Implement writing of CID extension in ServerHello
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 2845da8..1f5a75f 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2182,6 +2182,54 @@
}
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ size_t *olen )
+{
+ unsigned char *p = buf;
+ size_t ext_len;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+ *olen = 0;
+
+ /* Skip writing the extension if we don't want to use it or if
+ * the client hasn't offered it. */
+ if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED )
+ return;
+
+ /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX
+ * which is at most 255, so the increment cannot overflow. */
+ if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+ return;
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding CID extension" ) );
+
+ /*
+ * Quoting
+ * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04:
+ *
+ * struct {
+ * opaque cid<0..2^8-1>;
+ * } ConnectionId;
+ */
+
+ *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF );
+ ext_len = (size_t) ssl->own_cid_len + 1;
+ *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( ext_len ) & 0xFF );
+
+ *p++ = (uint8_t) ssl->own_cid_len;
+ memcpy( p, ssl->own_cid, ssl->own_cid_len );
+
+ *olen = ssl->own_cid_len + 5;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
@@ -2703,6 +2751,11 @@
ext_len += olen;
#endif
+#if defined(MBEDTLS_SSL_CID)
+ ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
+#endif
+
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;