Adapt version-handling functions to DTLS
This commit is contained in:
parent
e29fd4beaf
commit
b21ca2a69f
@ -959,6 +959,9 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint );
|
|||||||
* \param transport transport type:
|
* \param transport transport type:
|
||||||
* SSL_TRANSPORT_STREAM for TLS,
|
* SSL_TRANSPORT_STREAM for TLS,
|
||||||
* SSL_TRANSPORT_DATAGRAM for DTLS.
|
* SSL_TRANSPORT_DATAGRAM for DTLS.
|
||||||
|
*
|
||||||
|
* \note If DTLS is selected and max and/or min version are less
|
||||||
|
* than TLS 1.1 (DTLS 1.0) they are upped to that value.
|
||||||
*/
|
*/
|
||||||
void ssl_set_transport( ssl_context *ssl, int transport );
|
void ssl_set_transport( ssl_context *ssl, int transport );
|
||||||
|
|
||||||
@ -1122,6 +1125,9 @@ void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites );
|
|||||||
* \param minor Minor version number (SSL_MINOR_VERSION_0,
|
* \param minor Minor version number (SSL_MINOR_VERSION_0,
|
||||||
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
|
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
|
||||||
* SSL_MINOR_VERSION_3 supported)
|
* SSL_MINOR_VERSION_3 supported)
|
||||||
|
*
|
||||||
|
* \note With DTLS, use SSL_MINOR_VERSION_2 for DTLS 1.0
|
||||||
|
* and SSL_MINOR_VERSION_3 for DTLS 1.2
|
||||||
*/
|
*/
|
||||||
void ssl_set_ciphersuites_for_version( ssl_context *ssl,
|
void ssl_set_ciphersuites_for_version( ssl_context *ssl,
|
||||||
const int *ciphersuites,
|
const int *ciphersuites,
|
||||||
@ -1379,6 +1385,9 @@ const char *ssl_get_alpn_protocol( const ssl_context *ssl );
|
|||||||
* \param minor Minor version number (SSL_MINOR_VERSION_0,
|
* \param minor Minor version number (SSL_MINOR_VERSION_0,
|
||||||
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
|
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
|
||||||
* SSL_MINOR_VERSION_3 supported)
|
* SSL_MINOR_VERSION_3 supported)
|
||||||
|
*
|
||||||
|
* \note With DTLS, use SSL_MINOR_VERSION_2 for DTLS 1.0 and
|
||||||
|
* SSL_MINOR_VERSION_3 for DTLS 1.2
|
||||||
*/
|
*/
|
||||||
void ssl_set_max_version( ssl_context *ssl, int major, int minor );
|
void ssl_set_max_version( ssl_context *ssl, int major, int minor );
|
||||||
|
|
||||||
@ -1395,6 +1404,9 @@ void ssl_set_max_version( ssl_context *ssl, int major, int minor );
|
|||||||
* \param minor Minor version number (SSL_MINOR_VERSION_0,
|
* \param minor Minor version number (SSL_MINOR_VERSION_0,
|
||||||
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
|
* SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2,
|
||||||
* SSL_MINOR_VERSION_3 supported)
|
* SSL_MINOR_VERSION_3 supported)
|
||||||
|
*
|
||||||
|
* \note With DTLS, use SSL_MINOR_VERSION_2 for DTLS 1.0 and
|
||||||
|
* SSL_MINOR_VERSION_3 for DTLS 1.2
|
||||||
*/
|
*/
|
||||||
void ssl_set_min_version( ssl_context *ssl, int major, int minor );
|
void ssl_set_min_version( ssl_context *ssl, int major, int minor );
|
||||||
|
|
||||||
|
@ -3600,6 +3600,13 @@ void ssl_set_endpoint( ssl_context *ssl, int endpoint )
|
|||||||
void ssl_set_transport( ssl_context *ssl, int transport )
|
void ssl_set_transport( ssl_context *ssl, int transport )
|
||||||
{
|
{
|
||||||
ssl->transport = transport;
|
ssl->transport = transport;
|
||||||
|
|
||||||
|
/* DTLS starts with TLS1.1 */
|
||||||
|
if( ssl->min_minor_ver < SSL_MINOR_VERSION_2 )
|
||||||
|
ssl->min_minor_ver = SSL_MINOR_VERSION_2;
|
||||||
|
|
||||||
|
if( ssl->max_minor_ver < SSL_MINOR_VERSION_2 )
|
||||||
|
ssl->max_minor_ver = SSL_MINOR_VERSION_2;
|
||||||
}
|
}
|
||||||
|
|
||||||
void ssl_set_authmode( ssl_context *ssl, int authmode )
|
void ssl_set_authmode( ssl_context *ssl, int authmode )
|
||||||
@ -3964,22 +3971,30 @@ const char *ssl_get_alpn_protocol( const ssl_context *ssl )
|
|||||||
|
|
||||||
void ssl_set_max_version( ssl_context *ssl, int major, int minor )
|
void ssl_set_max_version( ssl_context *ssl, int major, int minor )
|
||||||
{
|
{
|
||||||
if( major >= SSL_MIN_MAJOR_VERSION && major <= SSL_MAX_MAJOR_VERSION &&
|
if( major < SSL_MIN_MAJOR_VERSION || major > SSL_MAX_MAJOR_VERSION ||
|
||||||
minor >= SSL_MIN_MINOR_VERSION && minor <= SSL_MAX_MINOR_VERSION )
|
minor < SSL_MIN_MINOR_VERSION || minor > SSL_MAX_MINOR_VERSION ||
|
||||||
|
( ssl->transport == SSL_TRANSPORT_DATAGRAM &&
|
||||||
|
minor < SSL_MINOR_VERSION_2 ) )
|
||||||
{
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
ssl->max_major_ver = major;
|
ssl->max_major_ver = major;
|
||||||
ssl->max_minor_ver = minor;
|
ssl->max_minor_ver = minor;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void ssl_set_min_version( ssl_context *ssl, int major, int minor )
|
void ssl_set_min_version( ssl_context *ssl, int major, int minor )
|
||||||
{
|
{
|
||||||
if( major >= SSL_MIN_MAJOR_VERSION && major <= SSL_MAX_MAJOR_VERSION &&
|
if( major < SSL_MIN_MAJOR_VERSION || major > SSL_MAX_MAJOR_VERSION ||
|
||||||
minor >= SSL_MIN_MINOR_VERSION && minor <= SSL_MAX_MINOR_VERSION )
|
minor < SSL_MIN_MINOR_VERSION || minor > SSL_MAX_MINOR_VERSION ||
|
||||||
|
( ssl->transport == SSL_TRANSPORT_DATAGRAM &&
|
||||||
|
minor < SSL_MINOR_VERSION_2 ) )
|
||||||
{
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
ssl->min_major_ver = major;
|
ssl->min_major_ver = major;
|
||||||
ssl->min_minor_ver = minor;
|
ssl->min_minor_ver = minor;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
@ -4067,6 +4082,23 @@ const char *ssl_get_ciphersuite( const ssl_context *ssl )
|
|||||||
|
|
||||||
const char *ssl_get_version( const ssl_context *ssl )
|
const char *ssl_get_version( const ssl_context *ssl )
|
||||||
{
|
{
|
||||||
|
#if defined(POLARSSL_SSL_PROTO_DTLS)
|
||||||
|
if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
|
||||||
|
{
|
||||||
|
switch( ssl->minor_ver )
|
||||||
|
{
|
||||||
|
case SSL_MINOR_VERSION_2:
|
||||||
|
return( "DTLSv1.0" );
|
||||||
|
|
||||||
|
case SSL_MINOR_VERSION_3:
|
||||||
|
return( "DTLSv1.2" );
|
||||||
|
|
||||||
|
default:
|
||||||
|
return( "unknown (DTLS)" );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
switch( ssl->minor_ver )
|
switch( ssl->minor_ver )
|
||||||
{
|
{
|
||||||
case SSL_MINOR_VERSION_0:
|
case SSL_MINOR_VERSION_0:
|
||||||
@ -4082,9 +4114,8 @@ const char *ssl_get_version( const ssl_context *ssl )
|
|||||||
return( "TLSv1.2" );
|
return( "TLSv1.2" );
|
||||||
|
|
||||||
default:
|
default:
|
||||||
break;
|
|
||||||
}
|
|
||||||
return( "unknown" );
|
return( "unknown" );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||||
|
Loading…
Reference in New Issue
Block a user