Allow configuring MBEDTLS_TLS_EXT_CID at compile time
The numerical identifier of the CID extension hasn't been settled yet and different implementations use values from different drafts. Allow configuring the value at compile time. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
2aec149e13
commit
7dd2f504b3
3 changed files with 21 additions and 1 deletions
3
ChangeLog.d/tls_ext_cid-config.txt
Normal file
3
ChangeLog.d/tls_ext_cid-config.txt
Normal file
|
@ -0,0 +1,3 @@
|
|||
Features
|
||||
* The identifier of the CID TLS extension can be configured by defining
|
||||
MBEDTLS_TLS_EXT_CID at compile time.
|
|
@ -3194,6 +3194,17 @@
|
|||
//#define MBEDTLS_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
|
||||
//#define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
|
||||
|
||||
/** \def MBEDTLS_TLS_EXT_CID
|
||||
*
|
||||
* At the time of writing, the CID extension has not been assigned its
|
||||
* final value. Set this configuration option to make Mbed TLS use a
|
||||
* different value.
|
||||
*
|
||||
* A future minor revision of Mbed TLS may change the default value of
|
||||
* this option to match evolving standards and usage.
|
||||
*/
|
||||
//#define MBEDTLS_TLS_EXT_CID 254
|
||||
|
||||
/**
|
||||
* Complete list of ciphersuites to use, in order of preference.
|
||||
*
|
||||
|
|
|
@ -425,8 +425,14 @@
|
|||
|
||||
/* The value of the CID extension is still TBD as of
|
||||
* draft-ietf-tls-dtls-connection-id-05
|
||||
* (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05) */
|
||||
* (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-05).
|
||||
*
|
||||
* A future minor revision of Mbed TLS may change the default value of
|
||||
* this option to match evolving standards and usage.
|
||||
*/
|
||||
#if !defined(MBEDTLS_TLS_EXT_CID)
|
||||
#define MBEDTLS_TLS_EXT_CID 254 /* TBD */
|
||||
#endif
|
||||
|
||||
#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */
|
||||
|
||||
|
|
Loading…
Reference in a new issue