tls: srv: Allow server hybrid TLS 1.2 and 1.3 configuration

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2023-03-08 15:59:41 +01:00
parent 6291b23080
commit 3b35455a69
2 changed files with 4 additions and 10 deletions

View file

@ -1325,12 +1325,6 @@ static int ssl_conf_version_check(const mbedtls_ssl_context *ssl)
return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
} }
if (conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
MBEDTLS_SSL_DEBUG_MSG(1, ("TLS 1.3 server is not supported yet."));
return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
}
MBEDTLS_SSL_DEBUG_MSG(4, ("The SSL configuration is TLS 1.3 or TLS 1.2.")); MBEDTLS_SSL_DEBUG_MSG(4, ("The SSL configuration is TLS 1.3 or TLS 1.2."));
return 0; return 0;
} }

View file

@ -3459,9 +3459,9 @@ Version config: unsupported client hybrid DTLS 1.2/3
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3 depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3
conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
Version config: unsupported server hybrid TLS 1.2/3 Version config: valid server hybrid TLS 1.2/3
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3 depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3
conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:0
Version config: unsupported server hybrid DTLS 1.2/3 Version config: unsupported server hybrid DTLS 1.2/3
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3 depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_TLS1_3
@ -3475,7 +3475,7 @@ Version config: unsupported client hybrid DTLS 1.2/3, no TLS 1.2
depends_on:!MBEDTLS_SSL_PROTO_TLS1_2 depends_on:!MBEDTLS_SSL_PROTO_TLS1_2
conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG
Version config: unsupported server hybrid TLS 1.2/3, no TLS 1.2 Version config: valid server hybrid TLS 1.2/3, no TLS 1.2
depends_on:!MBEDTLS_SSL_PROTO_TLS1_2 depends_on:!MBEDTLS_SSL_PROTO_TLS1_2
conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG
@ -3491,7 +3491,7 @@ Version config: unsupported client hybrid DTLS 1.2/3, no TLS 1.3
depends_on:!MBEDTLS_SSL_PROTO_TLS1_3 depends_on:!MBEDTLS_SSL_PROTO_TLS1_3
conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG conf_version:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_TRANSPORT_DATAGRAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG
Version config: unsupported server hybrid TLS 1.2/3, no TLS 1.3 Version config: valid server hybrid TLS 1.2/3, no TLS 1.3
depends_on:!MBEDTLS_SSL_PROTO_TLS1_3 depends_on:!MBEDTLS_SSL_PROTO_TLS1_3
conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG conf_version:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_TRANSPORT_STREAM:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_ERR_SSL_BAD_CONFIG