TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e965bd397e2299280184228109fc57847b68b104^! / . / include / mbedtls / ssl_internal.h
commite965bd397e2299280184228109fc57847b68b104[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Wed Jun 12 14:04:34 2019 +0100
committerHanno Becker <hanno.becker@arm.com>Fri Jul 12 15:14:51 2019 +0100
treef53e8f6e35f710dac45110de9865d41eb6a2f487
parentfabfb8578a071254ed2e3751fec937a91c17f731 [diff] [blame]
Allow hardcoding of min/max minor/major SSL version at compile-time

This commit introduces the numeric compile-time constants

- MBEDTLS_SSL_CONF_MIN_MINOR_VER
- MBEDTLS_SSL_CONF_MAX_MINOR_VER
- MBEDTLS_SSL_CONF_MIN_MAJOR_VER
- MBEDTLS_SSL_CONF_MAX_MAJOR_VER

which, when defined, overwrite the runtime configurable fields
mbedtls_ssl_config::min_major_ver etc. in the SSL configuration.

As for the preceding case of the ExtendedMasterSecret configuration,
it also introduces and puts to use getter functions for these variables
which evaluate to either a field access or the macro value, maintaining
readability of the code.

The runtime configuration API mbedtls_ssl_conf_{min|max}_version()
is kept for now but has no effect if MBEDTLS_SSL_CONF_XXX are set.
This is likely to be changed in a later commit but deliberately omitted
for now, in order to be able to study code-size benefits earlier in the
process.

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 8a51577..d2299ea 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -1423,6 +1423,50 @@
 }
 #endif /* MBEDTLS_SSL_CONF_RNG */
 
+static inline int mbedtls_ssl_conf_get_max_major_ver(
+    mbedtls_ssl_config const *conf )
+{
+#if !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER)
+    return( conf->max_major_ver );
+#else
+    ((void) conf);
+    return( MBEDTLS_SSL_CONF_MAX_MAJOR_VER );
+#endif /* MBEDTLS_SSL_CONF_MAX_MAJOR_VER */
+}
+
+static inline int mbedtls_ssl_conf_get_min_major_ver(
+    mbedtls_ssl_config const *conf )
+{
+#if !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER)
+    return( conf->min_major_ver );
+#else /* !MBEDTLS_SSL_CONF_MIN_MAJOR_VER */
+    ((void) conf);
+    return( MBEDTLS_SSL_CONF_MIN_MAJOR_VER );
+#endif /* MBEDTLS_SSL_CONF_MIN_MAJOR_VER */
+}
+
+static inline int mbedtls_ssl_conf_get_max_minor_ver(
+    mbedtls_ssl_config const *conf )
+{
+#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER)
+    return( conf->max_minor_ver );
+#else /* !MBEDTLS_SSL_CONF_MAX_MINOR_VER */
+    ((void) conf);
+    return( MBEDTLS_SSL_CONF_MAX_MINOR_VER );
+#endif /* MBEDTLS_SSL_CONF_MAX_MINOR_VER */
+}
+
+static inline int mbedtls_ssl_conf_get_min_minor_ver(
+    mbedtls_ssl_config const *conf )
+{
+#if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER)
+    return( conf->min_minor_ver );
+#else /* !MBEDTLS_SSL_CONF_MIN_MINOR_VER */
+    ((void) conf);
+    return( MBEDTLS_SSL_CONF_MIN_MINOR_VER );
+#endif /* MBEDTLS_SSL_CONF_MIN_MINOR_VER */
+}
+
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
 static inline unsigned int mbedtls_ssl_conf_get_ems(
     mbedtls_ssl_config const *conf )