mbedtls_ssl_config min_tls_version, max_tls_version Store the TLS version in tls_version instead of major, minor version num Note: existing application use which accesses the struct member (using MBEDTLS_PRIVATE) is not compatible on little-endian platforms, but is compatible on big-endian platforms. For systems supporting only TLSv1.2, the underlying values are the same (=> 3). New setter functions are more type-safe, taking argument as enum mbedtls_ssl_protocol_version: mbedtls_ssl_conf_max_tls_version() mbedtls_ssl_conf_min_tls_version() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

commit: 2dfcea2b9dd58ffd68fac4d024c52d2968779d6e [log] [tgz]
author: Glenn Strauss <gstrauss@gluelogic.com> Mon Mar 14 17:26:42 2022 -0400
committer: Glenn Strauss <gstrauss@gluelogic.com> Thu Apr 14 15:39:43 2022 -0400
tree: 55e2b0c4067dba817b725b6c77919660f4031ccb
parent: da7851c8250809a7bf62e9e55ca90690daf59ebf [diff] [blame]
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 8053e76..c79fcfa 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -3541,7 +3541,7 @@
         return( MBEDTLS_ERR_SSL_INVALID_RECORD );
     }
 
-    if( minor_ver > ssl->conf->max_minor_ver )
+    if( minor_ver > ( ssl->conf->max_tls_version & 0xFF ) )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) );
         return( MBEDTLS_ERR_SSL_INVALID_RECORD );
commit	2dfcea2b9dd58ffd68fac4d024c52d2968779d6e	[log] [tgz]
author	Glenn Strauss <gstrauss@gluelogic.com>	Mon Mar 14 17:26:42 2022 -0400
committer	Glenn Strauss <gstrauss@gluelogic.com>	Thu Apr 14 15:39:43 2022 -0400
tree	55e2b0c4067dba817b725b6c77919660f4031ccb
parent	da7851c8250809a7bf62e9e55ca90690daf59ebf [diff] [blame]