||||
|
@ -5144,7 +5144,7 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
|
||||
{
|
||||
|
@ -8078,14 +8078,14 @@ static void ssl_update_out_pointers( mbedtls_ssl_context *ssl,
|
|||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
{
|
||||
ssl->out_ctr = ssl->out_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->out_cid = ssl->out_ctr + 8;
|
||||
ssl->out_len = ssl->out_cid;
|
||||
if( transform != NULL )
|
||||
ssl->out_len += transform->out_cid_len;
|
||||
#else /* MBEDTLS_SSL_CID */
|
||||
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->out_len = ssl->out_ctr + 8;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->out_iv = ssl->out_len + 2;
|
||||
}
|
||||
else
|
||||
|
@ -8093,7 +8093,7 @@ static void ssl_update_out_pointers( mbedtls_ssl_context *ssl,
|
|||
{
|
||||
ssl->out_ctr = ssl->out_hdr - 8;
|
||||
ssl->out_len = ssl->out_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->out_cid = ssl->out_len;
|
||||
#endif
|
||||
ssl->out_iv = ssl->out_hdr + 5;
|
||||
|
@ -8137,12 +8137,12 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl )
|
|||
* a CID, the fields are shifted accordingly in
|
||||
* ssl_parse_record_header(). */
|
||||
ssl->in_ctr = ssl->in_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->in_cid = ssl->in_ctr + 8;
|
||||
ssl->in_len = ssl->in_cid; /* Default: no CID */
|
||||
#else /* MBEDTLS_SSL_CID */
|
||||
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->in_len = ssl->in_ctr + 8;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->in_iv = ssl->in_len + 2;
|
||||
}
|
||||
else
|
||||
|
@ -8150,7 +8150,7 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl )
|
|||
{
|
||||
ssl->in_ctr = ssl->in_hdr - 8;
|
||||
ssl->in_len = ssl->in_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->in_cid = ssl->in_len;
|
||||
#endif
|
||||
ssl->in_iv = ssl->in_hdr + 5;
|
||||
|
@ -9381,10 +9381,10 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
|
|||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( transform->out_cid_len != 0 )
|
||||
transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
return( (int)( out_hdr_len + transform_expansion ) );
|
||||
}
|
||||
|
|
|
@ -447,9 +447,9 @@ static const char *features[] = {
|
|||
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
|
||||
"MBEDTLS_SSL_ALL_ALERT_MESSAGES",
|
||||
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
"MBEDTLS_SSL_CID",
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
"MBEDTLS_SSL_DTLS_CONNECTION_ID",
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
"MBEDTLS_SSL_ASYNC_PRIVATE",
|
||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||
|
|
|
@ -1234,13 +1234,13 @@ int query_config( const char *config )
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
if( strcmp( "MBEDTLS_SSL_CID", config ) == 0 )
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 )
|
||||
{
|
||||
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID );
|
||||
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 )
|
||||
|
|
|
@ -170,7 +170,7 @@ int main( void )
|
|||
#define USAGE_KEY_OPAQUE ""
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define USAGE_CID \
|
||||
" cid=%%d Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
|
||||
" default: 0 (disabled)\n" \
|
||||
|
@ -180,9 +180,9 @@ int main( void )
|
|||
" default: \"\"\n" \
|
||||
" cid_val_renego=%%s The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n" \
|
||||
" default: same as cid_val\n"
|
||||
#else /* MBEDTLS_SSL_CID */
|
||||
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
#define USAGE_CID ""
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
#define USAGE_PSK_RAW \
|
||||
|
@ -772,7 +772,7 @@ int unhexify( char const *hex, unsigned char *dst )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
int report_cid_usage( mbedtls_ssl_context *ssl,
|
||||
const char *additional_description )
|
||||
{
|
||||
|
@ -820,7 +820,7 @@ int report_cid_usage( mbedtls_ssl_context *ssl,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
@ -834,7 +834,7 @@ int main( int argc, char *argv[] )
|
|||
size_t psk_len = 0;
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
|
||||
unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
|
||||
size_t cid_len = 0;
|
||||
|
@ -1073,7 +1073,7 @@ int main( int argc, char *argv[] )
|
|||
else if( strcmp( p, "key_opaque" ) == 0 )
|
||||
opt.key_opaque = atoi( q );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
else if( strcmp( p, "cid" ) == 0 )
|
||||
{
|
||||
opt.cid_enabled = atoi( q );
|
||||
|
@ -1094,7 +1094,7 @@ int main( int argc, char *argv[] )
|
|||
{
|
||||
opt.cid_val_renego = q;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
else if( strcmp( p, "psk" ) == 0 )
|
||||
opt.psk = q;
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
@ -1516,7 +1516,7 @@ int main( int argc, char *argv[] )
|
|||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
cid_len = strlen( opt.cid_val ) / 2;
|
||||
if( cid_len > sizeof( cid ) )
|
||||
{
|
||||
|
@ -1549,7 +1549,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_printf( "CID not valid hex\n" );
|
||||
goto exit;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_ECP_C)
|
||||
if( opt.curves != NULL )
|
||||
|
@ -1829,7 +1829,7 @@ int main( int argc, char *argv[] )
|
|||
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
|
||||
{
|
||||
if( opt.cid_enabled == 1 &&
|
||||
|
@ -1855,7 +1855,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
if( opt.auth_mode != DFL_AUTH_MODE )
|
||||
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
|
||||
|
@ -2080,7 +2080,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_net_send, mbedtls_net_recv,
|
||||
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
{
|
||||
if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
|
||||
|
@ -2091,7 +2091,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( opt.dtls_mtu != DFL_DTLS_MTU )
|
||||
|
@ -2267,7 +2267,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_printf( "%s\n", peer_crt_info );
|
||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ret = report_cid_usage( &ssl, "initial handshake" );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
@ -2283,7 +2283,7 @@ int main( int argc, char *argv[] )
|
|||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
if( opt.renegotiate )
|
||||
|
@ -2325,11 +2325,11 @@ int main( int argc, char *argv[] )
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_RENEGOTIATION */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ret = report_cid_usage( &ssl, "after renegotiation" );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/*
|
||||
* 6. Write the GET request
|
||||
|
|
|
@ -236,7 +236,7 @@ int main( void )
|
|||
#define USAGE_SSL_ASYNC ""
|
||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define USAGE_CID \
|
||||
" cid=%%d Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
|
||||
" default: 0 (disabled)\n" \
|
||||
|
@ -246,9 +246,9 @@ int main( void )
|
|||
" default: \"\"\n" \
|
||||
" cid_val_renego=%%s The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n" \
|
||||
" default: same as 'cid_val'\n"
|
||||
#else /* MBEDTLS_SSL_CID */
|
||||
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
#define USAGE_CID ""
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
#define USAGE_PSK_RAW \
|
||||
|
@ -935,7 +935,7 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl,
|
|||
#endif /* SNI_OPTION */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) || \
|
||||
defined(MBEDTLS_SSL_CID)
|
||||
defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
|
||||
#define HEX2NUM( c ) \
|
||||
do \
|
||||
|
@ -1444,7 +1444,7 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_handle_t slot,
|
|||
}
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
int report_cid_usage( mbedtls_ssl_context *ssl,
|
||||
const char *additional_description )
|
||||
{
|
||||
|
@ -1492,7 +1492,7 @@ int report_cid_usage( mbedtls_ssl_context *ssl,
|
|||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
@ -1563,7 +1563,7 @@ int main( int argc, char *argv[] )
|
|||
unsigned char alloc_buf[MEMORY_HEAP_SIZE];
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
|
||||
unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
|
||||
size_t cid_len = 0;
|
||||
|
@ -1817,7 +1817,7 @@ int main( int argc, char *argv[] )
|
|||
opt.async_private_error = n;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
else if( strcmp( p, "cid" ) == 0 )
|
||||
{
|
||||
opt.cid_enabled = atoi( q );
|
||||
|
@ -1838,7 +1838,7 @@ int main( int argc, char *argv[] )
|
|||
{
|
||||
opt.cid_val_renego = q;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
else if( strcmp( p, "psk" ) == 0 )
|
||||
opt.psk = q;
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
@ -2323,7 +2323,7 @@ int main( int argc, char *argv[] )
|
|||
}
|
||||
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( unhexify( cid, opt.cid_val, &cid_len ) != 0 )
|
||||
{
|
||||
mbedtls_printf( "CID not valid hex\n" );
|
||||
|
@ -2342,7 +2342,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_printf( "CID not valid hex\n" );
|
||||
goto exit;
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
/*
|
||||
|
@ -2715,7 +2715,7 @@ int main( int argc, char *argv[] )
|
|||
};
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
|
||||
{
|
||||
if( opt.cid_enabled == 1 &&
|
||||
|
@ -2740,7 +2740,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
|
||||
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
|
||||
|
@ -3118,7 +3118,7 @@ int main( int argc, char *argv[] )
|
|||
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv,
|
||||
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
{
|
||||
if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
|
||||
|
@ -3129,7 +3129,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
if( opt.dtls_mtu != DFL_DTLS_MTU )
|
||||
|
@ -3408,7 +3408,7 @@ handshake:
|
|||
}
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ret = report_cid_usage( &ssl, "initial handshake" );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
|
@ -3423,7 +3423,7 @@ handshake:
|
|||
goto exit;
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
if( opt.exchanges == 0 )
|
||||
goto close_notify;
|
||||
|
@ -3635,11 +3635,11 @@ data_exchange:
|
|||
}
|
||||
#endif /* MBEDTLS_SSL_RENEGOTIATION */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ret = report_cid_usage( &ssl, "after renegotiation" );
|
||||
if( ret != 0 )
|
||||
goto exit;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
/*
|
||||
* 7. Write the 200 Response
|
||||
|
|
|
@ -1276,7 +1276,7 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
|
|||
# grep for output witnessing its use. This needs to be
|
||||
# changed once the CID extension is implemented.
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli enabled, Srv disabled" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=0" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
|
||||
|
@ -1292,7 +1292,7 @@ run_test "Connection ID: Cli enabled, Srv disabled" \
|
|||
-C "Copy CIDs into SSL transform" \
|
||||
-c "Use of Connection ID was rejected by the server"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli disabled, Srv enabled" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=0" \
|
||||
|
@ -1307,7 +1307,7 @@ run_test "Connection ID: Cli disabled, Srv enabled" \
|
|||
-C "Copy CIDs into SSL transform" \
|
||||
-s "Use of Connection ID was not offered by client"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \
|
||||
|
@ -1327,7 +1327,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \
|
||||
|
@ -1348,7 +1348,7 @@ run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
||||
-p "$P_PXY mtu=800" \
|
||||
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
|
||||
|
@ -1369,7 +1369,7 @@ run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
||||
-p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
|
||||
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
|
||||
|
@ -1390,7 +1390,7 @@ run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1" \
|
||||
|
@ -1410,7 +1410,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
|
||||
|
@ -1430,7 +1430,7 @@ run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1" \
|
||||
|
@ -1448,7 +1448,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \
|
|||
-S "Use of Connection ID has been negotiated" \
|
||||
-C "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
|
@ -1468,7 +1468,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
|
@ -1488,7 +1488,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
|
@ -1508,7 +1508,7 @@ run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
|
@ -1526,7 +1526,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
|
|||
-S "Use of Connection ID has been negotiated" \
|
||||
-C "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
|
||||
|
@ -1546,7 +1546,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC"
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
|
||||
|
@ -1566,7 +1566,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
|
||||
|
@ -1586,7 +1586,7 @@ run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
|
|||
-s "Use of Connection ID has been negotiated" \
|
||||
-c "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1" \
|
||||
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
|
||||
|
@ -1604,7 +1604,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
|
|||
-S "Use of Connection ID has been negotiated" \
|
||||
-C "Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
|
||||
|
@ -1619,7 +1619,7 @@ run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID"
|
|||
-s "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-c "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
|
||||
|
@ -1634,7 +1634,7 @@ run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \
|
|||
-s "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-c "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with different CID" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead cid_val_renego=beef renegotiation=1" \
|
||||
|
@ -1649,7 +1649,7 @@ run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with differ
|
|||
-s "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-c "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \
|
||||
-p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
|
||||
|
@ -1665,7 +1665,7 @@ run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different
|
|||
-s "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-c "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
|
||||
|
@ -1680,7 +1680,7 @@ run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \
|
|||
-C "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-S "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID" \
|
||||
"$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
|
||||
|
@ -1695,7 +1695,7 @@ run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID
|
|||
-C "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-S "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
|
@ -1711,7 +1711,7 @@ run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
|
|||
-C "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-S "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
|
||||
|
@ -1724,7 +1724,7 @@ run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \
|
|||
-c "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-s "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \
|
||||
"$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
|
||||
|
@ -1737,7 +1737,7 @@ run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \
|
|||
-c "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-s "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
|
||||
-p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
|
||||
|
@ -1751,7 +1751,7 @@ run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
|
|||
-c "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-s "(after renegotiation) Use of Connection ID has been negotiated"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
|
||||
|
@ -1767,7 +1767,7 @@ run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \
|
|||
-S "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-s "(after renegotiation) Use of Connection ID was not offered by client"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
|
@ -1784,7 +1784,7 @@ run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation"
|
|||
-S "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-s "(after renegotiation) Use of Connection ID was not offered by client"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \
|
||||
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
|
||||
|
@ -1800,7 +1800,7 @@ run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \
|
|||
-S "(after renegotiation) Use of Connection ID has been negotiated" \
|
||||
-c "(after renegotiation) Use of Connection ID was rejected by the server"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CID
|
||||
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
|
||||
run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \
|
||||
-p "$P_PXY drop=5 delay=5 duplicate=5" \
|
||||
|
|
|
@ -38,7 +38,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||
unsigned char *key0 = NULL, *key1 = NULL;
|
||||
unsigned char iv_enc[16], iv_dec[16];
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
unsigned char cid0[ SSL_CID_LEN_MIN ];
|
||||
unsigned char cid1[ SSL_CID_LEN_MIN ];
|
||||
|
||||
|
@ -47,7 +47,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||
#else
|
||||
((void) cid0_len);
|
||||
((void) cid1_len);
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
maclen = 0;
|
||||
|
||||
|
@ -246,7 +246,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||
memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) );
|
||||
memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
/* Add CID */
|
||||
memcpy( &t_in->in_cid, cid0, cid0_len );
|
||||
memcpy( &t_in->out_cid, cid1, cid1_len );
|
||||
|
@ -256,7 +256,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in,
|
|||
memcpy( &t_out->out_cid, cid0, cid0_len );
|
||||
t_out->in_cid_len = cid1_len;
|
||||
t_out->out_cid_len = cid0_len;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
cleanup:
|
||||
|
||||
|
@ -379,9 +379,9 @@ void ssl_crypt_record( int cipher_type, int hash_id,
|
|||
rec.type = 42;
|
||||
rec.ver[0] = num_records;
|
||||
rec.ver[1] = num_records;
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
rec.cid_len = 0;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
rec.buf = buf;
|
||||
rec.buf_len = buflen;
|
||||
|
@ -499,9 +499,9 @@ void ssl_crypt_record_small( int cipher_type, int hash_id,
|
|||
rec.ver[1] = offset;
|
||||
rec.buf = buf;
|
||||
rec.buf_len = buflen;
|
||||
#if defined(MBEDTLS_SSL_CID)
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
rec.cid_len = 0;
|
||||
#endif /* MBEDTLS_SSL_CID */
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
|
||||
switch( mode )
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue