commit cac90a15edff69afca15837d3187a4bf655d37be
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Jun 04 11:42:30 2021 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Fri Jun 04 12:29:33 2021 +0200
tree 8fafe70745dc88595a2c57fccf87c2a0ffdca350
parent d60b6c62d57563b04caa1ee0470fb0d1354302d5

Hide constants for TLS 1.0 and TLS 1.1

ssl_server2 had a check that we never try to use a minor version lower
than 2 with DTLS, but that check is no longer needed, as there's no way
that would happen now that MBEDTLS_SSL_MINOR_VERSION_1 is no longer
public.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 73ffdef..e5ec131 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -65,6 +65,16 @@
 #define inline __inline
 #endif
 
+/* Legacy minor version numbers as defined by:
+ * - RFC 2246: ProtocolVersion version = { 3, 1 };     // TLS v1.0
+ * - RFC 4346: ProtocolVersion version = { 3, 2 };     // TLS v1.1
+ *
+ * We no longer support these versions, but some code still references those
+ * constants, for keep them for now until we clean up that code.
+ */
+#define MBEDTLS_SSL_MINOR_VERSION_1             1
+#define MBEDTLS_SSL_MINOR_VERSION_2             2
+
 /* Determine minimum supported version */
 #define MBEDTLS_SSL_MIN_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3