Rename MBEDTLS_SSL_CID to MBEDTLS_SSL_DTLS_CONNECTION_ID
Files modified via
sed -i 's/MBEDTLS_SSL_CID\([^_]\|$\)/MBEDTLS_SSL_DTLS_CONNECTION_ID\1/g' **/*.c **/*.h **/*.sh **/*.function
diff --git a/configs/baremetal.h b/configs/baremetal.h
index 3d3225e..2fbc359 100644
--- a/configs/baremetal.h
+++ b/configs/baremetal.h
@@ -80,7 +80,7 @@
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
-#define MBEDTLS_SSL_CID
+#define MBEDTLS_SSL_DTLS_CONNECTION_ID
/* X.509 CRT parsing */
#define MBEDTLS_X509_USE_C
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 413713c..6895118 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -595,18 +595,18 @@
#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_SSL_CID) && \
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
-#error "MBEDTLS_SSL_CID defined, but not all prerequisites"
+#error "MBEDTLS_SSL_DTLS_CONNECTION_ID defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_SSL_CID) && \
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
defined(MBEDTLS_SSL_CID_IN_LEN_MAX) && \
MBEDTLS_SSL_CID_IN_LEN_MAX > 255
#error "MBEDTLS_SSL_CID_IN_LEN_MAX too large (max 255)"
#endif
-#if defined(MBEDTLS_SSL_CID) && \
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) && \
MBEDTLS_SSL_CID_OUT_LEN_MAX > 255
#error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index a7a17aa..b8ec64d 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1270,7 +1270,7 @@
#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
/**
- * \def MBEDTLS_SSL_CID
+ * \def MBEDTLS_SSL_DTLS_CONNECTION_ID
*
* Enable support for the DTLS Connection ID extension
* (version draft-ietf-tls-dtls-connection-id-05,
@@ -1295,7 +1295,7 @@
*
* Uncomment to enable the Connection ID extension.
*/
-#define MBEDTLS_SSL_CID
+#define MBEDTLS_SSL_DTLS_CONNECTION_ID
/**
* \def MBEDTLS_SSL_ASYNC_PRIVATE
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 2896f1d..ad434aa 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -917,9 +917,9 @@
void *p_export_keys; /*!< context for key export callback */
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
size_t cid_len; /*!< The length of CIDs for incoming DTLS records. */
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */
@@ -1045,11 +1045,11 @@
unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in
Certificate Request messages? */
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS
* record with unexpected CID
* should lead to failure. */
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
};
@@ -1117,10 +1117,10 @@
TLS: maintained by us
DTLS: read from peer */
unsigned char *in_hdr; /*!< start of record header */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char *in_cid; /*!< The start of the CID;
* (the end is marked by in_len). */
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
unsigned char *in_len; /*!< two-bytes message length field */
unsigned char *in_iv; /*!< ivlen-byte IV */
unsigned char *in_msg; /*!< message contents (in_iv+ivlen) */
@@ -1157,10 +1157,10 @@
unsigned char *out_buf; /*!< output buffer */
unsigned char *out_ctr; /*!< 64-bit outgoing message counter */
unsigned char *out_hdr; /*!< start of record header */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char *out_cid; /*!< The start of the CID;
* (the end is marked by in_len). */
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
unsigned char *out_len; /*!< two-bytes message length field */
unsigned char *out_iv; /*!< ivlen-byte IV */
unsigned char *out_msg; /*!< message contents (out_iv+ivlen) */
@@ -1219,7 +1219,7 @@
char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */
#endif /* MBEDTLS_SSL_RENEGOTIATION */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* CID configuration to use in subsequent handshakes. */
/*! The next incoming CID, chosen by the user and applying to
@@ -1232,7 +1232,7 @@
* be negotiated in the next handshake or not.
* Possible values are #MBEDTLS_SSL_CID_ENABLED
* and #MBEDTLS_SSL_CID_DISABLED. */
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
};
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
@@ -1454,7 +1454,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/**
@@ -1581,7 +1581,7 @@
unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],
size_t *peer_cid_len );
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/**
* \brief Set the Maximum Tranport Unit (MTU).
@@ -2157,7 +2157,7 @@
void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0
#define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1
/**
@@ -2193,7 +2193,7 @@
*/
int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len,
int ignore_other_cids );
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/**
* \brief Set the list of allowed ciphersuites and the
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 1561582..e9a80ed 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -166,7 +166,7 @@
#define MBEDTLS_SSL_PADDING_ADD 0
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_PADDING_GRANULARITY
#else
#define MBEDTLS_SSL_MAX_CID_EXPANSION 0
@@ -229,7 +229,7 @@
implicit sequence number. */
#define MBEDTLS_SSL_HEADER_LEN 13
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define MBEDTLS_SSL_IN_BUFFER_LEN \
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_IN_PAYLOAD_LEN ) )
#else
@@ -238,7 +238,7 @@
+ ( MBEDTLS_SSL_CID_IN_LEN_MAX ) )
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define MBEDTLS_SSL_OUT_BUFFER_LEN \
( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_OUT_PAYLOAD_LEN ) )
#else
@@ -362,7 +362,7 @@
unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter
for resending messages */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* The state of CID configuration in this handshake. */
uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
@@ -372,7 +372,7 @@
unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
uint8_t peer_cid_len; /*!< The length of
* \c peer_cid. */
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
struct
{
@@ -593,12 +593,12 @@
mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */
int minor_ver;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
uint8_t in_cid_len;
uint8_t out_cid_len;
unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/*
* Session specific compression layer
@@ -646,11 +646,10 @@
size_t data_offset; /* Offset of record content */
size_t data_len; /* Length of record content */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
uint8_t cid_len; /* Length of the CID (0 if not present) */
unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID */
-#endif /* MBEDTLS_SSL_CID */
-
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
} mbedtls_record;
#if defined(MBEDTLS_X509_CRT_PARSE_C)
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 4eedce8..b5f5231 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -433,7 +433,7 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
size_t *olen )
@@ -479,7 +479,7 @@
*olen = ssl->own_cid_len + 5;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
@@ -1082,10 +1082,10 @@
ext_len += olen;
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen );
@@ -1244,7 +1244,7 @@
}
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t len )
@@ -1298,7 +1298,7 @@
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
@@ -1951,7 +1951,7 @@
break;
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
case MBEDTLS_TLS_EXT_CID:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
@@ -1963,7 +1963,7 @@
}
break;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 08758f6..3b03cc1 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -433,7 +433,7 @@
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
size_t len )
@@ -503,7 +503,7 @@
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
@@ -1855,7 +1855,7 @@
break;
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
case MBEDTLS_TLS_EXT_CID:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
@@ -2142,7 +2142,7 @@
}
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
size_t *olen )
@@ -2188,7 +2188,7 @@
*olen = ssl->own_cid_len + 5;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
@@ -2711,7 +2711,7 @@
ext_len += olen;
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
#endif
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f295305..1df4072 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -108,7 +108,7 @@
#if defined(MBEDTLS_SSL_PROTO_DTLS)
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* Top-level Connection ID API */
int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf,
@@ -193,7 +193,7 @@
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/* Forward declarations for functions related to message buffering. */
static void ssl_buffering_free( mbedtls_ssl_context *ssl );
@@ -737,7 +737,7 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* Copy own and peer's CID if the use of the CID
* extension has been negotiated. */
if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED )
@@ -755,7 +755,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid,
transform->out_cid_len );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/*
* Set appropriate PRF function and other SSL / TLS / TLS1.2 functions
@@ -1562,7 +1562,7 @@
* Encryption/decryption functions
*/
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* This functions transforms a DTLS plaintext fragment and a record content
* type into an instance of the DTLSInnerPlaintext structure:
*
@@ -1637,7 +1637,7 @@
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/* `add_data` must have size 13 Bytes if the CID extension is disabled,
* and 13 + 1 + CID-length Bytes if the CID extension is enabled. */
@@ -1665,7 +1665,7 @@
add_data[8] = rec->type;
memcpy( add_data + 9, rec->ver, sizeof( rec->ver ) );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( rec->cid_len != 0 )
{
memcpy( add_data + 11, rec->cid, rec->cid_len );
@@ -1675,7 +1675,7 @@
*add_data_len = 13 + 1 + rec->cid_len;
}
else
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
{
add_data[11 + 0] = ( rec->data_len >> 8 ) & 0xFF;
add_data[11 + 1] = ( rec->data_len >> 0 ) & 0xFF;
@@ -1723,7 +1723,7 @@
|| rec->buf == NULL
|| rec->buf_len < rec->data_offset
|| rec->buf_len - rec->data_offset < rec->data_len
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|| rec->cid_len != 0
#endif
)
@@ -1747,7 +1747,7 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/*
* Add CID information
*/
@@ -1774,7 +1774,7 @@
rec->type = MBEDTLS_SSL_MSG_CID;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
post_avail = rec->buf_len - ( rec->data_len + rec->data_offset );
@@ -2148,7 +2148,7 @@
data = rec->buf + rec->data_offset;
mode = mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_dec );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/*
* Match record's CID with incoming CID.
*/
@@ -2157,7 +2157,7 @@
{
return( MBEDTLS_ERR_SSL_UNEXPECTED_CID );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
if( mode == MBEDTLS_MODE_STREAM )
@@ -2695,7 +2695,7 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( rec->cid_len != 0 )
{
ret = ssl_cid_parse_inner_plaintext( data, &rec->data_len,
@@ -2703,7 +2703,7 @@
if( ret != 0 )
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
@@ -3734,10 +3734,10 @@
ssl->conf->transport, rec.ver );
rec.type = ssl->out_msgtype;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* The CID is set by mbedtls_ssl_encrypt_buf(). */
rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if( ( ret = mbedtls_ssl_encrypt_buf( ssl, ssl->transform_out, &rec,
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
@@ -3754,9 +3754,9 @@
/* Update the record content type and CID. */
ssl->out_msgtype = rec.type;
-#if defined(MBEDTLS_SSL_CID )
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID )
memcpy( ssl->out_cid, rec.cid, rec.cid_len );
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_msglen = len = rec.data_len;
ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
ssl->out_len[1] = (unsigned char)( rec.data_len );
@@ -4431,7 +4431,7 @@
mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 );
/* Check record type */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ssl->in_msgtype == MBEDTLS_SSL_MSG_CID &&
ssl->conf->cid_len != 0 )
@@ -4454,7 +4454,7 @@
ssl->in_iv = ssl->in_msg = ssl->in_len + 2;
}
else
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if( ssl_check_record_type( ssl->in_msgtype ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
@@ -4661,10 +4661,10 @@
- ( ssl->in_iv - ssl->in_buf );
rec.data_len = ssl->in_msglen;
rec.data_offset = 0;
-#if defined(MBEDTLS_SSL_CID )
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID )
rec.cid_len = (uint8_t)( ssl->in_len - ssl->in_cid );
memcpy( rec.cid, ssl->in_cid, rec.cid_len );
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
memcpy( &rec.ctr[0], ssl->in_ctr, 8 );
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
@@ -4675,14 +4675,14 @@
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID &&
ssl->conf->ignore_unexpected_cid
== MBEDTLS_SSL_UNEXPECTED_CID_IGNORE )
{
ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
return( ret );
}
@@ -4709,7 +4709,7 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
ssl->in_msg, ssl->in_msglen );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* We have already checked the record content type
* in ssl_parse_record_header(), failing or silently
* dropping the record in the case of an unknown type.
@@ -4722,7 +4722,7 @@
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
{
@@ -7318,14 +7318,14 @@
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
ssl->out_ctr = ssl->out_hdr + 3;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->out_cid = ssl->out_ctr + 8;
ssl->out_len = ssl->out_cid;
if( transform != NULL )
ssl->out_len += transform->out_cid_len;
-#else /* MBEDTLS_SSL_CID */
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_len = ssl->out_ctr + 8;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->out_iv = ssl->out_len + 2;
}
else
@@ -7333,7 +7333,7 @@
{
ssl->out_ctr = ssl->out_hdr - 8;
ssl->out_len = ssl->out_hdr + 3;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->out_cid = ssl->out_len;
#endif
ssl->out_iv = ssl->out_hdr + 5;
@@ -7377,12 +7377,12 @@
* a CID, the fields are shifted accordingly in
* ssl_parse_record_header(). */
ssl->in_ctr = ssl->in_hdr + 3;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->in_cid = ssl->in_ctr + 8;
ssl->in_len = ssl->in_cid; /* Default: no CID */
-#else /* MBEDTLS_SSL_CID */
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->in_len = ssl->in_ctr + 8;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
ssl->in_iv = ssl->in_len + 2;
}
else
@@ -7390,7 +7390,7 @@
{
ssl->in_ctr = ssl->in_hdr - 8;
ssl->in_len = ssl->in_hdr + 3;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl->in_cid = ssl->in_len;
#endif
ssl->in_iv = ssl->in_hdr + 5;
@@ -8498,10 +8498,10 @@
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( transform->out_cid_len != 0 )
transform_expansion += MBEDTLS_SSL_MAX_CID_EXPANSION;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
return( (int)( out_hdr_len + transform_expansion ) );
}
diff --git a/library/version_features.c b/library/version_features.c
index 74a0a0e..9cdf6a9 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -435,9 +435,9 @@
#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
"MBEDTLS_SSL_ALL_ALERT_MESSAGES",
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
-#if defined(MBEDTLS_SSL_CID)
- "MBEDTLS_SSL_CID",
-#endif /* MBEDTLS_SSL_CID */
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ "MBEDTLS_SSL_DTLS_CONNECTION_ID",
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
"MBEDTLS_SSL_ASYNC_PRIVATE",
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
index 2423856..4f9e466 100644
--- a/programs/ssl/query_config.c
+++ b/programs/ssl/query_config.c
@@ -1202,13 +1202,13 @@
}
#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
-#if defined(MBEDTLS_SSL_CID)
- if( strcmp( "MBEDTLS_SSL_CID", config ) == 0 )
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 )
{
- MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID );
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID );
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 )
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 4827578..99f4689 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -141,7 +141,7 @@
#define USAGE_IO ""
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define USAGE_CID \
" cid=%%d Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
" default: 0 (disabled)\n" \
@@ -151,9 +151,9 @@
" default: \"\"\n" \
" cid_val_renego=%%s The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n" \
" default: same as cid_val\n"
-#else /* MBEDTLS_SSL_CID */
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#define USAGE_CID ""
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
#define USAGE_PSK \
@@ -600,7 +600,7 @@
return( 0 );
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl,
const char *additional_description )
{
@@ -648,7 +648,7 @@
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
int main( int argc, char *argv[] )
{
@@ -662,7 +662,7 @@
size_t psk_len = 0;
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
size_t cid_len = 0;
@@ -855,7 +855,7 @@
opt.crt_file = q;
else if( strcmp( p, "key_file" ) == 0 )
opt.key_file = q;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
else if( strcmp( p, "cid" ) == 0 )
{
opt.cid_enabled = atoi( q );
@@ -876,7 +876,7 @@
{
opt.cid_val_renego = q;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
else if( strcmp( p, "psk" ) == 0 )
opt.psk = q;
else if( strcmp( p, "psk_identity" ) == 0 )
@@ -1218,7 +1218,7 @@
}
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
cid_len = strlen( opt.cid_val ) / 2;
if( cid_len > sizeof( cid ) )
{
@@ -1251,7 +1251,7 @@
mbedtls_printf( "CID not valid hex\n" );
goto exit;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/*
@@ -1537,7 +1537,7 @@
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
{
if( opt.cid_enabled == 1 &&
@@ -1563,7 +1563,7 @@
goto exit;
}
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if( opt.auth_mode != DFL_AUTH_MODE )
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
@@ -1733,7 +1733,7 @@
mbedtls_net_send, mbedtls_net_recv,
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
@@ -1744,7 +1744,7 @@
goto exit;
}
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.dtls_mtu != DFL_DTLS_MTU )
@@ -1874,7 +1874,7 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "initial handshake" );
if( ret != 0 )
goto exit;
@@ -1890,7 +1890,7 @@
return( ret );
}
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
if( opt.renegotiate )
@@ -1932,11 +1932,11 @@
}
#endif /* MBEDTLS_SSL_RENEGOTIATION */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "after renegotiation" );
if( ret != 0 )
goto exit;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/*
* 6. Write the GET request
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index dc321cd..ced8086 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -226,7 +226,7 @@
#define USAGE_SSL_ASYNC ""
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define USAGE_CID \
" cid=%%d Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \
" default: 0 (disabled)\n" \
@@ -236,9 +236,9 @@
" default: \"\"\n" \
" cid_val_renego=%%s The CID to use for incoming messages (in hex, without 0x) after renegotiation.\n" \
" default: same as 'cid_val'\n"
-#else /* MBEDTLS_SSL_CID */
+#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#define USAGE_CID ""
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
#define USAGE_PSK \
@@ -770,7 +770,7 @@
#endif /* SNI_OPTION */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) || \
- defined(MBEDTLS_SSL_CID)
+ defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
#define HEX2NUM( c ) \
if( c >= '0' && c <= '9' ) \
@@ -1224,7 +1224,7 @@
return( 0 );
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
int report_cid_usage( mbedtls_ssl_context *ssl,
const char *additional_description )
{
@@ -1272,7 +1272,7 @@
return( 0 );
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
int main( int argc, char *argv[] )
{
@@ -1339,7 +1339,7 @@
unsigned char alloc_buf[MEMORY_HEAP_SIZE];
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
size_t cid_len = 0;
@@ -1565,7 +1565,7 @@
opt.async_private_error = n;
}
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
else if( strcmp( p, "cid" ) == 0 )
{
opt.cid_enabled = atoi( q );
@@ -1586,7 +1586,7 @@
{
opt.cid_val_renego = q;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
else if( strcmp( p, "psk" ) == 0 )
opt.psk = q;
else if( strcmp( p, "psk_identity" ) == 0 )
@@ -1995,7 +1995,7 @@
}
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( unhexify( cid, opt.cid_val, &cid_len ) != 0 )
{
mbedtls_printf( "CID not valid hex\n" );
@@ -2014,7 +2014,7 @@
mbedtls_printf( "CID not valid hex\n" );
goto exit;
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
/*
@@ -2387,7 +2387,7 @@
};
#endif
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
{
if( opt.cid_enabled == 1 &&
@@ -2412,7 +2412,7 @@
goto exit;
}
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
@@ -2722,7 +2722,7 @@
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv,
opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled,
@@ -2733,7 +2733,7 @@
goto exit;
}
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.dtls_mtu != DFL_DTLS_MTU )
@@ -2960,7 +2960,7 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "initial handshake" );
if( ret != 0 )
goto exit;
@@ -2975,7 +2975,7 @@
goto exit;
}
}
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
if( opt.exchanges == 0 )
goto close_notify;
@@ -3187,11 +3187,11 @@
}
#endif /* MBEDTLS_SSL_RENEGOTIATION */
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "after renegotiation" );
if( ret != 0 )
goto exit;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
/*
* 7. Write the 200 Response
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index eba27ed..e1c9f02 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1118,7 +1118,7 @@
# grep for output witnessing its use. This needs to be
# changed once the CID extension is implemented.
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli enabled, Srv disabled" \
"$P_SRV debug_level=3 dtls=1 cid=0" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
@@ -1134,7 +1134,7 @@
-C "Copy CIDs into SSL transform" \
-c "Use of Connection ID was rejected by the server"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli disabled, Srv enabled" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=0" \
@@ -1149,7 +1149,7 @@
-C "Copy CIDs into SSL transform" \
-s "Use of Connection ID was not offered by client"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \
@@ -1169,7 +1169,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \
@@ -1190,7 +1190,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
-p "$P_PXY mtu=800" \
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
@@ -1211,7 +1211,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
-p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
"$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
@@ -1232,7 +1232,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=1" \
@@ -1252,7 +1252,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \
"$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
@@ -1272,7 +1272,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \
"$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1" \
@@ -1290,7 +1290,7 @@
-S "Use of Connection ID has been negotiated" \
-C "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -1310,7 +1310,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -1330,7 +1330,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -1350,7 +1350,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
"$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -1368,7 +1368,7 @@
-S "Use of Connection ID has been negotiated" \
-C "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
@@ -1388,7 +1388,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
@@ -1408,7 +1408,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
@@ -1428,7 +1428,7 @@
-s "Use of Connection ID has been negotiated" \
-c "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
"$P_SRV debug_level=3 dtls=1 cid=1" \
"$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
@@ -1446,7 +1446,7 @@
-S "Use of Connection ID has been negotiated" \
-C "Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
@@ -1461,7 +1461,7 @@
-s "(after renegotiation) Use of Connection ID has been negotiated" \
-c "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
@@ -1476,7 +1476,7 @@
-s "(after renegotiation) Use of Connection ID has been negotiated" \
-c "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with different CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead cid_val_renego=beef renegotiation=1" \
@@ -1491,7 +1491,7 @@
-s "(after renegotiation) Use of Connection ID has been negotiated" \
-c "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \
-p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
@@ -1507,7 +1507,7 @@
-s "(after renegotiation) Use of Connection ID has been negotiated" \
-c "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
@@ -1522,7 +1522,7 @@
-C "(after renegotiation) Use of Connection ID has been negotiated" \
-S "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID" \
"$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
@@ -1537,7 +1537,7 @@
-C "(after renegotiation) Use of Connection ID has been negotiated" \
-S "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
@@ -1553,7 +1553,7 @@
-C "(after renegotiation) Use of Connection ID has been negotiated" \
-S "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \
"$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
@@ -1566,7 +1566,7 @@
-c "(after renegotiation) Use of Connection ID has been negotiated" \
-s "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \
"$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
@@ -1579,7 +1579,7 @@
-c "(after renegotiation) Use of Connection ID has been negotiated" \
-s "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
-p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5" \
@@ -1593,7 +1593,7 @@
-c "(after renegotiation) Use of Connection ID has been negotiated" \
-s "(after renegotiation) Use of Connection ID has been negotiated"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
@@ -1609,7 +1609,7 @@
-S "(after renegotiation) Use of Connection ID has been negotiated" \
-s "(after renegotiation) Use of Connection ID was not offered by client"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
@@ -1626,7 +1626,7 @@
-S "(after renegotiation) Use of Connection ID has been negotiated" \
-s "(after renegotiation) Use of Connection ID was not offered by client"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \
"$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
@@ -1642,7 +1642,7 @@
-S "(after renegotiation) Use of Connection ID has been negotiated" \
-c "(after renegotiation) Use of Connection ID was rejected by the server"
-requires_config_enabled MBEDTLS_SSL_CID
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index a1a7a30..d599b6d 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -38,7 +38,7 @@
unsigned char *key0 = NULL, *key1 = NULL;
unsigned char iv_enc[16], iv_dec[16];
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char cid0[ SSL_CID_LEN_MIN ];
unsigned char cid1[ SSL_CID_LEN_MIN ];
@@ -47,7 +47,7 @@
#else
((void) cid0_len);
((void) cid1_len);
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
maclen = 0;
@@ -246,7 +246,7 @@
memcpy( &t_out->iv_dec, iv_enc, sizeof( iv_enc ) );
memcpy( &t_out->iv_enc, iv_dec, sizeof( iv_dec ) );
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
/* Add CID */
memcpy( &t_in->in_cid, cid0, cid0_len );
memcpy( &t_in->out_cid, cid1, cid1_len );
@@ -256,7 +256,7 @@
memcpy( &t_out->out_cid, cid0, cid0_len );
t_out->in_cid_len = cid1_len;
t_out->out_cid_len = cid0_len;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
cleanup:
@@ -379,9 +379,9 @@
rec.type = 42;
rec.ver[0] = num_records;
rec.ver[1] = num_records;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
rec.buf = buf;
rec.buf_len = buflen;
@@ -499,9 +499,9 @@
rec.ver[1] = offset;
rec.buf = buf;
rec.buf_len = buflen;
-#if defined(MBEDTLS_SSL_CID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
rec.cid_len = 0;
-#endif /* MBEDTLS_SSL_CID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
switch( mode )
{