yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Simplify TLS major version default value setting

Browse source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-03-11 11:31:31 +01:00
parent dbe87f08ec
commit e71639d39b
2 changed files with 6 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
library/ssl_misc.h
View file

@ -85,7 +85,6 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 #define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
#define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
/* Determine maximum supported version */ /* Determine maximum supported version */
#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 #define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3

13
library/ssl_tls.c
View file

@ -4223,9 +4223,10 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
* NSA Suite B * NSA Suite B
*/ */
case MBEDTLS_SSL_PRESET_SUITEB: case MBEDTLS_SSL_PRESET_SUITEB:
conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3; conf->min_major_ver = MBEDTLS_SSL_MIN_MAJOR_VERSION;
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* Hybrid TLS 1.2/1.3 is not supported yet */ /* Hybrid TLS 1.2/1.3 is not supported yet */
conf->max_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; conf->max_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
@ -4261,15 +4262,13 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
* Default * Default
*/ */
default: default:
conf->min_major_ver = ( MBEDTLS_SSL_MIN_MAJOR_VERSION > conf->min_major_ver = MBEDTLS_SSL_MIN_MAJOR_VERSION;
MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION ) ? conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
MBEDTLS_SSL_MIN_MAJOR_VERSION :
MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION;
conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION > conf->min_minor_ver = ( MBEDTLS_SSL_MIN_MINOR_VERSION >
MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ? MBEDTLS_SSL_MIN_VALID_MINOR_VERSION ) ?
MBEDTLS_SSL_MIN_MINOR_VERSION : MBEDTLS_SSL_MIN_MINOR_VERSION :
MBEDTLS_SSL_MIN_VALID_MINOR_VERSION; MBEDTLS_SSL_MIN_VALID_MINOR_VERSION;
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
/* Hybrid TLS 1.2/1.3 is not supported yet */ /* Hybrid TLS 1.2/1.3 is not supported yet */
conf->max_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; conf->max_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;