Rename some "new_session_tickets" symbols
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/ChangeLog.d/disable-new-session-tickets.txt b/ChangeLog.d/disable-new-session-tickets.txt
index 1fd112f..bb13b4b 100644
--- a/ChangeLog.d/disable-new-session-tickets.txt
+++ b/ChangeLog.d/disable-new-session-tickets.txt
@@ -1,8 +1,9 @@
Bugfix
* Fix TLS connection failure in applications using an Mbed TLS client in
the default configuration connecting to a TLS 1.3 server sending tickets.
- See the documentation of mbedtls_ssl_conf_enable_new_session_tickets()
- for more information.
+ See the documentation of
+ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets() for more
+ information.
Fixes #8749.
Changes
@@ -10,4 +11,4 @@
disabled at runtime. Applications that were using TLS 1.3 tickets
signalled by MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET return values now
need to enable the handling of TLS 1.3 tickets through the new
- mbedtls_ssl_conf_enable_new_session_tickets() API.
+ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets() API.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8ba7ef8..afd4129 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -321,8 +321,8 @@
#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0
#define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1
-#define MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED 0
-#define MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED 1
+#define MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_DISABLED 0
+#define MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED 1
#define MBEDTLS_SSL_PRESET_DEFAULT 0
#define MBEDTLS_SSL_PRESET_SUITEB 2
@@ -4508,12 +4508,12 @@
* fatal error code are then failing.
*
* \param conf SSL configuration
- * \param use_new_session_tickets Enable or disable
- * (MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED or
- * MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED)
+ * \param signal_new_session_tickets Enable or disable
+ * (MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED or
+ * MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_DISABLED)
*/
-void mbedtls_ssl_conf_enable_new_session_tickets(mbedtls_ssl_config *conf,
- int use_new_session_tickets);
+void mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(
+ mbedtls_ssl_config *conf, int signal_new_session_tickets);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
@@ -5093,8 +5093,8 @@
* This error code can be returned only on client side if and
* only if handling of TLS 1.3 NewSessionTicket messages has
* been enabled through the
- * mbedtls_ssl_conf_enable_new_session_tickets() API. A TLS 1.3
- * NewSessionTicket message has been received and parsed
+ * mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets() API.
+ * A TLS 1.3 NewSessionTicket message has been received and parsed
* successfully by the client. Ticket data is available in the
* SSL context and remain available as long as the client will
* not receive a new NewSessionTicket message. Ticket data may
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 10cb684..1e4c42c 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2955,12 +2955,12 @@
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-static inline int mbedtls_ssl_conf_is_new_session_tickets_enabled(
+static inline int mbedtls_ssl_conf_is_signal_new_session_tickets_enabled(
const mbedtls_ssl_config *conf)
{
return conf->session_tickets & MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_MASK ?
- MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED :
- MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED;
+ MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED :
+ MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_DISABLED;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index f7c12a8..ef722d7 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5595,8 +5595,8 @@
if (ssl_tls13_is_new_session_ticket(ssl)) {
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
MBEDTLS_SSL_DEBUG_MSG(3, ("NewSessionTicket received"));
- if (mbedtls_ssl_conf_is_new_session_tickets_enabled(ssl->conf) ==
- MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED) {
+ if (mbedtls_ssl_conf_is_signal_new_session_tickets_enabled(ssl->conf) ==
+ MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED) {
ssl->keep_current_message = 1;
mbedtls_ssl_handshake_set_state(ssl,
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index fe1a1ef..07eee6b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3018,11 +3018,11 @@
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-void mbedtls_ssl_conf_enable_new_session_tickets(mbedtls_ssl_config *conf,
- int use_new_session_tickets)
+void mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(
+ mbedtls_ssl_config *conf, int signal_new_session_tickets)
{
conf->session_tickets &= ~MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_MASK;
- conf->session_tickets |= (use_new_session_tickets != 0) <<
+ conf->session_tickets |= (signal_new_session_tickets != 0) <<
MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_BIT;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
@@ -5893,7 +5893,8 @@
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_conf_session_tickets(conf, MBEDTLS_SSL_SESSION_TICKETS_ENABLED);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
- mbedtls_ssl_conf_enable_new_session_tickets(conf, MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED);
+ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(
+ conf, MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_DISABLED);
#endif
#endif
}
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 7029e26..7a48ab8 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -82,7 +82,7 @@
#define DFL_CID_VALUE_RENEGO NULL
#define DFL_RECONNECT_HARD 0
#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED
-#define DFL_NEW_SESSION_TICKETS MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED
+#define DFL_NEW_SESSION_TICKETS MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED
#define DFL_ALPN_STRING NULL
#define DFL_GROUPS NULL
#define DFL_SIG_ALGS NULL
@@ -1946,7 +1946,8 @@
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_conf_session_tickets(&conf, opt.tickets);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
- mbedtls_ssl_conf_enable_new_session_tickets(&conf, opt.new_session_tickets);
+ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(
+ &conf, opt.new_session_tickets);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c
index b0fe2bd..3cb6175 100644
--- a/tests/src/test_helpers/ssl_helpers.c
+++ b/tests/src/test_helpers/ssl_helpers.c
@@ -2543,8 +2543,8 @@
server_options, NULL, NULL, NULL);
TEST_EQUAL(ret, 0);
- mbedtls_ssl_conf_enable_new_session_tickets(
- &client_ep.conf, MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED);
+ mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(
+ &client_ep.conf, MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED);
mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf,
mbedtls_test_ticket_write,