Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration

There's no renegotiation in TLS 1.3, so this option should have no effect. Insist on having it disabled, to avoid the risk of accidentally having different behavior in TLS 1.3 if the option is enabled (as happened in https://github.com/Mbed-TLS/mbedtls/issues/6200). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-08-12 22:43:18 +02:00 · 2022-08-12 22:43:18 +02:00 · 7d3186d18a
commit 7d3186d18a
parent f4385faa6f
2 changed files with 6 additions and 0 deletions
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@ -936,6 +936,11 @@
 #error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequisites"
 #endif

+#if defined(MBEDTLS_SSL_RENEGOTIATION) && \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#error "MBEDTLS_SSL_RENEGOTIATION defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_SSL_TICKET_C) && ( !defined(MBEDTLS_CIPHER_C) && \
                                       !defined(MBEDTLS_USE_PSA_CRYPTO) )
 #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
--- a/tests/configs/tls13-only.h
+++ b/tests/configs/tls13-only.h
@ -29,6 +29,7 @@
 /* Disable TLS 1.2 and 1.2-specific features */
 #undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
 #undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+#undef MBEDTLS_SSL_RENEGOTIATION
 #undef MBEDTLS_SSL_PROTO_TLS1_2
 #undef MBEDTLS_SSL_PROTO_DTLS
 #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY