lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version

Browse Source 
Store the TLS version in tls_version instead of major, minor version num

Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.

Reduce size of mbedtls_ssl_ciphersuite_t

members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
Glenn Strauss
2022-03-14 19:04:24 -04:00
parent 2dfcea2b9d
commit 60bfe60d0f
14 changed files with 489 additions and 709 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
programs/ssl/ssl_server2.c
View File

@ -2164,14 +2164,14 @@ int main( int argc, char *argv[] )
mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
if( opt.max_version != -1 &&
ciphersuite_info->min_minor_ver > opt.max_version )
( ciphersuite_info->min_tls_version & 0xFF ) > opt.max_version )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
goto usage;
}
if( opt.min_version != -1 &&
ciphersuite_info->max_minor_ver < opt.min_version )
( ciphersuite_info->max_tls_version & 0xFF ) < opt.min_version )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
@ -2181,13 +2181,13 @@ int main( int argc, char *argv[] )
/* If we select a version that's not supported by
* this suite, then there will be no common ciphersuite... */
if( opt.max_version == -1 ||
opt.max_version > ciphersuite_info->max_minor_ver )
opt.max_version > ( ciphersuite_info->max_tls_version & 0xFF ) )
{
opt.max_version = ciphersuite_info->max_minor_ver;
opt.max_version = ( ciphersuite_info->max_tls_version & 0xFF );
}
if( opt.min_version < ciphersuite_info->min_minor_ver )
if( opt.min_version < ( ciphersuite_info->min_tls_version & 0xFF ) )
{
opt.min_version = ciphersuite_info->min_minor_ver;
opt.min_version = ( ciphersuite_info->min_tls_version & 0xFF );
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)