commit ac36388e3e477ee141f53102df65940f6c6684bc
author Hanno Becker <hanno.becker@arm.com> Wed May 22 16:59:25 2019 +0100
committer Hanno Becker <hanno.becker@arm.com> Wed May 22 16:59:25 2019 +0100
tree 516dcbd58d653875f358e98579646c9144e9f924
parent 633d604837efc1ad4574e9d496ed05254d44efa1

Exemplify ways of calling mbedtls_ssl_get_peer_cid() in ssl_client2

programs/ssl/ssl_client2.c

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 99f4689..aeec331 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -612,9 +612,18 @@
     if( opt.transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
         return( 0 );
 
-    /* Check if the use of a CID has been negotiated */
+    /* Check if the use of a CID has been negotiated,
+     * but don't ask for the CID value and length.
+     *
+     * Note: Here and below, we're demonstrating the various ways
+     *       in which mbedtls_ssl_get_peer_cid() can be called,
+     *       depending on whether or not the length/value of the
+     *       peer's CID is needed.
+     *
+     *       An actual application, however, should use
+     *       just one call to mbedtls_ssl_get_peer_cid(). */
     ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
-                                    peer_cid, &peer_cid_len );
+                                    NULL, NULL );
     if( ret != 0 )
     {
         mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
@@ -635,6 +644,26 @@
         size_t idx=0;
         mbedtls_printf( "(%s) Use of Connection ID has been negotiated.\n",
                         additional_description );
+
+        /* Ask for just the length of the peer's CID. */
+        ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
+                                        NULL, &peer_cid_len );
+        if( ret != 0 )
+        {
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
+                            -ret );
+            return( ret );
+        }
+
+        /* Ask for just length + value of the peer's CID. */
+        ret = mbedtls_ssl_get_peer_cid( ssl, &cid_negotiated,
+                                        peer_cid, &peer_cid_len );
+        if( ret != 0 )
+        {
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n",
+                            -ret );
+            return( ret );
+        }
         mbedtls_printf( "(%s) Peer CID (length %u Bytes): ",
                         additional_description,
                         (unsigned) peer_cid_len );