Rename mbedtls_ssl_session minor_ver to tls_version

Store the TLS version instead of minor version number in tls_version. Note: struct member size changed from unsigned char to uint16_t Due to standard structure padding, the structure size does not change unless alignment is 1-byte (instead of 2-byte or more) Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is compatible on little-endian platforms, but not compatible on big-endian platforms. The enum values for the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and MBEDTLS_SSL_MINOR_VERSION_4, respectively. Note: care has been taken to preserve serialized session format, which uses only the lower byte of the TLS version. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2025-08-01 10:06:53 +03:00 · 2022-03-14 13:29:48 -04:00
parent 07c641605e
commit da7851c825
6 changed files with 18 additions and 19 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -2650,12 +2650,12 @@ static unsigned char ssl_serialized_session_header[] = {
 *                                 // configuration options which influence
 *                                 // the structure of mbedtls_ssl_session.
 *
- *    uint8_t minor_ver;           // Protocol-version. Possible values:
- *                                 // - TLS 1.2 (MBEDTLS_SSL_MINOR_VERSION_3)
+ *    uint8_t minor_ver;           // Protocol minor version. Possible values:
+ *                                 // - TLS 1.2 (3)
 *
- *    select (serialized_session.minor_ver) {
+ *    select (serialized_session.tls_version) {
 *
- *      case MBEDTLS_SSL_MINOR_VERSION_3: // TLS 1.2
+ *      case MBEDTLS_SSL_VERSION_TLS1_2:
 *        serialized_session_tls12 data;
 *
 *   };
@ -2695,14 +2695,14 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
    used += 1;
    if( used <= buf_len )
    {
-        *p++ = session->minor_ver;
+        *p++ = MBEDTLS_BYTE_0( session->tls_version );
    }

    /* Forward to version-specific serialization routine. */
-    switch( session->minor_ver )
+    switch( session->tls_version )
    {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    case MBEDTLS_SSL_MINOR_VERSION_3:
+    case MBEDTLS_SSL_VERSION_TLS1_2:
    {
        size_t remaining_len = used <= buf_len ? buf_len - used : 0;
        used += ssl_session_save_tls12( session, p, remaining_len );
@ -2768,13 +2768,13 @@ static int ssl_session_load( mbedtls_ssl_session *session,
     */
    if( 1 > (size_t)( end - p ) )
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    session->minor_ver = *p++;
+    session->tls_version = 0x0300 | *p++;

    /* Dispatch according to TLS version. */
-    switch( session->minor_ver )
+    switch( session->tls_version )
    {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    case MBEDTLS_SSL_MINOR_VERSION_3: /* TLS 1.2 */
+    case MBEDTLS_SSL_VERSION_TLS1_2:
    {
        size_t remaining_len = ( end - p );
        return( ssl_session_load_tls12( session, p, remaining_len ) );