Move things to conf substructure

A simple series of sed invocations.

This is the first step, purely internal changes. The conf substructure is not
ready to be shared between contexts yet.
parent 6df3196e
......@@ -868,11 +868,13 @@ typedef struct
* Numerical settings (int then char)
*/
uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read (ms) */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
uint32_t hs_timeout_min; /*!< initial value of the handshake
retransmission timeout */
retransmission timeout (ms) */
uint32_t hs_timeout_max; /*!< maximum value of the handshake
retransmission timeout */
retransmission timeout (ms) */
#endif
#if defined(MBEDTLS_SSL_RENEGOTIATION)
......@@ -934,11 +936,12 @@ mbedtls_ssl_config;
struct mbedtls_ssl_context
{
mbedtls_ssl_config *conf; /*!< configuration information */
/*
* Miscellaneous
*/
int state; /*!< SSL handshake: current state */
int transport; /*!< Transport: stream or datagram */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int renego_status; /*!< Initial, in progress, pending? */
int renego_records_seen; /*!< Records since renego request, or with DTLS,
......@@ -949,60 +952,24 @@ struct mbedtls_ssl_context
int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */
int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */
int max_major_ver; /*!< max. major version used */
int max_minor_ver; /*!< max. minor version used */
int min_major_ver; /*!< min. major version used */
int min_minor_ver; /*!< min. minor version used */
uint32_t read_timeout; /*!< timeout for mbedtls_ssl_read in milliseconds */
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
unsigned badmac_limit; /*!< limit of records with a bad MAC */
unsigned badmac_seen; /*!< records with a bad MAC received */
#endif
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
char fallback; /*!< flag for fallback connections */
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
char encrypt_then_mac; /*!< flag for encrypt-then-mac */
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
char extended_ms; /*!< flag for extended master secret */
#endif
char arc4_disabled; /*!< flag for disabling RC4 */
/*
* Callbacks (RNG, debug, I/O, verification)
* Callbacks
*/
int (*f_rng)(void *, unsigned char *, size_t);
void (*f_dbg)(void *, int, const char *);
void *p_rng; /*!< context for the RNG function */
int (*f_send)(void *, const unsigned char *, size_t);
int (*f_recv)(void *, unsigned char *, size_t);
int (*f_recv_timeout)(void *, unsigned char *, size_t, uint32_t);
int (*f_get_cache)(void *, mbedtls_ssl_session *);
int (*f_set_cache)(void *, const mbedtls_ssl_session *);
void *p_rng; /*!< context for the RNG function */
void *p_dbg; /*!< context for the debug function */
void *p_bio; /*!< context for I/O operations */
void *p_get_cache; /*!< context for cache retrieval */
void *p_set_cache; /*!< context for cache store */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
void *p_sni; /*!< context for SNI extension */
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *);
void *p_vrfy; /*!< context for verification */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
void *p_psk; /*!< context for PSK retrieval */
#endif
/*
* Session layer
......@@ -1029,10 +996,6 @@ struct mbedtls_ssl_context
#if defined(MBEDTLS_SSL_PROTO_DTLS)
struct mbedtls_timing_hr_time time_info; /*!< timer context */
unsigned long time_limit; /*!< limit for the running timer */
uint32_t hs_timeout_min; /*!< initial value of the handshake
retransmission timeout */
uint32_t hs_timeout_max; /*!< maximum value of the handshake
retransmission timeout */
#endif
/*
......@@ -1059,7 +1022,6 @@ struct mbedtls_ssl_context
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
uint64_t in_window_top; /*!< last validated record seq_num */
uint64_t in_window; /*!< bitmask for replay detection */
char anti_replay; /*!< is anti-replay on? */
#endif
size_t in_hslen; /*!< current handshake message length,
......@@ -1084,9 +1046,6 @@ struct mbedtls_ssl_context
#if defined(MBEDTLS_ZLIB_SUPPORT)
unsigned char *compress_buf; /*!< zlib data buffer */
#endif
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
unsigned char mfl_code; /*!< MaxFragmentLength chosen by us */
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
signed char split_done; /*!< flag for record splitting:
-1 disabled, 0 todo, 1 done */
......@@ -1096,10 +1055,6 @@ struct mbedtls_ssl_context
* PKI layer
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_ssl_key_cert *key_cert; /*!< own certificate(s)/key(s) */
mbedtls_x509_crt *ca_chain; /*!< own trusted CA chain */
mbedtls_x509_crl *ca_crl; /*!< trusted CA CRLs */
const char *peer_cn; /*!< expected peer CN */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
......@@ -1110,48 +1065,12 @@ struct mbedtls_ssl_context
mbedtls_ssl_ticket_keys *ticket_keys; /*!< keys for ticket encryption */
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
/*
* User settings
*/
int endpoint; /*!< 0: client, 1: server */
int authmode; /*!< verification mode */
int client_auth; /*!< flag for client auth. */
int verify_result; /*!< verification result */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
int disable_renegotiation; /*!< enable/disable renegotiation */
int renego_max_records; /*!< grace period for renegotiation */
unsigned char renego_period[8]; /*!< value of the record counters
that triggers renegotiation */
#endif
/* needed for option break handshake with insecure peers */
int allow_legacy_renegotiation; /*!< allow legacy renegotiation */
const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */
#if defined(MBEDTLS_SSL_SET_CURVES)
const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */
#endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
int trunc_hmac; /*!< negotiate truncated hmac? */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
int session_tickets; /*!< use session tickets? */
int ticket_lifetime; /*!< session ticket lifetime */
#endif
#if defined(MBEDTLS_DHM_C)
mbedtls_mpi dhm_P; /*!< prime modulus for DHM */
mbedtls_mpi dhm_G; /*!< generator for DHM */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/*
* PSK values
* User settings
*/
unsigned char *psk;
size_t psk_len;
unsigned char *psk_identity;
size_t psk_identity_len;
#endif
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
/*
* SNI extension
......@@ -1161,10 +1080,6 @@ struct mbedtls_ssl_context
#endif
#if defined(MBEDTLS_SSL_ALPN)
/*
* ALPN extension
*/
const char **alpn_list; /*!< ordered list of supported protocols */
const char *alpn_chosen; /*!< negotiated protocol */
#endif
......@@ -1174,11 +1089,6 @@ struct mbedtls_ssl_context
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
unsigned char *cli_id; /*!< transport-level ID of the client */
size_t cli_id_len; /*!< length of cli_id */
int (*f_cookie_write)( void *, unsigned char **, unsigned char *,
const unsigned char *, size_t );
int (*f_cookie_check)( void *, const unsigned char *, size_t,
const unsigned char *, size_t );
void *p_cookie; /*!< context for the cookie callbacks */
#endif
/*
......@@ -2446,7 +2356,7 @@ void mbedtls_ssl_read_version( int *major, int *minor, int transport,
static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
return( 13 );
#else
((void) ssl);
......@@ -2457,7 +2367,7 @@ static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
return( 12 );
#else
((void) ssl);
......
......@@ -83,18 +83,18 @@ void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
char str[512];
int maxlen = sizeof( str ) - 1;
if( ssl->f_dbg == NULL || level > debug_threshold )
if( ssl->conf->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == MBEDTLS_DEBUG_LOG_RAW )
{
ssl->f_dbg( ssl->p_dbg, level, text );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, text );
return;
}
mbedtls_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
}
void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
......@@ -105,7 +105,7 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
int maxlen = sizeof( str ) - 1;
size_t idx = 0;
if( ssl->f_dbg == NULL || level > debug_threshold )
if( ssl->conf->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
......@@ -115,7 +115,7 @@ void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
text, ret, -ret );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
}
void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
......@@ -126,7 +126,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
char txt[17];
size_t i, maxlen = sizeof( str ) - 1, idx = 0;
if( ssl->f_dbg == NULL || level > debug_threshold )
if( ssl->conf->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
......@@ -136,7 +136,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
text, (unsigned int) len );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
idx = 0;
memset( txt, 0, sizeof( txt ) );
......@@ -150,7 +150,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
if( i > 0 )
{
mbedtls_snprintf( str + idx, maxlen - idx, " %s\n", txt );
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
idx = 0;
memset( txt, 0, sizeof( txt ) );
......@@ -175,7 +175,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
idx += mbedtls_snprintf( str + idx, maxlen - idx, " " );
mbedtls_snprintf( str + idx, maxlen - idx, " %s\n", txt );
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
}
}
......@@ -187,7 +187,7 @@ void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
char str[512];
int maxlen = sizeof( str ) - 1;
if( ssl->f_dbg == NULL || level > debug_threshold )
if( ssl->conf->f_dbg == NULL || level > debug_threshold )
return;
mbedtls_snprintf( str, maxlen, "%s(X)", text );
......@@ -209,7 +209,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
int j, k, maxlen = sizeof( str ) - 1, zeros = 1;
size_t i, n, idx = 0;
if( ssl->f_dbg == NULL || X == NULL || level > debug_threshold )
if( ssl->conf->f_dbg == NULL || X == NULL || level > debug_threshold )
return;
for( n = X->n - 1; n > 0; n-- )
......@@ -227,7 +227,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
idx = 0;
for( i = n + 1, j = 0; i > 0; i-- )
......@@ -247,7 +247,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
if( j > 0 )
{
mbedtls_snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
idx = 0;
}
......@@ -274,7 +274,7 @@ void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
}
mbedtls_snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
}
#endif /* MBEDTLS_BIGNUM_C */
......@@ -322,7 +322,7 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
char str[1024], prefix[64];
int i = 0, maxlen = sizeof( prefix ) - 1, idx = 0;
if( ssl->f_dbg == NULL || crt == NULL || level > debug_threshold )
if( ssl->conf->f_dbg == NULL || crt == NULL || level > debug_threshold )
return;
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
......@@ -347,7 +347,7 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
text, ++i, buf );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
ssl->conf->f_dbg( ssl->conf->p_dbg, level, str );
debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment