Change a few ssl_conf return types to void
diff --git a/ChangeLog b/ChangeLog
index 90654ab..1fed051 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -29,9 +29,10 @@
changed from ssl_context to ssl_config.
* mbedtls_ssl_conf_ca_chain() lost its last argument (peer_cn), now set
using mbedtls_ssl_set_hostname().
- * mbedtls_ssl_set_session_cached() changed prototype (only one context
+ * mbedtls_ssl_conf_session_cache() changed prototype (only one context
pointer, parameters reordered).
- * mbedtls_memory_bufer_alloc_init() now returns void
+ * mbedtls_ssl_conf_truncated_hmac() now returns void.
+ * mbedtls_memory_bufer_alloc_init() now returns void.
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
return void.
* ecdsa_write_signature() gained an addtional md_alg argument and
@@ -96,9 +97,13 @@
* The NET layer now unconditionnaly relies on getaddrinfo().
* Compiler is required to support C99 types such as long long and uint32_t.
-Changes from the 1.4 preview branch
+API changes from the 1.4 preview branch
* ssl_set_bio_timeout() was removed, split into mbedtls_ssl_set_bio() with
new prototype, and mbedtls_ssl_set_read_timeout().
+ * The following functions now return void:
+ mbedtls_ssl_conf_transport()
+ mbedtls_ssl_conf_max_version()
+ mbedtls_ssl_conf_min_version()
Changes
* mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 742e9e4..b5e6a8c 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1185,17 +1185,16 @@
* \brief Set the transport type (TLS or DTLS).
* Default: TLS
*
+ * \note For DTLS, you must either provide a recv callback that
+ * doesn't block, or one that handles timeouts, see
+ * mbedtls_ssl_conf_bio()
+ *
* \param conf SSL configuration
* \param transport transport type:
* MBEDTLS_SSL_TRANSPORT_STREAM for TLS,
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS.
- * \return 0 on success or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
- *
- * \note For DTLS, you must either provide a recv callback that
- * doesn't block, or one that handles timeouts, see
- * mbedtls_ssl_conf_bio()
*/
-int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
+void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
/**
* \brief Set the certificate verification mode
@@ -1799,19 +1798,18 @@
* and/or accepted at the server side
* (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION)
*
- * Note: This ignores ciphersuites from 'higher' versions.
+ * \note This ignores ciphersuites from higher versions.
+ *
+ * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
+ * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*
* \param conf SSL configuration
* \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
* \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0,
* MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
* MBEDTLS_SSL_MINOR_VERSION_3 supported)
- * \return 0 on success or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
- *
- * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
- * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
-int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
+void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
/**
* \brief Set the minimum accepted SSL/TLS protocol version
@@ -1822,17 +1820,16 @@
*
* \note MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided.
*
+ * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
+ * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
+ *
* \param conf SSL configuration
* \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
* \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0,
* MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
* MBEDTLS_SSL_MINOR_VERSION_3 supported)
- * \return 0 on success or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
- *
- * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
- * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
-int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
+void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
/**
@@ -1929,10 +1926,8 @@
* \param conf SSL configuration
* \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or
* MBEDTLS_SSL_TRUNC_HMAC_DISABLED)
- *
- * \return Always 0.
*/
-int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
+void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b098e0d..8263573 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5185,11 +5185,9 @@
conf->endpoint = endpoint;
}
-int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
+void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
{
conf->transport = transport;
-
- return( 0 );
}
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
@@ -5564,50 +5562,16 @@
}
#endif /* MBEDTLS_SSL_ALPN */
-static int ssl_check_version( const mbedtls_ssl_config *conf,
- int major, int minor )
+void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
{
- if( major < MBEDTLS_SSL_MIN_MAJOR_VERSION ||
- major > MBEDTLS_SSL_MAX_MAJOR_VERSION ||
- minor < MBEDTLS_SSL_MIN_MINOR_VERSION ||
- minor > MBEDTLS_SSL_MAX_MINOR_VERSION )
- {
- return( -1 );
- }
-
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
- if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
- minor < MBEDTLS_SSL_MINOR_VERSION_2 )
- {
- return( -1 );
- }
-#else
- ((void) ssl);
-#endif
-
- return( 0 );
-}
-
-int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
-{
- if( ssl_check_version( conf, major, minor ) != 0 )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
conf->max_major_ver = major;
conf->max_minor_ver = minor;
-
- return( 0 );
}
-int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
+void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
{
- if( ssl_check_version( conf, major, minor ) != 0 )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
conf->min_major_ver = major;
conf->min_minor_ver = minor;
-
- return( 0 );
}
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
@@ -5652,11 +5616,9 @@
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
+void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
{
conf->trunc_hmac = truncate;
-
- return( 0 );
}
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 6620d4e..8d04b9a 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1183,24 +1183,10 @@
#endif
if( opt.min_version != DFL_MIN_VERSION )
- {
- ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! selected min_version is not available\n" );
- goto exit;
- }
- }
+ mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( opt.max_version != DFL_MAX_VERSION )
- {
- ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! selected max_version is not available\n" );
- goto exit;
- }
- }
+ mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
if( opt.fallback != DFL_FALLBACK )
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 81b92a6..b9e2c09 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1735,24 +1735,10 @@
#endif
if( opt.min_version != DFL_MIN_VERSION )
- {
- ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! selected min_version is not available\n" );
- goto exit;
- }
- }
+ mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( opt.max_version != DFL_MIN_VERSION )
- {
- ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
- if( ret != 0 )
- {
- mbedtls_printf( " failed\n ! selected max_version is not available\n" );
- goto exit;
- }
- }
+ mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
mbedtls_printf( " ok\n" );