fix wrong setting of max_minor version

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-01-27 14:16:44 +08:00
parent 81d5e1feca
commit 7d2396332d
2 changed files with 13 additions and 3 deletions

View file

@ -89,10 +89,10 @@
/* Determine maximum supported version */
#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
#elif defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_4
#elif defined(MBEDTLS_SSL_PROTO_TLS1_2)
#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* Shorthand for restartable ECC */

View file

@ -6922,7 +6922,12 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* Hybrid TLS 1.2/1.3 is not supported yet */
conf->max_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
#else
conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3 */
conf->ciphersuite_list = ssl_preset_suiteb_ciphersuites;
@ -6961,7 +6966,12 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
MBEDTLS_SSL_MIN_MINOR_VERSION :
MBEDTLS_SSL_MIN_VALID_MINOR_VERSION;
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* Hybrid TLS 1.2/1.3 is not supported yet */
conf->max_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
#else
conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )