Allow configuration of ConnectionID at compile-time
Introduces
- MBEDTLS_SSL_CONF_CID_LEN and
- MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID
to control
- the length of incoming CIDs
- the behaviour in receipt of unexpected CIDs
at compile-time.
Impact on code-size:
| | GCC 82.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before | 23223 | 23865 | 26775 |
| `libmbedtls.a` after | 23147 | 23781 | 26703 |
| gain in Bytes | 76 | 84 | 72 |
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 2196dd1..a4624fc 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2489,7 +2489,9 @@
};
#endif
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
+ !defined(MBEDTLS_SSL_CONF_CID_LEN) && \
+ !defined(MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID)
if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
{
if( opt.cid_enabled == 1 &&
@@ -2514,7 +2516,9 @@
goto exit;
}
}
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID &&
+ !MBEDTLS_SSL_CONF_CID_LEN &&
+ !MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )