Add conf new session tickets

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-08-09 13:28:39 +08:00
parent be0224aef3
commit 1ad7ace6b7
3 changed files with 53 additions and 4 deletions

View file

@ -1578,6 +1578,14 @@
*/
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
/**
* \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS
*
* Default number of NewSessionTicket. This is not used in TLS 1.2.
*
*/
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
/**
* \def MBEDTLS_SSL_PROTO_DTLS
*

View file

@ -1329,9 +1329,17 @@ struct mbedtls_ssl_config
#if defined(MBEDTLS_SSL_RENEGOTIATION)
uint8_t MBEDTLS_PRIVATE(disable_renegotiation); /*!< disable renegotiation? */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
uint8_t MBEDTLS_PRIVATE(session_tickets); /*!< use session tickets? */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_CLI_C)
uint8_t MBEDTLS_PRIVATE(session_tickets); /*!< use session tickets? */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_SRV_C) && \
defined(MBEDTLS_SSL_PROTO_TLS1_3)
uint16_t MBEDTLS_PRIVATE(new_session_tickets); /*!< number of NewSessionTicket */
#endif
#if defined(MBEDTLS_SSL_SRV_C)
uint8_t MBEDTLS_PRIVATE(cert_req_ca_list); /*!< enable sending CA list in
Certificate Request messages? */
@ -4109,7 +4117,8 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c
void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order );
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_CLI_C)
/**
* \brief Enable / Disable session tickets (client only).
* (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.)
@ -4121,7 +4130,26 @@ void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order );
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
*/
void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
defined(MBEDTLS_SSL_SRV_C) && \
defined(MBEDTLS_SSL_PROTO_TLS1_3)
/**
* \brief Number of NewSessionTicket message that sent by server.
* (Default: MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS)
*
*
* \param conf SSL configuration
* \param num_tickets Number of NewSessionTicket.
*
*/
void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
uint16_t num_tickets );
#endif /* MBEDTLS_SSL_SESSION_TICKETS &&
MBEDTLS_SSL_SRV_C &&
MBEDTLS_SSL_PROTO_TLS1_3*/
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**

View file

@ -2611,6 +2611,15 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets
#endif
#if defined(MBEDTLS_SSL_SRV_C)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
void mbedtls_ssl_conf_new_session_tickets( mbedtls_ssl_config *conf,
uint16_t num_tickets )
{
conf->new_session_tickets = num_tickets;
}
#endif
void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
mbedtls_ssl_ticket_write_t *f_ticket_write,
mbedtls_ssl_ticket_parse_t *f_ticket_parse,
@ -4644,6 +4653,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_SRV_C)
mbedtls_ssl_conf_new_session_tickets(
conf, MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS );
#endif
/*
* Allow all TLS 1.3 key exchange modes by default.
*/