Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data

TLS 1.3: Rename early_data and max_early_data_size configuration function
2023-11-10 19:35:46 +00:00 · 2023-11-10 19:35:46 +00:00 · 08ea9bfa1f
commit 08ea9bfa1f
parent b827eb25f1 6cdfe9d51f
7 changed files with 18 additions and 15 deletions
--- a/ChangeLog.d/rename-conf-early-data-API.txt
+++ b/ChangeLog.d/rename-conf-early-data-API.txt
@ -0,0 +1,4 @@
+API changes
+   * Remove `tls13_` in mbedtls_ssl_tls13_conf_early_data() and
+     mbedtls_ssl_tls13_conf_max_early_data_size() API names. Early data
+     feature may not be TLS 1.3 specific in the future. Fixes #6909.
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@ -4083,7 +4083,7 @@
 * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
 *
 * The default maximum amount of 0-RTT data. See the documentation of
- * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information.
+ * \c mbedtls_ssl_conf_max_early_data_size() for more information.
 *
 * It must be positive and smaller than UINT32_MAX.
 *
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -2000,7 +2000,7 @@ void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode);
 * \warning This interface is experimental and may change without notice.
 *
 */
-void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_early_data(mbedtls_ssl_config *conf,
                                 int early_data_enabled);

 #if defined(MBEDTLS_SSL_SRV_C)
@ -2027,7 +2027,7 @@ void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf,
 * \warning This interface is experimental and may change without notice.
 *
 */
-void mbedtls_ssl_tls13_conf_max_early_data_size(
+void mbedtls_ssl_conf_max_early_data_size(
    mbedtls_ssl_config *conf, uint32_t max_early_data_size);
 #endif /* MBEDTLS_SSL_SRV_C */

--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1770,14 +1770,14 @@ void mbedtls_ssl_conf_tls13_key_exchange_modes(mbedtls_ssl_config *conf,
 }

 #if defined(MBEDTLS_SSL_EARLY_DATA)
-void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_early_data(mbedtls_ssl_config *conf,
                                 int early_data_enabled)
 {
    conf->early_data_enabled = early_data_enabled;
 }

 #if defined(MBEDTLS_SSL_SRV_C)
-void mbedtls_ssl_tls13_conf_max_early_data_size(
+void mbedtls_ssl_conf_max_early_data_size(
    mbedtls_ssl_config *conf, uint32_t max_early_data_size)
 {
    conf->max_early_data_size = max_early_data_size;
@ -5247,10 +5247,9 @@ int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf,
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)

 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    mbedtls_ssl_tls13_conf_early_data(conf, MBEDTLS_SSL_EARLY_DATA_DISABLED);
+    mbedtls_ssl_conf_early_data(conf, MBEDTLS_SSL_EARLY_DATA_DISABLED);
 #if defined(MBEDTLS_SSL_SRV_C)
-    mbedtls_ssl_tls13_conf_max_early_data_size(
-        conf, MBEDTLS_SSL_MAX_EARLY_DATA_SIZE);
+    mbedtls_ssl_conf_max_early_data_size(conf, MBEDTLS_SSL_MAX_EARLY_DATA_SIZE);
 #endif
 #endif /* MBEDTLS_SSL_EARLY_DATA */

--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -1971,7 +1971,7 @@ usage:
    }

 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    mbedtls_ssl_tls13_conf_early_data(&conf, opt.early_data);
+    mbedtls_ssl_conf_early_data(&conf, opt.early_data);
 #endif /* MBEDTLS_SSL_EARLY_DATA */

    if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) {
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -2776,9 +2776,9 @@ usage:
    }

 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    mbedtls_ssl_tls13_conf_early_data(&conf, tls13_early_data_enabled);
+    mbedtls_ssl_conf_early_data(&conf, tls13_early_data_enabled);
    if (tls13_early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) {
-        mbedtls_ssl_tls13_conf_max_early_data_size(
+        mbedtls_ssl_conf_max_early_data_size(
            &conf, opt.max_early_data_size);
    }
 #endif /* MBEDTLS_SSL_EARLY_DATA */
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@ -1519,7 +1519,7 @@ do_run_test_once() {
 # $1 and $2 contain the server and client command lines, respectively.
 #
 # Note: this function only provides some guess about TLS version by simply
-#       looking at the server/client command lines. Even thought this works
+#       looking at the server/client command lines. Even though this works
 #       for the sake of tests' filtering (especially in conjunction with the
 #       detect_required_features() function), it does NOT guarantee that the
 #       result is accurate. It does not check other conditions, such as:
@ -1639,7 +1639,7 @@ run_test() {
        requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
    fi

-    # Check if we are trying to use an external tool wich does not support ECDH
+    # Check if we are trying to use an external tool which does not support ECDH
    EXT_WO_ECDH=$(use_ext_tool_without_ecdh_support "$SRV_CMD" "$CLI_CMD")

    # Guess the TLS version which is going to be used