Allow to configure the stack's behaviour on unexpected CIDs This commit modifies the CID configuration API mbedtls_ssl_conf_cid_len() to allow the configuration of the stack's behaviour when receiving an encrypted DTLS record with unexpected CID.

commit: 8367ccc03bfdc86320324dfdc87ccb518d536282 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue May 14 11:30:10 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon Jun 03 16:07:50 2019 +0100
tree: e0b46a2c6fc7c43f12ef64418e2a74761752cbe1
parent: c37c96a3c513c75bb7f599668088c5c164e88483 [diff] [blame]
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index cc74c83..1721dae 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c

@@ -2727,9 +2727,11 @@
         }
 
         if( opt.cid_enabled == 1 )
-            ret = mbedtls_ssl_conf_cid_len( &conf, cid_len );
+            ret = mbedtls_ssl_conf_cid( &conf, cid_len,
+                                        MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
         else
-            ret = mbedtls_ssl_conf_cid_len( &conf, cid_renego_len );
+            ret = mbedtls_ssl_conf_cid( &conf, cid_renego_len,
+                                        MBEDTLS_SSL_UNEXPECTED_CID_IGNORE );
 
         if( ret != 0 )
         {
commit	8367ccc03bfdc86320324dfdc87ccb518d536282	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue May 14 11:30:10 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon Jun 03 16:07:50 2019 +0100
tree	e0b46a2c6fc7c43f12ef64418e2a74761752cbe1
parent	c37c96a3c513c75bb7f599668088c5c164e88483 [diff] [blame]