commit 60bfe60d0f1dedb0cc0ea3bc4a64719a16b1f31e
author Glenn Strauss <gstrauss@gluelogic.com> Mon Mar 14 19:04:24 2022 -0400
committer Glenn Strauss <gstrauss@gluelogic.com> Thu Apr 14 15:40:12 2022 -0400
tree 74d712ccb611752e9e5cf28de2497f8b7389fe8e
parent 2dfcea2b9dd58ffd68fac4d024c52d2968779d6e

mbedtls_ssl_ciphersuite_t min_tls_version,max_tls_version

Store the TLS version in tls_version instead of major, minor version num

Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.

Reduce size of mbedtls_ssl_ciphersuite_t

members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8c65061..65e5eef 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1129,7 +1129,7 @@
     /*!< TLS version negotiated in the session. Used if and when renegotiating
      *   or resuming a session instead of the configured minor TLS version.
      */
-    unsigned char MBEDTLS_PRIVATE(tls_version);
+    uint16_t MBEDTLS_PRIVATE(tls_version);
 
 #if defined(MBEDTLS_HAVE_TIME)
     mbedtls_time_t MBEDTLS_PRIVATE(start);       /*!< starting time      */
@@ -1493,24 +1493,23 @@
                                   renego_max_records is < 0           */
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
 
-    /*!< Equal to MBEDTLS_SSL_MAJOR_VERSION_3 */
-    int MBEDTLS_PRIVATE(major_ver);
+    int MBEDTLS_PRIVATE(major_ver_OBSOLETE);     /*!< (should no longer be used)                */
 
-    /*!< Server: Negotiated minor version.
-     *   Client: Maximum minor version to be negotiated, then negotiated minor
+    /*!< Server: Negotiated TLS protocol version.
+     *   Client: Maximum TLS version to be negotiated, then negotiated TLS
      *           version.
      *
-     *   It is initialized as the maximum minor version to be negotiated in the
+     *   It is initialized as the maximum TLS version to be negotiated in the
      *   ClientHello writing preparation stage and used throughout the
      *   ClientHello writing. For a fresh handshake not linked to any previous
-     *   handshake, it is initialized to the configured maximum minor version
+     *   handshake, it is initialized to the configured maximum TLS version
      *   to be negotiated. When renegotiating or resuming a session, it is
-     *   initialized to the previously negotiated minor version.
+     *   initialized to the previously negotiated TLS version.
      *
-     *   Updated to the negotiated minor version as soon as the ServerHello is
+     *   Updated to the negotiated TLS version as soon as the ServerHello is
      *   received.
      */
-    int MBEDTLS_PRIVATE(minor_ver);
+    mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version);
 
     unsigned MBEDTLS_PRIVATE(badmac_seen);       /*!< records with a bad MAC received    */
 
@@ -4243,8 +4242,11 @@
  * \param ssl      The SSL context to query.
  * \return         The negotiated protocol version.
  */
-mbedtls_ssl_protocol_version mbedtls_ssl_get_version_number(
-    const mbedtls_ssl_context *ssl );
+static inline mbedtls_ssl_protocol_version mbedtls_ssl_get_version_number(
+    const mbedtls_ssl_context *ssl )
+{
+    return ssl->MBEDTLS_PRIVATE(tls_version);
+}
 
 /**
  * \brief          Return the current TLS version