lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Move easy ssl_set_xxx() functions to work on conf

Browse Source 
mbedtls_ssl_set_alpn_protocols
mbedtls_ssl_set_arc4_support
mbedtls_ssl_set_authmode
mbedtls_ssl_set_ciphersuites
mbedtls_ssl_set_ciphersuites_for_version
mbedtls_ssl_set_curves
mbedtls_ssl_set_dbg
mbedtls_ssl_set_dh_param
mbedtls_ssl_set_dh_param_ctx
mbedtls_ssl_set_dtls_anti_replay
mbedtls_ssl_set_dtls_badmac_limit
mbedtls_ssl_set_dtls_cookies
mbedtls_ssl_set_encrypt_then_mac
mbedtls_ssl_set_endpoint
mbedtls_ssl_set_extended_master_secret
mbedtls_ssl_set_handshake_timeout
mbedtls_ssl_legacy_renegotiation
mbedtls_ssl_set_max_version
mbedtls_ssl_set_min_version
mbedtls_ssl_set_psk_cb
mbedtls_ssl_set_renegotiation
mbedtls_ssl_set_renegotiation_enforced
mbedtls_ssl_set_renegotiation_period
mbedtls_ssl_set_session_cache
mbedtls_ssl_set_session_ticket_lifetime
mbedtls_ssl_set_sni
mbedtls_ssl_set_transport
mbedtls_ssl_set_truncated_hmac
mbedtls_ssl_set_verify
This commit is contained in:
Manuel Pégourié-Gonnard
2015-05-05 10:45:39 +02:00
parent 419d5ae419
commit d36e33fc07
15 changed files with 223 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
programs/ssl/dtls_client.c
View File

@ -181,11 +181,11 @@ int main( int argc, char *argv[] )
/* OPTIONAL is usually a bad choice for security, but makes interop easier
* in this simplified example, in which the ca chain is hardcoded.
* Production code should set a proper ca chain and use REQUIRED. */
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, SERVER_NAME );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd,
mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout,

11
programs/ssl/dtls_server.c
View File

@ -206,14 +206,13 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache,
mbedtls_ssl_cache_set, &cache );
mbedtls_ssl_set_session_cache( &conf,
mbedtls_ssl_cache_get, &cache,
mbedtls_ssl_cache_set, &cache );
#endif
mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
@ -230,7 +229,7 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_dtls_cookies( &ssl, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
&cookie_ctx );
printf( " ok\n" );

2
programs/ssl/mini_client.c
View File

@ -217,7 +217,7 @@ int main( void )
}
mbedtls_ssl_set_ca_chain( &ssl, &ca, NULL, HOSTNAME );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
#endif
/*

4
programs/ssl/ssl_client1.c
View File

@ -168,11 +168,11 @@ int main( void )
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, "mbed TLS Server 1" );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
/*

28
programs/ssl/ssl_client2.c
View File

@ -1065,15 +1065,15 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( opt.debug_level > 0 )
mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
mbedtls_ssl_set_verify( &conf, my_verify, NULL );
#endif
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_set_authmode( &ssl, opt.auth_mode );
mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max );
mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@ -1086,17 +1086,17 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
mbedtls_ssl_set_truncated_hmac( &ssl, opt.trunc_hmac );
mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
mbedtls_ssl_set_extended_master_secret( &ssl, opt.extended_ms );
mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( opt.etm != DFL_ETM )
mbedtls_ssl_set_encrypt_then_mac( &ssl, opt.etm );
mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
#endif
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
@ -1108,7 +1108,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
if( ( ret = mbedtls_ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 )
if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
goto exit;
@ -1116,7 +1116,7 @@ int main( int argc, char *argv[] )
#endif
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
if( opt.nbio == 2 )
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, my_send, my_recv, NULL,
@ -1139,15 +1139,15 @@ int main( int argc, char *argv[] )
#endif
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
if( opt.arc4 != DFL_ARC4 )
mbedtls_ssl_set_arc4_support( &ssl, opt.arc4 );
mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
mbedtls_ssl_legacy_renegotiation( &ssl, opt.allow_legacy );
mbedtls_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
mbedtls_ssl_set_renegotiation( &ssl, opt.renegotiation );
mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -1187,7 +1187,7 @@ int main( int argc, char *argv[] )
if( opt.min_version != DFL_MIN_VERSION )
{
ret = mbedtls_ssl_set_min_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected min_version is not available\n" );
@ -1197,7 +1197,7 @@ int main( int argc, char *argv[] )
if( opt.max_version != DFL_MAX_VERSION )
{
ret = mbedtls_ssl_set_max_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected max_version is not available\n" );

4
programs/ssl/ssl_fork_server.c
View File

@ -265,10 +265,8 @@ int main( void )
mbedtls_printf( " ok\n" );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio_timeout( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );

6
programs/ssl/ssl_mail_client.c
View File

@ -602,14 +602,14 @@ int main( int argc, char *argv[] )
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio_timeout( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL, 0 );
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
mbedtls_ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
if( ( ret = mbedtls_ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )

9
programs/ssl/ssl_pthread_server.c
View File

@ -176,17 +176,16 @@ static void *handle_ssl_connection( void *data )
goto thread_exit;
}
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_mutexed_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_mutexed_debug, stdout );
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
* MBEDTLS_THREADING_C is set.
*/
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, thread_info->cache,
mbedtls_ssl_cache_set, thread_info->cache );
mbedtls_ssl_set_session_cache( &conf,
mbedtls_ssl_cache_get, thread_info->cache,
mbedtls_ssl_cache_set, thread_info->cache );
#endif
mbedtls_ssl_set_ca_chain( &ssl, thread_info->ca_chain, NULL, NULL );

9
programs/ssl/ssl_server.c
View File

@ -205,14 +205,13 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache,
mbedtls_ssl_cache_set, &cache );
mbedtls_ssl_set_session_cache( &conf,
mbedtls_ssl_cache_get, &cache,
mbedtls_ssl_cache_set, &cache );
#endif
mbedtls_ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );

64
programs/ssl/ssl_server2.c
View File

@ -1534,13 +1534,12 @@ int main( int argc, char *argv[] )
goto exit;
}
mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_set_authmode( &ssl, opt.auth_mode );
mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max );
mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
@ -1553,22 +1552,22 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
mbedtls_ssl_set_truncated_hmac( &ssl, opt.trunc_hmac );
mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
mbedtls_ssl_set_extended_master_secret( &ssl, opt.extended_ms );
mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( opt.etm != DFL_ETM )
mbedtls_ssl_set_encrypt_then_mac( &ssl, opt.etm );
mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
#endif
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
if( ( ret = mbedtls_ssl_set_alpn_protocols( &ssl, alpn_list ) ) != 0 )
if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
goto exit;
@ -1576,7 +1575,7 @@ int main( int argc, char *argv[] )
#endif
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &ssl, my_debug, stdout );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
if( opt.cache_max != -1 )
@ -1585,8 +1584,9 @@ int main( int argc, char *argv[] )
if( opt.cache_timeout != -1 )
mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
mbedtls_ssl_set_session_cache( &ssl, mbedtls_ssl_cache_get, &cache,
mbedtls_ssl_cache_set, &cache );
mbedtls_ssl_set_session_cache( &conf,
mbedtls_ssl_cache_get, &cache,
mbedtls_ssl_cache_set, &cache );
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
@ -1597,7 +1597,7 @@ int main( int argc, char *argv[] )
}
if( opt.ticket_timeout != -1 )
mbedtls_ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout );
mbedtls_ssl_set_session_ticket_lifetime( &conf, opt.ticket_timeout );
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@ -1613,7 +1613,7 @@ int main( int argc, char *argv[] )
goto exit;
}
mbedtls_ssl_set_dtls_cookies( &ssl, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
&cookie_ctx );
}
else
@ -1621,7 +1621,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if( opt.cookies == 0 )
{
mbedtls_ssl_set_dtls_cookies( &ssl, NULL, NULL, NULL );
mbedtls_ssl_set_dtls_cookies( &conf, NULL, NULL, NULL );
}
else
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
@ -1631,50 +1631,50 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( opt.anti_replay != DFL_ANTI_REPLAY )
mbedtls_ssl_set_dtls_anti_replay( &ssl, opt.anti_replay );
mbedtls_ssl_set_dtls_anti_replay( &conf, opt.anti_replay );
#endif
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
if( opt.badmac_limit != DFL_BADMAC_LIMIT )
mbedtls_ssl_set_dtls_badmac_limit( &ssl, opt.badmac_limit );
mbedtls_ssl_set_dtls_badmac_limit( &conf, opt.badmac_limit );
#endif
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
if( opt.arc4 != DFL_ARC4 )
mbedtls_ssl_set_arc4_support( &ssl, opt.arc4 );
mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
if( opt.version_suites != NULL )
{
mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[0],
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[0],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_0 );
mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[1],
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[1],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_1 );
mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[2],
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[2],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_2 );
mbedtls_ssl_set_ciphersuites_for_version( &ssl, version_suites[3],
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[3],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3 );
}
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
mbedtls_ssl_legacy_renegotiation( &ssl, opt.allow_legacy );
mbedtls_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
mbedtls_ssl_set_renegotiation( &ssl, opt.renegotiation );
mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
if( opt.renego_delay != DFL_RENEGO_DELAY )
mbedtls_ssl_set_renegotiation_enforced( &ssl, opt.renego_delay );
mbedtls_ssl_set_renegotiation_enforced( &conf, opt.renego_delay );
if( opt.renego_period != DFL_RENEGO_PERIOD )
{
renego_period[7] = opt.renego_period;
mbedtls_ssl_set_renegotiation_period( &ssl, renego_period );
mbedtls_ssl_set_renegotiation_period( &conf, renego_period );
}
#endif
@ -1700,7 +1700,7 @@ int main( int argc, char *argv[] )
#if defined(SNI_OPTION)
if( opt.sni != NULL )
mbedtls_ssl_set_sni( &ssl, sni_callback, sni_info );
mbedtls_ssl_set_sni( &conf, sni_callback, sni_info );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
@ -1717,7 +1717,7 @@ int main( int argc, char *argv[] )
}
if( opt.psk_list != NULL )
mbedtls_ssl_set_psk_cb( &ssl, psk_callback, psk_info );
mbedtls_ssl_set_psk_cb( &conf, psk_callback, psk_info );
#endif
#if defined(MBEDTLS_DHM_C)
@ -1726,11 +1726,11 @@ int main( int argc, char *argv[] )
*/
#if defined(MBEDTLS_FS_IO)
if( opt.dhm_file != NULL )
ret = mbedtls_ssl_set_dh_param_ctx( &ssl, &dhm );
ret = mbedtls_ssl_set_dh_param_ctx( &conf, &dhm );
else
#endif
ret = mbedtls_ssl_set_dh_param( &ssl, MBEDTLS_DHM_RFC5114_MODP_2048_P,
MBEDTLS_DHM_RFC5114_MODP_2048_G );
ret = mbedtls_ssl_set_dh_param( &conf, MBEDTLS_DHM_RFC5114_MODP_2048_P,
MBEDTLS_DHM_RFC5114_MODP_2048_G );
if( ret != 0 )
{
@ -1741,7 +1741,7 @@ int main( int argc, char *argv[] )
if( opt.min_version != DFL_MIN_VERSION )
{
ret = mbedtls_ssl_set_min_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected min_version is not available\n" );
@ -1751,7 +1751,7 @@ int main( int argc, char *argv[] )
if( opt.max_version != DFL_MIN_VERSION )
{
ret = mbedtls_ssl_set_max_version( &ssl, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected max_version is not available\n" );