Add basic flags for DTLS
diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h
index 328b881..9a64c10 100644
--- a/include/polarssl/check_config.h
+++ b/include/polarssl/check_config.h
@@ -222,6 +222,12 @@
#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif
+#if defined(POLARSSL_SSL_PROTO_DTLS) && ( \
+ !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
+ !defined(POLARSSL_SSL_PROTO_TLS1_2) )
+#error "POLARSSL_SSL_PROTO_DTLS defined, but not all prerequisites"
+#endif
+
#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
#endif
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 50b4e33..05bcd86 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -877,28 +877,43 @@
/**
* \def POLARSSL_SSL_PROTO_TLS1_1
*
- * Enable support for TLS 1.1.
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
*
* Requires: POLARSSL_MD5_C
* POLARSSL_SHA1_C
*
- * Comment this macro to disable support for TLS 1.1
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
*/
#define POLARSSL_SSL_PROTO_TLS1_1
/**
* \def POLARSSL_SSL_PROTO_TLS1_2
*
- * Enable support for TLS 1.2.
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
*
* Requires: POLARSSL_SHA1_C or POLARSSL_SHA256_C or POLARSSL_SHA512_C
* (Depends on ciphersuites)
*
- * Comment this macro to disable support for TLS 1.2
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
*/
#define POLARSSL_SSL_PROTO_TLS1_2
/**
+ * \def POLARSSL_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and POLARSSL_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and POLARSSL_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: POLARSSL_SSL_PROTO_TLS1_1
+ * or POLARSSL_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define POLARSSL_SSL_PROTO_DTLS
+
+/**
* \def POLARSSL_SSL_ALPN
*
* Enable support for Application Layer Protocol Negotiation.
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 194e944..6543d55 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -156,6 +156,9 @@
#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */
#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */
+#define SSL_TRANSPORT_STREAM 0 /*!< TLS */
+#define SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */
+
/* Determine minimum supported version */
#define SSL_MIN_MAJOR_VERSION SSL_MAJOR_VERSION_3
@@ -686,6 +689,7 @@
* Miscellaneous
*/
int state; /*!< SSL handshake: current state */
+ int transport; /*!< Transport: stream or datagram */
int renegotiation; /*!< Initial or renegotiation */
int renego_records_seen; /*!< Records since renego request */
@@ -948,6 +952,17 @@
void ssl_set_endpoint( ssl_context *ssl, int endpoint );
/**
+ * \brief Set the transport type (TLS or DTLS).
+ * Default: TLS
+ *
+ * \param ssl SSL context
+ * \param transport transport type:
+ * SSL_TRANSPORT_STREAM for TLS,
+ * SSL_TRANSPORT_DATAGRAM for DTLS.
+ */
+void ssl_set_transport( ssl_context *ssl, int transport );
+
+/**
* \brief Set the certificate verification mode
*
* \param ssl SSL context
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5f080de..0b8b0d0 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3597,6 +3597,11 @@
#endif
}
+void ssl_set_transport( ssl_context *ssl, int transport )
+{
+ ssl->transport = transport;
+}
+
void ssl_set_authmode( ssl_context *ssl, int authmode )
{
ssl->authmode = authmode;