commit bdb4f58cea56c5389b6747be695323dfc9f801f8
author Ronald Cron <ronald.cron@arm.com> Thu Mar 31 15:37:44 2022 +0200
committer Ronald Cron <ronald.cron@arm.com> Thu Mar 31 18:24:59 2022 +0200
tree f56ab84b5c5661af44948e5bd416c144d5bb19fa
parent 82c785fac31dd34779bb0e9cc043b6490dcab020

Add and update documentation of some minor version fields

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index a16c8e6..c51a6c6 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1118,10 +1118,11 @@
 
     unsigned char MBEDTLS_PRIVATE(exported);
 
-    /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver.
-     * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs
-     * to be studied whether one of them can be removed. */
-    unsigned char MBEDTLS_PRIVATE(minor_ver);    /*!< The TLS version used in the session. */
+    /*!< Minor version negotiated in the session. Used if and when
+     *   renegotiating or resuming a session instead of the configured minor
+     *   version.
+     */
+    unsigned char MBEDTLS_PRIVATE(minor_ver);
 
 #if defined(MBEDTLS_HAVE_TIME)
     mbedtls_time_t MBEDTLS_PRIVATE(start);       /*!< starting time      */
@@ -1495,12 +1496,25 @@
                                   renego_max_records is < 0           */
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
-    int MBEDTLS_PRIVATE(major_ver);              /*!< equal to  MBEDTLS_SSL_MAJOR_VERSION_3    */
+    /*!< Equal to MBEDTLS_SSL_MAJOR_VERSION_3 */
+    int MBEDTLS_PRIVATE(major_ver);
 
-    /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver.
-     * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs
-     * to be studied whether one of them can be removed. */
-    int MBEDTLS_PRIVATE(minor_ver);              /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */
+    /*!< Server: Negotiated minor version.
+     *   Client: Maximum minor version to be negotiated, then negotiated minor
+     *           version.
+     *
+     *   It is initialized as the maximum minor version to be negotiated in the
+     *   ClientHello writing preparation stage and used throughout the
+     *   ClientHello writing. For a fresh handshake not linked to any previous
+     *   handshake, it is initialized to the configured maximum minor version
+     *   to be negotiated. When renegotiating or resuming a session, it is
+     *   initialized to the previously negotiated minor version.
+     *
+     *   Updated to the negotiated minor version as soon as the ServerHello is
+     *   received.
+     */
+    int MBEDTLS_PRIVATE(minor_ver);
+
     unsigned MBEDTLS_PRIVATE(badmac_seen);       /*!< records with a bad MAC received    */
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)