mirror of
https://github.com/ARMmbed/mbedtls.git
synced 2025-05-10 00:49:04 +08:00
Add tls13 in ticket flags helper function names
``` sed -i \ "s/\(mbedtls_ssl\)_\(session_\(\w*_\)\?ticket\)/\1_tls13_\2/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv
parent
abd844f379
commit
94a42ccb3e
@ -2769,7 +2769,7 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session,
|
|||||||
|
|
||||||
#define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800)
|
#define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800)
|
||||||
|
|
||||||
static inline unsigned int mbedtls_ssl_session_get_ticket_flags(
|
static inline unsigned int mbedtls_ssl_tls13_session_get_ticket_flags(
|
||||||
mbedtls_ssl_session *session, unsigned int flags)
|
mbedtls_ssl_session *session, unsigned int flags)
|
||||||
{
|
{
|
||||||
return session->ticket_flags &
|
return session->ticket_flags &
|
||||||
@ -2782,40 +2782,40 @@ static inline unsigned int mbedtls_ssl_session_get_ticket_flags(
|
|||||||
* `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all
|
* `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all
|
||||||
* permitted flags.
|
* permitted flags.
|
||||||
*/
|
*/
|
||||||
static inline int mbedtls_ssl_session_ticket_has_flags(
|
static inline int mbedtls_ssl_tls13_session_ticket_has_flags(
|
||||||
mbedtls_ssl_session *session, unsigned int flags)
|
mbedtls_ssl_session *session, unsigned int flags)
|
||||||
{
|
{
|
||||||
return mbedtls_ssl_session_get_ticket_flags(session, flags) != 0;
|
return mbedtls_ssl_tls13_session_get_ticket_flags(session, flags) != 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int mbedtls_ssl_session_ticket_allow_psk(
|
static inline int mbedtls_ssl_tls13_session_ticket_allow_psk(
|
||||||
mbedtls_ssl_session *session)
|
mbedtls_ssl_session *session)
|
||||||
{
|
{
|
||||||
return mbedtls_ssl_session_ticket_has_flags(session,
|
return mbedtls_ssl_tls13_session_ticket_has_flags(
|
||||||
MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int mbedtls_ssl_session_ticket_allow_psk_ephemeral(
|
static inline int mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral(
|
||||||
mbedtls_ssl_session *session)
|
mbedtls_ssl_session *session)
|
||||||
{
|
{
|
||||||
return mbedtls_ssl_session_ticket_has_flags(session,
|
return mbedtls_ssl_tls13_session_ticket_has_flags(
|
||||||
MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline unsigned int mbedtls_ssl_session_ticket_allow_early_data(
|
static inline unsigned int mbedtls_ssl_tls13_session_ticket_allow_early_data(
|
||||||
mbedtls_ssl_session *session)
|
mbedtls_ssl_session *session)
|
||||||
{
|
{
|
||||||
return !mbedtls_ssl_session_check_ticket_flags(session,
|
return mbedtls_ssl_tls13_session_ticket_has_flags(
|
||||||
MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void mbedtls_ssl_session_set_ticket_flags(
|
static inline void mbedtls_ssl_tls13_session_set_ticket_flags(
|
||||||
mbedtls_ssl_session *session, unsigned int flags)
|
mbedtls_ssl_session *session, unsigned int flags)
|
||||||
{
|
{
|
||||||
session->ticket_flags |= (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
session->ticket_flags |= (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void mbedtls_ssl_session_clear_ticket_flags(
|
static inline void mbedtls_ssl_tls13_session_clear_ticket_flags(
|
||||||
mbedtls_ssl_session *session, unsigned int flags)
|
mbedtls_ssl_session *session, unsigned int flags)
|
||||||
{
|
{
|
||||||
session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
||||||
|
|||||||
@ -685,7 +685,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl)
|
|||||||
return ssl->handshake->resume &&
|
return ssl->handshake->resume &&
|
||||||
session != NULL && session->ticket != NULL &&
|
session != NULL && session->ticket != NULL &&
|
||||||
mbedtls_ssl_conf_tls13_is_kex_mode_enabled(
|
mbedtls_ssl_conf_tls13_is_kex_mode_enabled(
|
||||||
ssl, mbedtls_ssl_session_get_ticket_flags(
|
ssl, mbedtls_ssl_tls13_session_get_ticket_flags(
|
||||||
session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL));
|
session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -695,7 +695,7 @@ static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl)
|
|||||||
mbedtls_ssl_session *session = ssl->session_negotiate;
|
mbedtls_ssl_session *session = ssl->session_negotiate;
|
||||||
return ssl->handshake->resume &&
|
return ssl->handshake->resume &&
|
||||||
session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
|
session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
|
||||||
mbedtls_ssl_session_ticket_allow_early_data(session) &&
|
mbedtls_ssl_tls13_session_ticket_allow_early_data(session) &&
|
||||||
mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite);
|
mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -2685,7 +2685,7 @@ static int ssl_tls13_parse_new_session_ticket_early_data_ext(
|
|||||||
MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4);
|
MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4);
|
||||||
|
|
||||||
session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0);
|
session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0);
|
||||||
mbedtls_ssl_session_set_ticket_flags(
|
mbedtls_ssl_tls13_session_set_ticket_flags(
|
||||||
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
|
||||||
MBEDTLS_SSL_DEBUG_MSG(
|
MBEDTLS_SSL_DEBUG_MSG(
|
||||||
3, ("received max_early_data_size: %u",
|
3, ("received max_early_data_size: %u",
|
||||||
@ -2836,7 +2836,7 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl,
|
|||||||
session->ticket_len = ticket_len;
|
session->ticket_len = ticket_len;
|
||||||
|
|
||||||
/* Clear all flags in ticket_flags */
|
/* Clear all flags in ticket_flags */
|
||||||
mbedtls_ssl_session_clear_ticket_flags(
|
mbedtls_ssl_tls13_session_clear_ticket_flags(
|
||||||
session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
||||||
|
|
||||||
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
|
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
|
||||||
@ -2923,7 +2923,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl,
|
|||||||
session->resumption_key_len);
|
session->resumption_key_len);
|
||||||
|
|
||||||
/* Set ticket_flags depends on the selected key exchange modes */
|
/* Set ticket_flags depends on the selected key exchange modes */
|
||||||
mbedtls_ssl_session_set_ticket_flags(
|
mbedtls_ssl_tls13_session_set_ticket_flags(
|
||||||
session, ssl->conf->tls13_kex_modes);
|
session, ssl->conf->tls13_kex_modes);
|
||||||
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
|
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
|
||||||
|
|
||||||
|
|||||||
@ -175,11 +175,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket(
|
|||||||
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
|
MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags);
|
||||||
|
|
||||||
key_exchanges = 0;
|
key_exchanges = 0;
|
||||||
if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) &&
|
if (mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral(session) &&
|
||||||
ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) {
|
ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) {
|
||||||
key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||||
}
|
}
|
||||||
if (mbedtls_ssl_session_ticket_allow_psk(session) &&
|
if (mbedtls_ssl_tls13_session_ticket_allow_psk(session) &&
|
||||||
ssl_tls13_key_exchange_is_psk_available(ssl)) {
|
ssl_tls13_key_exchange_is_psk_available(ssl)) {
|
||||||
key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||||
}
|
}
|
||||||
@ -1008,7 +1008,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl,
|
|||||||
{
|
{
|
||||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||||
if (ssl->handshake->resume) {
|
if (ssl->handshake->resume) {
|
||||||
if (!mbedtls_ssl_session_ticket_has_flags(
|
if (!mbedtls_ssl_tls13_session_ticket_has_flags(
|
||||||
ssl->session_negotiate, kex_mode)) {
|
ssl->session_negotiate, kex_mode)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -1845,7 +1845,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl)
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!mbedtls_ssl_session_ticket_allow_early_data(ssl->session_negotiate)) {
|
if (!mbedtls_ssl_tls13_session_ticket_allow_early_data(ssl->session_negotiate)) {
|
||||||
MBEDTLS_SSL_DEBUG_MSG(
|
MBEDTLS_SSL_DEBUG_MSG(
|
||||||
1,
|
1,
|
||||||
("EarlyData: rejected, early_data not allowed in ticket "
|
("EarlyData: rejected, early_data not allowed in ticket "
|
||||||
@ -3131,17 +3131,17 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Set ticket_flags depends on the advertised psk key exchange mode */
|
/* Set ticket_flags depends on the advertised psk key exchange mode */
|
||||||
mbedtls_ssl_session_clear_ticket_flags(
|
mbedtls_ssl_tls13_session_clear_ticket_flags(
|
||||||
session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
|
||||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||||
mbedtls_ssl_session_set_ticket_flags(
|
mbedtls_ssl_tls13_session_set_ticket_flags(
|
||||||
session, ssl->handshake->tls13_kex_modes);
|
session, ssl->handshake->tls13_kex_modes);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_EARLY_DATA)
|
#if defined(MBEDTLS_SSL_EARLY_DATA)
|
||||||
if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED &&
|
if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED &&
|
||||||
ssl->conf->max_early_data_size > 0) {
|
ssl->conf->max_early_data_size > 0) {
|
||||||
mbedtls_ssl_session_set_ticket_flags(
|
mbedtls_ssl_tls13_session_set_ticket_flags(
|
||||||
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
|
session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA);
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_EARLY_DATA */
|
#endif /* MBEDTLS_SSL_EARLY_DATA */
|
||||||
@ -3321,7 +3321,7 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl,
|
|||||||
p += 2;
|
p += 2;
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_EARLY_DATA)
|
#if defined(MBEDTLS_SSL_EARLY_DATA)
|
||||||
if (mbedtls_ssl_session_ticket_allow_early_data(session)) {
|
if (mbedtls_ssl_tls13_session_ticket_allow_early_data(session)) {
|
||||||
size_t output_len;
|
size_t output_len;
|
||||||
|
|
||||||
if ((ret = mbedtls_ssl_tls13_write_early_data_ext(
|
if ((ret = mbedtls_ssl_tls13_write_early_data_ext(
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user