commit ca092246a729b65aec62c764fa6a5865c7abbd32
author Hanno Becker <hanno.becker@arm.com> Thu Apr 25 16:01:49 2019 +0100
committer Hanno Becker <hanno.becker@arm.com> Mon Jun 03 14:43:16 2019 +0100
tree aeab1c9d2a316fbe9a6ad898eff53d5f16912741
parent 2f28c1031f8d74c5c760534952c022fb463216dc

Allow configuring own CID fields through mbedtls_ssl_get_peer_cid()

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5046475..aabe8c5 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -121,18 +121,33 @@
 #if defined(MBEDTLS_SSL_CID)
 /* Top-level Connection ID API */
 
-/* WARNING: This implementation is a stub and doesn't do anything!
- *          It is included solely to allow review and coding against
- *          the new Connection CID API. */
+/* WARNING: The CID feature isn't fully implemented yet
+ *          and will not be used. */
 int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
                          int enable,
                          unsigned char const *own_cid,
                          size_t own_cid_len )
 {
-    ((void) ssl);
-    ((void) enable);
-    ((void) own_cid);
-    ((void) own_cid_len);
+    ssl->negotiate_cid = enable;
+    if( enable == MBEDTLS_SSL_CID_DISABLED )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Disable use of CID extension." ) );
+        return( 0 );
+    }
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "Enable use of CID extension." ) );
+
+    if( own_cid_len > MBEDTLS_SSL_CID_IN_LEN_MAX )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "CID too large: Maximum %u, actual %u",
+                                    (unsigned) MBEDTLS_SSL_CID_IN_LEN_MAX,
+                                    (unsigned) own_cid_len ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    memcpy( ssl->own_cid, own_cid, own_cid_len );
+    ssl->own_cid_len = own_cid_len;
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "Own CID", own_cid, own_cid_len );
     return( 0 );
 }