Make endpoint+transport args of config_defaults()
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index cacfe0f..09cea3b 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -162,7 +162,9 @@
mbedtls_printf( " . Setting up the DTLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
@@ -176,9 +178,6 @@
mbedtls_printf( " ok\n" );
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
- mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM );
-
/* OPTIONAL is usually a bad choice for security, but makes interop easier
* in this simplified example, in which the ca chain is hardcoded.
* Production code should set a proper ca chain and use REQUIRED. */
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 869d919..4512943 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -192,7 +192,9 @@
printf( " . Setting up the DTLS data..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_SERVER,
+ MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
@@ -204,8 +206,6 @@
goto exit;
}
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
- mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index cd28845..694bf40 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -188,7 +188,9 @@
goto exit;
}
- if( mbedtls_ssl_config_defaults( &conf ) != 0 )
+ if( mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM) != 0 )
{
ret = ssl_config_defaults_failed;
goto exit;
@@ -200,8 +202,6 @@
goto exit;
}
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
-
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index d136cd6..4804235 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -150,7 +150,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
@@ -164,7 +166,6 @@
mbedtls_printf( " ok\n" );
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 309a68a..1454067 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1049,7 +1049,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ opt.transport ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
goto exit;
@@ -1066,17 +1068,10 @@
mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
#endif
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_set_authmode( &ssl, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
- if( ( ret = mbedtls_ssl_set_transport( &ssl, opt.transport ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! selected transport is not available\n" );
- goto exit;
- }
-
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index a26f85f..3837466 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -249,7 +249,9 @@
goto exit;
}
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_SERVER,
+ MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
@@ -263,7 +265,6 @@
mbedtls_printf( " ok\n" );
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index bf4bff9..26972f8 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -584,7 +584,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_CLIENT,
+ MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
@@ -598,7 +600,6 @@
mbedtls_printf( " ok\n" );
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 7303c5d..6896e97 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -160,7 +160,9 @@
*/
mbedtls_printf( " [ #%d ] Setting up the SSL data....\n", thread_id );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_SERVER,
+ MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
{
mbedtls_printf( " [ #%d ] failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
thread_id, -ret );
@@ -174,7 +176,6 @@
goto thread_exit;
}
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index a2b9a58..5c2a7d2 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -191,7 +191,9 @@
mbedtls_printf( " . Setting up the SSL data...." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_SERVER,
+ MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
goto exit;
@@ -203,7 +205,6 @@
goto exit;
}
- mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );
mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 013d339..8955acf 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1520,7 +1520,9 @@
mbedtls_printf( " . Setting up the SSL/TLS structure..." );
fflush( stdout );
- if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+ if( ( ret = mbedtls_ssl_config_defaults( &conf,
+ MBEDTLS_SSL_IS_SERVER,
+ opt.transport ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
goto exit;
@@ -1537,12 +1539,6 @@
mbedtls_ssl_set_authmode( &ssl, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
- if( ( ret = mbedtls_ssl_set_transport( &ssl, opt.transport ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! selected transport is not available\n" );
- goto exit;
- }
-
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */