AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rename ssl_set_xxx() to ssl_conf_xxx()

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-05-11 09:50:24 +02:00
parent 22bfa4bb53
commit 6729e79482
18 changed files with 296 additions and 296 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
include/mbedtls/compat-1.3.h
View File

@ -2443,7 +2443,7 @@
#define ssl_hw_record_write mbedtls_ssl_hw_record_write
#define ssl_init mbedtls_ssl_init
#define ssl_key_cert mbedtls_ssl_key_cert
#define ssl_legacy_renegotiation mbedtls_set_ssl_legacy_renegotiation
#define ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
#define ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
#define ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
#define ssl_optimize_checksum mbedtls_ssl_optimize_checksum
@ -2471,49 +2471,49 @@
#define ssl_session_free mbedtls_ssl_session_free
#define ssl_session_init mbedtls_ssl_session_init
#define ssl_session_reset mbedtls_ssl_session_reset
#define ssl_set_alpn_protocols mbedtls_ssl_set_alpn_protocols
#define ssl_set_arc4_support mbedtls_ssl_set_arc4_support
#define ssl_set_authmode mbedtls_ssl_set_authmode
#define ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
#define ssl_set_authmode mbedtls_ssl_conf_authmode
#define ssl_set_bio mbedtls_ssl_set_bio
#define ssl_set_bio mbedtls_ssl_set_bio_timeout
#define ssl_set_ca_chain mbedtls_ssl_set_ca_chain
#define ssl_set_cbc_record_splitting mbedtls_ssl_set_cbc_record_splitting
#define ssl_set_ciphersuites mbedtls_ssl_set_ciphersuites
#define ssl_set_ciphersuites_for_version mbedtls_ssl_set_ciphersuites_for_version
#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
#define ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
#define ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
#define ssl_set_curves mbedtls_ssl_set_curves
#define ssl_set_dbg mbedtls_ssl_set_dbg
#define ssl_set_dh_param mbedtls_ssl_set_dh_param
#define ssl_set_dh_param_ctx mbedtls_ssl_set_dh_param_ctx
#define ssl_set_dtls_anti_replay mbedtls_ssl_set_dtls_anti_replay
#define ssl_set_dtls_badmac_limit mbedtls_ssl_set_dtls_badmac_limit
#define ssl_set_dtls_cookies mbedtls_ssl_set_dtls_cookies
#define ssl_set_encrypt_then_mac mbedtls_ssl_set_encrypt_then_mac
#define ssl_set_endpoint mbedtls_ssl_set_endpoint
#define ssl_set_extended_master_secret mbedtls_ssl_set_extended_master_secret
#define ssl_set_fallback mbedtls_ssl_set_fallback
#define ssl_set_handshake_timeout mbedtls_ssl_set_handshake_timeout
#define ssl_set_curves mbedtls_ssl_conf_curves
#define ssl_set_dbg mbedtls_ssl_conf_dbg
#define ssl_set_dh_param mbedtls_ssl_conf_dh_param
#define ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
#define ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
#define ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
#define ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
#define ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
#define ssl_set_endpoint mbedtls_ssl_conf_endpoint
#define ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
#define ssl_set_fallback mbedtls_ssl_conf_fallback
#define ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
#define ssl_set_hostname mbedtls_ssl_set_hostname
#define ssl_set_max_frag_len mbedtls_ssl_set_max_frag_len
#define ssl_set_max_version mbedtls_ssl_set_max_version
#define ssl_set_min_version mbedtls_ssl_set_min_version
#define ssl_set_own_cert mbedtls_ssl_set_own_cert
#define ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
#define ssl_set_max_version mbedtls_ssl_conf_max_version
#define ssl_set_min_version mbedtls_ssl_conf_min_version
#define ssl_set_own_cert mbedtls_ssl_conf_own_cert
#define ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt
#define ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa
#define ssl_set_psk mbedtls_ssl_set_psk
#define ssl_set_psk_cb mbedtls_ssl_set_psk_cb
#define ssl_set_renegotiation mbedtls_ssl_set_renegotiation
#define ssl_set_renegotiation_enforced mbedtls_ssl_set_renegotiation_enforced
#define ssl_set_renegotiation_period mbedtls_ssl_set_renegotiation_period
#define ssl_set_rng mbedtls_ssl_set_rng
#define ssl_set_psk mbedtls_ssl_conf_psk
#define ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
#define ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
#define ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
#define ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
#define ssl_set_rng mbedtls_ssl_conf_rng
#define ssl_set_session mbedtls_ssl_set_session
#define ssl_set_session_cache mbedtls_ssl_set_session_cache
#define ssl_set_session_ticket_lifetime mbedtls_ssl_set_session_ticket_lifetime
#define ssl_set_session_tickets mbedtls_ssl_set_session_tickets
#define ssl_set_sni mbedtls_ssl_set_sni
#define ssl_set_transport mbedtls_ssl_set_transport
#define ssl_set_truncated_hmac mbedtls_ssl_set_truncated_hmac
#define ssl_set_verify mbedtls_ssl_set_verify
#define ssl_set_session_cache mbedtls_ssl_conf_session_cache
#define ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime
#define ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
#define ssl_set_sni mbedtls_ssl_conf_sni
#define ssl_set_transport mbedtls_ssl_conf_transport
#define ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
#define ssl_set_verify mbedtls_ssl_conf_verify
#define ssl_sig_from_pk mbedtls_ssl_sig_from_pk
#define ssl_states mbedtls_ssl_states
#define ssl_ticket_keys mbedtls_ssl_ticket_keys

10
include/mbedtls/config.h
View File

@ -361,7 +361,7 @@
* Remove RC4 ciphersuites by default in SSL / TLS.
* This flag removes the ciphersuites based on RC4 from the default list as
* returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
* enable (some of) them with mbedtls_ssl_set_ciphersuites() by including them
* enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
* explicitly.
*
* Uncomment this macro to remove RC4 ciphersuites by default.
@ -1064,7 +1064,7 @@
* MBEDTLS_SSL_PROTO_DTLS
*
* \warning Disabling this is often a security risk!
* See mbedtls_ssl_set_dtls_anti_replay() for details.
* See mbedtls_ssl_conf_dtls_anti_replay() for details.
*
* Comment this to disable anti-replay in DTLS.
*/
@ -1094,7 +1094,7 @@
*
* Enable support for a limit of records with bad MAC.
*
* See mbedtls_ssl_set_dtls_badmac_limit().
* See mbedtls_ssl_conf_dtls_badmac_limit().
*
* Requires: MBEDTLS_SSL_PROTO_DTLS
*/
@ -1136,14 +1136,14 @@
/**
* \def MBEDTLS_SSL_SET_CURVES
*
* Enable mbedtls_ssl_set_curves().
* Enable mbedtls_ssl_conf_curves().
*
* This is disabled by default since it breaks binary compatibility with the
* 1.3.x line. If you choose to enable it, you will need to rebuild your
* application against the new header files, relinking will not be enough.
* It will be enabled by default, or no longer an option, in the 1.4 branch.
*
* Uncomment to make mbedtls_ssl_set_curves() available.
* Uncomment to make mbedtls_ssl_conf_curves() available.
*/
//#define MBEDTLS_SSL_SET_CURVES

94
include/mbedtls/ssl.h
View File

@ -789,7 +789,7 @@ struct mbedtls_ssl_flight_item
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/**
* SSL/TLS configuration to be shared between ssl_context structures.
* SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
*/
typedef struct
{
@ -1179,7 +1179,7 @@ int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
* \param conf SSL configuration
* \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
*/
void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint );
void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
/**
* \brief Set the transport type (TLS or DTLS).
@ -1193,9 +1193,9 @@ void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint );
*
* \note For DTLS, you must either provide a recv callback that
* doesn't block, or one that handles timeouts, see
* mbedtls_ssl_set_bio()
* mbedtls_ssl_conf_bio()
*/
int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport );
int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
/**
* \brief Set the certificate verification mode
@ -1222,7 +1222,7 @@ int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport );
* the verification as soon as possible. For example, REQUIRED was protecting
* against the "triple handshake" attack even before it was found.
*/
void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode );
void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
@ -1236,7 +1236,7 @@ void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode );
* \param f_vrfy verification function
* \param p_vrfy verification parameter
*/
void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
void *p_vrfy );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -1248,7 +1248,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
* \param f_rng RNG function
* \param p_rng RNG parameter
*/
void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@ -1259,7 +1259,7 @@ void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
* \param f_dbg debug function
* \param p_dbg debug parameter
*/
void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
void (*f_dbg)(void *, int, const char *),
void *p_dbg );
@ -1296,7 +1296,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
* \note With blocking I/O, this will only work if a non-NULL
* \c f_recv_timeout was set with \c mbedtls_ssl_set_bio().
*/
void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
/**
@ -1376,7 +1376,7 @@ typedef int mbedtls_ssl_cookie_check_t( void *ctx,
* \param f_cookie_check Cookie check callback
* \param p_cookie Context for both callbacks
*/
void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
mbedtls_ssl_cookie_write_t *f_cookie_write,
mbedtls_ssl_cookie_check_t *f_cookie_check,
void *p_cookie );
@ -1398,7 +1398,7 @@ void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
* packets and needs information about them to adjust its
* transmission strategy, then you'll want to disable this.
*/
void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
@ -1425,7 +1425,7 @@ void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
* might make us waste resources checking authentication on
* many bogus packets.
*/
void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@ -1445,7 +1445,7 @@ void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit
* handshake latency. Lower values may increase the risk of
* network congestion by causing more retransmissions.
*/
void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_SRV_C)
@ -1486,7 +1486,7 @@ void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min,
* \param f_get_cache session get callback
* \param f_set_cache session set callback
*/
void mbedtls_ssl_set_session_cache( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
void *p_cache,
int (*f_get_cache)(void *, mbedtls_ssl_session *),
int (*f_set_cache)(void *, const mbedtls_ssl_session *) );
@ -1522,7 +1522,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
* \param conf SSL configuration
* \param ciphersuites 0-terminated list of allowed ciphersuites
*/
void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites );
/**
@ -1541,7 +1541,7 @@ void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
* \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0
* and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
const int *ciphersuites,
int major, int minor );
@ -1553,7 +1553,7 @@ void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs
*/
void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
mbedtls_x509_crt *ca_chain,
mbedtls_x509_crl *ca_crl );
@ -1580,7 +1580,7 @@ void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
*
* \return 0 on success or MBEDTLS_ERR_SSL_MALLOC_FAILED
*/
int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
mbedtls_pk_context *pk_key );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
@ -1590,7 +1590,7 @@ int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
* \brief Set the Pre Shared Key (PSK) and the expected identity name
*
* \note This is mainly useful for clients. Servers will usually
* want to use \c mbedtls_ssl_set_psk_cb() instead.
* want to use \c mbedtls_ssl_conf_psk_cb() instead.
*
* \param conf SSL configuration
* \param psk pointer to the pre-shared key
@ -1600,7 +1600,7 @@ int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
*
* \return 0 if successful or MBEDTLS_ERR_SSL_MALLOC_FAILED
*/
int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
const unsigned char *psk, size_t psk_len,
const unsigned char *psk_identity, size_t psk_identity_len );
@ -1609,7 +1609,7 @@ int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
* \brief Set the Pre Shared Key (PSK) for the current handshake
*
* \note This should only be called inside the PSK callback,
* ie the function passed to \c mbedtls_ssl_set_psk_cb().
* ie the function passed to \c mbedtls_ssl_conf_psk_cb().
*
* \param ssl SSL context
* \param psk pointer to the pre-shared key
@ -1638,13 +1638,13 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
*
* \note If you set a PSK callback using this function, then you
* don't need to set a PSK key and identity using
* \c mbedtls_ssl_set_psk().
* \c mbedtls_ssl_conf_psk().
*
* \param conf SSL configuration
* \param f_psk PSK identity function
* \param p_psk PSK identity parameter
*/
void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
void *p_psk );
@ -1662,7 +1662,7 @@ void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
*
* \return 0 if successful
*/
int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G );
int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G );
/**
* \brief Set the Diffie-Hellman public P and G values,
@ -1673,7 +1673,7 @@ int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const
*
* \return 0 if successful
*/
int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
#endif /* MBEDTLS_DHM_C */
#if defined(MBEDTLS_SSL_SET_CURVES)
@ -1695,7 +1695,7 @@ int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
* \param curves Ordered list of allowed curves,
* terminated by MBEDTLS_ECP_DP_NONE.
*/
void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
#endif /* MBEDTLS_SSL_SET_CURVES */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@ -1716,7 +1716,7 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
/**
* \brief Set own certificate and key for the current handshake
*
* \note Same as \c mbedtls_ssl_set_own_cert() but for use within
* \note Same as \c mbedtls_ssl_conf_own_cert() but for use within
* the SNI callback.
*
* \param ssl SSL context
@ -1733,7 +1733,7 @@ int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
* \brief Set the data required to verify peer certificate for the
* current handshake
*
* \note Same as \c mbedtls_ssl_set_ca_chain() but for use within
* \note Same as \c mbedtls_ssl_conf_ca_chain() but for use within
* the SNI callback.
*
* \param ssl SSL context
@ -1764,7 +1764,7 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
* \param f_sni verification function
* \param p_sni verification parameter
*/
void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
void *p_sni );
@ -1780,7 +1780,7 @@ void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
*
* \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
*/
int mbedtls_ssl_set_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
/**
* \brief Get the name of the negotiated Application Layer Protocol.
@ -1811,7 +1811,7 @@ const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
* \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
* MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor );
int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
/**
* \brief Set the minimum accepted SSL/TLS protocol version
@ -1832,7 +1832,7 @@ int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor
* \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
* MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor );
int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
/**
@ -1854,7 +1854,7 @@ int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor
* \param conf SSL configuration
* \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
*/
void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback );
void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
@ -1869,7 +1869,7 @@ void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback );
* \param conf SSL configuration
* \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
*/
void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
@ -1884,7 +1884,7 @@ void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
* \param conf SSL configuration
* \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
*/
void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems );
void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
/**
@ -1900,7 +1900,7 @@ void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems
* \param conf SSL configuration
* \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
*/
void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 );
void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 );
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
/**
@ -1918,7 +1918,7 @@ void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 );
*
* \return O if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
*/
int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
@ -1932,7 +1932,7 @@ int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_co
*
* \return Always 0.
*/
int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
@ -1947,7 +1947,7 @@ int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
* \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or
* MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
*/
void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
@ -1956,7 +1956,7 @@ void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split
* (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED on client,
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED on server)
*
* \note On server, mbedtls_ssl_set_rng() must be called before this function
* \note On server, mbedtls_ssl_conf_rng() must be called before this function
* to allow generating the ticket encryption and
* authentication keys.
*
@ -1967,7 +1967,7 @@ void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split
* \return O if successful,
* or a specific error code (server only).
*/
int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
int mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
/**
* \brief Set session ticket lifetime (server only)
@ -1976,7 +1976,7 @@ int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
* \param conf SSL configuration
* \param lifetime session ticket lifetime
*/
void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime );
void mbedtls_ssl_conf_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime );
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
@ -1993,7 +1993,7 @@ void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int life
* \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
* MBEDTLS_SSL_RENEGOTIATION_DISABLED)
*/
void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@ -2023,7 +2023,7 @@ void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation
* SSL_ALLOW_LEGACY_RENEGOTIATION or
* MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
*/
void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
@ -2063,7 +2063,7 @@ void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_l
* enforce renegotiation, or a non-negative value to enforce
* it but allow for a grace period of max_records records.
*/
void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
/**
* \brief Set record counter threshold for periodic renegotiation.
@ -2082,7 +2082,7 @@ void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_r
* \param period The threshold value: a big-endian 64-bit number.
* Set to 2^64 - 1 to disable periodic renegotiation
*/
void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
const unsigned char period[8] );
#endif /* MBEDTLS_SSL_RENEGOTIATION */
@ -2295,7 +2295,7 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
*
* \param conf SSL configuration context
*
* \note See \c mbedtls_ssl_set_transport() for notes on DTLS.
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
*
* \return 0 if successful, or
* MBEDTLS_ERR_XXX_ALLOC_FAILED on memorr allocation error.

2
library/ssl_srv.c
View File

@ -377,7 +377,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
return( 0 );
}
void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
mbedtls_ssl_cookie_write_t *f_cookie_write,
mbedtls_ssl_cookie_check_t *f_cookie_check,
void *p_cookie )

78
library/ssl_tls.c
View File

@ -1952,7 +1952,7 @@ static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
ssl->in_msglen );
mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec,
ssl->in_msg + ssl->in_msglen );
/* Call md_process at least once due to cache attacks */
/* Call mbedtls_md_process at least once due to cache attacks */
for( j = 0; j < extra_run + 1; j++ )
mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg );
@ -5180,12 +5180,12 @@ static int ssl_ticket_keys_init( mbedtls_ssl_config *conf )
/*
* SSL set accessors
*/
void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint )
void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint )
{
conf->endpoint = endpoint;
}
int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport )
int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
{
conf->transport = transport;
@ -5193,34 +5193,34 @@ int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport )
}
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
{
conf->anti_replay = mode;
}
#endif
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
{
conf->badmac_limit = limit;
}
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
{
conf->hs_timeout_min = min;
conf->hs_timeout_max = max;
}
#endif
void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode )
void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode )
{
conf->authmode = authmode;
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
void *p_vrfy )
{
@ -5229,7 +5229,7 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@ -5237,7 +5237,7 @@ void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
conf->p_rng = p_rng;
}
void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
void (*f_dbg)(void *, int, const char *),
void *p_dbg )
{
@ -5257,13 +5257,13 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
ssl->f_recv_timeout = f_recv_timeout;
}
void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
{
conf->read_timeout = timeout;
}
#if defined(MBEDTLS_SSL_SRV_C)
void mbedtls_ssl_set_session_cache( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
void *p_cache,
int (*f_get_cache)(void *, mbedtls_ssl_session *),
int (*f_set_cache)(void *, const mbedtls_ssl_session *) )
@ -5296,7 +5296,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
}
#endif /* MBEDTLS_SSL_CLI_C */
void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites )
{
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
@ -5305,7 +5305,7 @@ void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
}
void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
const int *ciphersuites,
int major, int minor )
{
@ -5350,14 +5350,14 @@ static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
return( 0 );
}
int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
mbedtls_pk_context *pk_key )
{
return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) );
}
void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
mbedtls_x509_crt *ca_chain,
mbedtls_x509_crl *ca_crl )
{
@ -5385,7 +5385,7 @@ void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
const unsigned char *psk, size_t psk_len,
const unsigned char *psk_identity, size_t psk_identity_len )
{
@ -5443,7 +5443,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
return( 0 );
}
void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
void *p_psk )
@ -5454,7 +5454,7 @@ void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_DHM_C)
int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
{
int ret;
@ -5469,7 +5469,7 @@ int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const
return( 0 );
}
int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
{
int ret;
@ -5489,7 +5489,7 @@ int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
/*
* Set the allowed elliptic curves
*/
void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
const mbedtls_ecp_group_id *curve_list )
{
conf->curve_list = curve_list;
@ -5523,7 +5523,7 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )
#endif
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
int (*f_sni)(void *, mbedtls_ssl_context *,
const unsigned char *, size_t),
void *p_sni )
@ -5534,7 +5534,7 @@ void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_SSL_ALPN)
int mbedtls_ssl_set_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
{
size_t cur_len, tot_len;
const char **p;
@ -5588,7 +5588,7 @@ static int ssl_check_version( const mbedtls_ssl_config *conf,
return( 0 );
}
int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor )
int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
{
if( ssl_check_version( conf, major, minor ) != 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -5599,7 +5599,7 @@ int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor
return( 0 );
}
int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor )
int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
{
if( ssl_check_version( conf, major, minor ) != 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@ -5611,33 +5611,33 @@ int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor
}
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback )
void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
{
conf->fallback = fallback;
}
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
{
conf->encrypt_then_mac = etm;
}
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems )
void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems )
{
conf->extended_ms = ems;
}
#endif
void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 )
void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 )
{
conf->arc4_disabled = arc4;
}
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
{
if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
mfl_code_to_length[mfl_code] > MBEDTLS_SSL_MAX_CONTENT_LEN )
@ -5652,7 +5652,7 @@ int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_co
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
{
conf->trunc_hmac = truncate;
@ -5661,29 +5661,29 @@ int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
{
conf->cbc_record_splitting = split;
}
#endif
void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
{
conf->allow_legacy_renegotiation = allow_legacy;
}
#if defined(MBEDTLS_SSL_RENEGOTIATION)
void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
{
conf->disable_renegotiation = renegotiation;
}
void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
{
conf->renego_max_records = max_records;
}
void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
const unsigned char period[8] )
{
memcpy( conf->renego_period, period, 8 );
@ -5691,7 +5691,7 @@ void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
#endif /* MBEDTLS_SSL_RENEGOTIATION */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
int mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
{
conf->session_tickets = use_tickets;
@ -5706,7 +5706,7 @@ int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
return( ssl_ticket_keys_init( conf ) );
}
void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
void mbedtls_ssl_conf_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
{
conf->ticket_lifetime = lifetime;
}
@ -6735,7 +6735,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
if( endpoint == MBEDTLS_SSL_IS_SERVER )
{
if( ( ret = mbedtls_ssl_set_dh_param( conf,
if( ( ret = mbedtls_ssl_conf_dh_param( conf,
MBEDTLS_DHM_RFC5114_MODP_2048_P,
MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 )
{

8
programs/ssl/dtls_client.c
View File

@ -179,16 +179,16 @@ int main( int argc, char *argv[] )
/* OPTIONAL is usually a bad choice for security, but makes interop easier
* in this simplified example, in which the ca chain is hardcoded.
* Production code should set a proper ca chain and use REQUIRED. */
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd,
mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout );

16
programs/ssl/dtls_server.c
View File

@ -206,19 +206,19 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_set_session_cache( &conf, &cache,
mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
#endif
mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
@ -229,7 +229,7 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
&cookie_ctx );
printf( " ok\n" );
@ -275,7 +275,7 @@ reset:
sizeof( client_ip ) ) ) != 0 )
{
printf( " failed\n ! "
"ssl_set_client_tranport_id() returned -0x%x\n\n", -ret );
"ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
goto exit;
}

8
programs/ssl/mini_client.c
View File

@ -203,10 +203,10 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ),
mbedtls_ssl_conf_psk( &ssl, psk, sizeof( psk ),
(const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
#endif
@ -217,13 +217,13 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_ca_chain( &conf, &ca, NULL );
mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL );
if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 )
{
ret = hostname_failed;
goto exit;
}
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
#endif
/*

8
programs/ssl/ssl_client1.c
View File

@ -168,16 +168,16 @@ int main( void )
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_set_hostname( &ssl, "mbed TLS Server 1" ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
/*

58
programs/ssl/ssl_client2.c
View File

@ -1065,58 +1065,58 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( opt.debug_level > 0 )
mbedtls_ssl_set_verify( &conf, my_verify, NULL );
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
#endif
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
if( ( ret = mbedtls_ssl_set_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( opt.etm != DFL_ETM )
mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
#endif
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
if( opt.recsplit != DFL_RECSPLIT )
mbedtls_ssl_set_cbc_record_splitting( &conf, opt.recsplit
mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit
? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
: MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
#endif
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
if( opt.nbio == 2 )
mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv, NULL );
@ -1128,40 +1128,40 @@ int main( int argc, char *argv[] )
NULL
#endif
);
mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout );
mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session_tickets returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
if( opt.arc4 != DFL_ARC4 )
mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
mbedtls_set_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
}
if( strcmp( opt.crt_file, "none" ) != 0 &&
strcmp( opt.key_file, "none" ) != 0 )
{
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
}
@ -1173,18 +1173,18 @@ int main( int argc, char *argv[] )
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( ( ret = mbedtls_ssl_set_psk( &conf, psk, psk_len,
if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
(const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_psk returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.min_version != DFL_MIN_VERSION )
{
ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected min_version is not available\n" );
@ -1194,7 +1194,7 @@ int main( int argc, char *argv[] )
if( opt.max_version != DFL_MAX_VERSION )
{
ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected max_version is not available\n" );
@ -1204,7 +1204,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
if( opt.fallback != DFL_FALLBACK )
mbedtls_ssl_set_fallback( &conf, opt.fallback );
mbedtls_ssl_conf_fallback( &conf, opt.fallback );
#endif
mbedtls_printf( " ok\n" );
@ -1520,7 +1520,7 @@ reconnect:
if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session returned %d\n\n", ret );
goto exit;
}

10
programs/ssl/ssl_fork_server.c
View File

@ -265,14 +265,14 @@ int main( void )
mbedtls_printf( " ok\n" );
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}

14
programs/ssl/ssl_mail_client.c
View File

@ -602,24 +602,24 @@ int main( int argc, char *argv[] )
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}

12
programs/ssl/ssl_pthread_server.c
View File

@ -176,22 +176,22 @@ static void *handle_ssl_connection( void *data )
goto thread_exit;
}
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_mutexed_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout );
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
* MBEDTLS_THREADING_C is set.
*/
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_set_session_cache( &conf,
mbedtls_ssl_conf_session_cache( &conf,
mbedtls_ssl_cache_get, thread_info->cache,
mbedtls_ssl_cache_set, thread_info->cache );
#endif
mbedtls_ssl_set_ca_chain( &conf, thread_info->ca_chain, NULL );
if( ( ret = mbedtls_ssl_set_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
mbedtls_ssl_conf_ca_chain( &conf, thread_info->ca_chain, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto thread_exit;
}

12
programs/ssl/ssl_server.c
View File

@ -205,19 +205,19 @@ int main( void )
goto exit;
}
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
mbedtls_ssl_set_session_cache( &conf, &cache,
mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
#endif
mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}

88
programs/ssl/ssl_server2.c
View File

@ -1534,47 +1534,47 @@ int main( int argc, char *argv[] )
}
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
if( ( ret = mbedtls_ssl_set_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
goto exit;
};
#endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( opt.etm != DFL_ETM )
mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
#endif
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
if( opt.cache_max != -1 )
@ -1583,20 +1583,20 @@ int main( int argc, char *argv[] )
if( opt.cache_timeout != -1 )
mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
mbedtls_ssl_set_session_cache( &conf, &cache,
mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session_tickets returned %d\n\n", ret );
goto exit;
}
if( opt.ticket_timeout != -1 )
mbedtls_ssl_set_session_ticket_lifetime( &conf, opt.ticket_timeout );
mbedtls_ssl_conf_session_ticket_lifetime( &conf, opt.ticket_timeout );
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@ -1612,7 +1612,7 @@ int main( int argc, char *argv[] )
goto exit;
}
mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
&cookie_ctx );
}
else
@ -1620,7 +1620,7 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if( opt.cookies == 0 )
{
mbedtls_ssl_set_dtls_cookies( &conf, NULL, NULL, NULL );
mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL );
}
else
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
@ -1630,50 +1630,50 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( opt.anti_replay != DFL_ANTI_REPLAY )
mbedtls_ssl_set_dtls_anti_replay( &conf, opt.anti_replay );
mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay );
#endif
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
if( opt.badmac_limit != DFL_BADMAC_LIMIT )
mbedtls_ssl_set_dtls_badmac_limit( &conf, opt.badmac_limit );
mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit );
#endif
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
if( opt.arc4 != DFL_ARC4 )
mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
if( opt.version_suites != NULL )
{
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[0],
mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_0 );
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[1],
mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_1 );
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[2],
mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_2 );
mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[3],
mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3 );
}
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
mbedtls_set_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
if( opt.renego_delay != DFL_RENEGO_DELAY )
mbedtls_ssl_set_renegotiation_enforced( &conf, opt.renego_delay );
mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay );
if( opt.renego_period != DFL_RENEGO_PERIOD )
{
renego_period[7] = opt.renego_period;
mbedtls_ssl_set_renegotiation_period( &conf, renego_period );
mbedtls_ssl_conf_renegotiation_period( &conf, renego_period );
}
#endif
@ -1681,42 +1681,42 @@ int main( int argc, char *argv[] )
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
}
if( key_cert_init )
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
if( key_cert_init2 )
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(SNI_OPTION)
if( opt.sni != NULL )
mbedtls_ssl_set_sni( &conf, sni_callback, sni_info );
mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
{
ret = mbedtls_ssl_set_psk( &conf, psk, psk_len,
ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
(const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) );
if( ret != 0 )
{
mbedtls_printf( " failed\n mbedtls_ssl_set_psk returned -0x%04X\n\n", - ret );
mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
goto exit;
}
}
if( opt.psk_list != NULL )
mbedtls_ssl_set_psk_cb( &conf, psk_callback, psk_info );
mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
#endif
#if defined(MBEDTLS_DHM_C)
@ -1725,18 +1725,18 @@ int main( int argc, char *argv[] )
*/
#if defined(MBEDTLS_FS_IO)
if( opt.dhm_file != NULL )
ret = mbedtls_ssl_set_dh_param_ctx( &conf, &dhm );
ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm );
#endif
if( ret != 0 )
{
mbedtls_printf( " failed\n mbedtls_ssl_set_dh_param returned -0x%04X\n\n", - ret );
mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret );
goto exit;
}
#endif
if( opt.min_version != DFL_MIN_VERSION )
{
ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected min_version is not available\n" );
@ -1746,7 +1746,7 @@ int main( int argc, char *argv[] )
if( opt.max_version != DFL_MIN_VERSION )
{
ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected max_version is not available\n" );
@ -1823,7 +1823,7 @@ reset:
NULL
#endif
);
mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout );
mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
@ -1832,7 +1832,7 @@ reset:
sizeof( client_ip ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"ssl_set_client_tranport_id() returned -0x%x\n\n", -ret );
"ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
goto exit;
}
}

16
programs/x509/cert_app.c
View File

@ -412,20 +412,20 @@ int main( int argc, char *argv[] )
if( verify )
{
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_set_verify( &conf, my_verify, NULL );
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
}
else
mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto ssl_exit;
}

74
scripts/data_files/rename-1.3-2.0.txt
View File

@ -1969,7 +1969,7 @@ ssl_hw_record_reset mbedtls_ssl_hw_record_reset
ssl_hw_record_write mbedtls_ssl_hw_record_write
ssl_init mbedtls_ssl_init
ssl_key_cert mbedtls_ssl_key_cert
ssl_legacy_renegotiation mbedtls_set_ssl_legacy_renegotiation
ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
ssl_optimize_checksum mbedtls_ssl_optimize_checksum
@ -1997,49 +1997,49 @@ ssl_session mbedtls_ssl_session
ssl_session_free mbedtls_ssl_session_free
ssl_session_init mbedtls_ssl_session_init
ssl_session_reset mbedtls_ssl_session_reset
ssl_set_alpn_protocols mbedtls_ssl_set_alpn_protocols
ssl_set_arc4_support mbedtls_ssl_set_arc4_support
ssl_set_authmode mbedtls_ssl_set_authmode
ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
ssl_set_authmode mbedtls_ssl_conf_authmode
ssl_set_bio mbedtls_ssl_set_bio
ssl_set_bio_timeout mbedtls_ssl_set_bio_timeout
ssl_set_ca_chain mbedtls_ssl_set_ca_chain
ssl_set_cbc_record_splitting mbedtls_ssl_set_cbc_record_splitting
ssl_set_ciphersuites mbedtls_ssl_set_ciphersuites
ssl_set_ciphersuites_for_version mbedtls_ssl_set_ciphersuites_for_version
ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
ssl_set_curves mbedtls_ssl_set_curves
ssl_set_dbg mbedtls_ssl_set_dbg
ssl_set_dh_param mbedtls_ssl_set_dh_param
ssl_set_dh_param_ctx mbedtls_ssl_set_dh_param_ctx
ssl_set_dtls_anti_replay mbedtls_ssl_set_dtls_anti_replay
ssl_set_dtls_badmac_limit mbedtls_ssl_set_dtls_badmac_limit
ssl_set_dtls_cookies mbedtls_ssl_set_dtls_cookies
ssl_set_encrypt_then_mac mbedtls_ssl_set_encrypt_then_mac
ssl_set_endpoint mbedtls_ssl_set_endpoint
ssl_set_extended_master_secret mbedtls_ssl_set_extended_master_secret
ssl_set_fallback mbedtls_ssl_set_fallback
ssl_set_handshake_timeout mbedtls_ssl_set_handshake_timeout
ssl_set_curves mbedtls_ssl_conf_curves
ssl_set_dbg mbedtls_ssl_conf_dbg
ssl_set_dh_param mbedtls_ssl_conf_dh_param
ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
ssl_set_endpoint mbedtls_ssl_conf_endpoint
ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
ssl_set_fallback mbedtls_ssl_conf_fallback
ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
ssl_set_hostname mbedtls_ssl_set_hostname
ssl_set_max_frag_len mbedtls_ssl_set_max_frag_len
ssl_set_max_version mbedtls_ssl_set_max_version
ssl_set_min_version mbedtls_ssl_set_min_version
ssl_set_own_cert mbedtls_ssl_set_own_cert
ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
ssl_set_max_version mbedtls_ssl_conf_max_version
ssl_set_min_version mbedtls_ssl_conf_min_version
ssl_set_own_cert mbedtls_ssl_conf_own_cert
ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt
ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa
ssl_set_psk mbedtls_ssl_set_psk
ssl_set_psk_cb mbedtls_ssl_set_psk_cb
ssl_set_renegotiation mbedtls_ssl_set_renegotiation
ssl_set_renegotiation_enforced mbedtls_ssl_set_renegotiation_enforced
ssl_set_renegotiation_period mbedtls_ssl_set_renegotiation_period
ssl_set_rng mbedtls_ssl_set_rng
ssl_set_psk mbedtls_ssl_conf_psk
ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
ssl_set_rng mbedtls_ssl_conf_rng
ssl_set_session mbedtls_ssl_set_session
ssl_set_session_cache mbedtls_ssl_set_session_cache
ssl_set_session_ticket_lifetime mbedtls_ssl_set_session_ticket_lifetime
ssl_set_session_tickets mbedtls_ssl_set_session_tickets
ssl_set_sni mbedtls_ssl_set_sni
ssl_set_transport mbedtls_ssl_set_transport
ssl_set_truncated_hmac mbedtls_ssl_set_truncated_hmac
ssl_set_verify mbedtls_ssl_set_verify
ssl_set_session_cache mbedtls_ssl_conf_session_cache
ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime
ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
ssl_set_sni mbedtls_ssl_conf_sni
ssl_set_transport mbedtls_ssl_conf_transport
ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
ssl_set_verify mbedtls_ssl_conf_verify
ssl_sig_from_pk mbedtls_ssl_sig_from_pk
ssl_states mbedtls_ssl_states
ssl_ticket_keys mbedtls_ssl_ticket_keys

10
tests/suites/test_suite_debug.function
View File

@ -46,7 +46,7 @@ void debug_print_msg_threshold( int threshold, int level, char *file, int line,
mbedtls_debug_set_log_mode( MBEDTLS_DEBUG_LOG_FULL );
mbedtls_debug_set_threshold( threshold );
mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_msg( &ssl, level, file, line,
mbedtls_debug_fmt("Text message, 2 == %d", 2 ) );
@ -75,7 +75,7 @@ void mbedtls_debug_print_ret( int mode, char *file, int line, char *text, int va
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_log_mode( mode );
mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_ret( &ssl, 0, file, line, text, value);
@ -108,7 +108,7 @@ void mbedtls_debug_print_buf( int mode, char *file, int line, char *text,
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_log_mode( mode );
mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_buf( &ssl, 0, file, line, text, data, data_len );
@ -138,7 +138,7 @@ void mbedtls_debug_print_crt( int mode, char *crt_file, char *file, int line,
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_log_mode( mode );
mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt);
@ -172,7 +172,7 @@ void mbedtls_debug_print_mpi( int mode, int radix, char *value, char *file, int
TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
mbedtls_debug_set_log_mode( mode );
mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val);