From c49d15fdedb40ff3948a946221eb4e3121f0b058 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 23 May 2021 05:41:21 +0100 Subject: [PATCH] Use 'version-specific' instead of 'implementation-defined' in API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f9a5970e1..57d2085e6 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2696,6 +2696,18 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * \brief Configure one or more pre-shared keys (PSKs) and their * identities to be used in PSK-based ciphersuites. * + * This function may be called multiple times to attempt + * to register multiple PSKs. The number of supported PSKs + * is version-specific (see below for the current limit). + * Once the limit is reached, this function fails, maintaining + * the PSKs previously configured and ignoring the excess request. + * This behavior is in contrast to Mbed TLS 2.x, where later + * invocations would overwrite the effect of earlier calls. + * + * \note Currently, the library supports only support a single PSK, + * but this limit is not part of the API and may change in + * future minor versions. + * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. * @@ -2713,15 +2725,6 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * hence need not be preserved by the caller for the lifetime * of the SSL configuration. * - * \note While this function may be called multiple times to - * register multiple PSKs, the number of supported PSKs - * is implementation-defined. Once the limit is reached, - * this function fails, maintaining the PSKs previously - * configured and ignoring the excess request. - * This behavior is in contrast to Mbed TLS 2.x, where - * later invocations would overwrite the effect of earlier - * calls. - * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs * can be configured. In this case, the SSL configuration @@ -2737,6 +2740,18 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \brief Configure one or more opaque pre-shared keys (PSKs) and * their identities to be used in PSK-based ciphersuites. * + * This function may be called multiple times to attempt + * to register multiple PSKs. The number of supported PSKs + * is version-specific (see below for the current limit). + * Once the limit is reached, this function fails, maintaining + * the PSKs previously configured and ignoring the excess request. + * This behavior is in contrast to Mbed TLS 2.x, where later + * invocations would overwrite the effect of earlier calls. + * + * \note Currently, the library supports only support a single PSK, + * but this limit is not part of the API and may change in + * future minor versions. + * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. * @@ -2759,15 +2774,6 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * not be preserved by the caller for the lifetime of the * SSL configuration. * - * \note While this function may be called multiple times to - * register multiple PSKs, the number of supported PSKs - * is implementation-defined. Once the limit is reached, - * this function fails, maintaining the PSKs previously - * configured and ignoring the excess request. - * This behavior is in contrast to Mbed TLS 2.x, where - * later invocations would overwrite the effect of earlier - * calls. - * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs * can be configured. In this case, the SSL configuration