Remove the MBEDTLS_SSL_RECORD_CHECKING option
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
This commit is contained in:
TRodziewicz
parent
90b50f485e
commit
102c89ed65
2
ChangeLog.d/issue4361.txt
Normal file
2
ChangeLog.d/issue4361.txt
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
Removals
|
||||||
|
* Remove the MBEDTLS_SSL_RECORD_CHECKING option. Fixes #4361.
|
||||||
@ -1467,20 +1467,6 @@
|
|||||||
*/
|
*/
|
||||||
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
|
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
|
||||||
|
|
||||||
/**
|
|
||||||
* \def MBEDTLS_SSL_RECORD_CHECKING
|
|
||||||
*
|
|
||||||
* Enable the function mbedtls_ssl_check_record() which can be used to check
|
|
||||||
* the validity and authenticity of an incoming record, to verify that it has
|
|
||||||
* not been seen before. These checks are performed without modifying the
|
|
||||||
* externally visible state of the SSL context.
|
|
||||||
*
|
|
||||||
* See mbedtls_ssl_check_record() for more information.
|
|
||||||
*
|
|
||||||
* Uncomment to enable support for record checking.
|
|
||||||
*/
|
|
||||||
#define MBEDTLS_SSL_RECORD_CHECKING
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def MBEDTLS_SSL_DTLS_CONNECTION_ID
|
* \def MBEDTLS_SSL_DTLS_CONNECTION_ID
|
||||||
*
|
*
|
||||||
|
|||||||
@ -1795,7 +1795,6 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl,
|
|||||||
*/
|
*/
|
||||||
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
|
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
/**
|
/**
|
||||||
* \brief Check whether a buffer contains a valid and authentic record
|
* \brief Check whether a buffer contains a valid and authentic record
|
||||||
* that has not been seen before. (DTLS only).
|
* that has not been seen before. (DTLS only).
|
||||||
@ -1843,7 +1842,6 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
|
|||||||
int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
|
int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
|
||||||
unsigned char *buf,
|
unsigned char *buf,
|
||||||
size_t buflen );
|
size_t buflen );
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Set the timer callbacks (Mandatory for DTLS.)
|
* \brief Set the timer callbacks (Mandatory for DTLS.)
|
||||||
|
|||||||
@ -86,7 +86,6 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl )
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
|
||||||
unsigned char *buf,
|
unsigned char *buf,
|
||||||
size_t len,
|
size_t len,
|
||||||
@ -150,7 +149,6 @@ exit:
|
|||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
|
|
||||||
#define SSL_DONT_FORCE_FLUSH 0
|
#define SSL_DONT_FORCE_FLUSH 0
|
||||||
#define SSL_FORCE_FLUSH 1
|
#define SSL_FORCE_FLUSH 1
|
||||||
|
|||||||
@ -468,9 +468,6 @@ static const char * const features[] = {
|
|||||||
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
|
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
|
||||||
"MBEDTLS_SSL_ALL_ALERT_MESSAGES",
|
"MBEDTLS_SSL_ALL_ALERT_MESSAGES",
|
||||||
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
|
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
"MBEDTLS_SSL_RECORD_CHECKING",
|
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||||
"MBEDTLS_SSL_DTLS_CONNECTION_ID",
|
"MBEDTLS_SSL_DTLS_CONNECTION_ID",
|
||||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||||
|
|||||||
@ -159,7 +159,6 @@ int dtls_srtp_key_derivation( void *p_expkey,
|
|||||||
|
|
||||||
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
|
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
int ssl_check_record( mbedtls_ssl_context const *ssl,
|
int ssl_check_record( mbedtls_ssl_context const *ssl,
|
||||||
unsigned char const *buf, size_t len )
|
unsigned char const *buf, size_t len )
|
||||||
{
|
{
|
||||||
@ -220,7 +219,6 @@ int ssl_check_record( mbedtls_ssl_context const *ssl,
|
|||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
|
|
||||||
int recv_cb( void *ctx, unsigned char *buf, size_t len )
|
int recv_cb( void *ctx, unsigned char *buf, size_t len )
|
||||||
{
|
{
|
||||||
@ -241,10 +239,8 @@ int recv_cb( void *ctx, unsigned char *buf, size_t len )
|
|||||||
/* Here's the place to do any datagram/record checking
|
/* Here's the place to do any datagram/record checking
|
||||||
* in between receiving the packet from the underlying
|
* in between receiving the packet from the underlying
|
||||||
* transport and passing it on to the TLS stack. */
|
* transport and passing it on to the TLS stack. */
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
|
if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
|
||||||
return( -1 );
|
return( -1 );
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return( (int) recv_len );
|
return( (int) recv_len );
|
||||||
@ -267,10 +263,8 @@ int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
|
|||||||
/* Here's the place to do any datagram/record checking
|
/* Here's the place to do any datagram/record checking
|
||||||
* in between receiving the packet from the underlying
|
* in between receiving the packet from the underlying
|
||||||
* transport and passing it on to the TLS stack. */
|
* transport and passing it on to the TLS stack. */
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
|
if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
|
||||||
return( -1 );
|
return( -1 );
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return( (int) recv_len );
|
return( (int) recv_len );
|
||||||
|
|||||||
@ -1299,14 +1299,6 @@ int query_config( const char *config )
|
|||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
|
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_RECORD_CHECKING)
|
|
||||||
if( strcmp( "MBEDTLS_SSL_RECORD_CHECKING", config ) == 0 )
|
|
||||||
{
|
|
||||||
MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RECORD_CHECKING );
|
|
||||||
return( 0 );
|
|
||||||
}
|
|
||||||
#endif /* MBEDTLS_SSL_RECORD_CHECKING */
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||||
if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 )
|
if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 )
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user