Change default config version to development style

Change-Id: I9c1088f235524211e727d03b96de8d82e60bd426 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
2025-03-29 22:20:30 +00:00 · 2022-04-21 13:46:17 +00:00 · 2022-04-21 13:46:17 +00:00 · 4d3a60475c
commit 4d3a60475c
parent 4e8cd7b903
1 changed files with 29 additions and 27 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -4210,37 +4210,39 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
    conf->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

+    if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM  )
+    {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
-#elif defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
-#endif
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
-        endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        /* DTLS 1.3 not supported yet
-         * server side hybrid mode not support yet
-         */
+        conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
        conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
-    }
-    else
-    {
-        conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
-    }
-#elif defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
-#elif defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    if( transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-    {
-        conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
-    }
-    else
-    {
-        /* DTLS 1.3 not supported yet */
+#else
        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-    }
 #endif
+    }
+    else
+    {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        if( endpoint == MBEDTLS_SSL_IS_CLIENT )
+        {
+            conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+            conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
+        }
+        else
+        /* Hybrid TLS 1.2 / 1.3 is not supported on server side yet */
+        {
+            conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+            conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+        }
+#elif defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
+        conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_3;
+#elif defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        conf->min_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+        conf->max_tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
+#else
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+    }

    /*
     * Preset-specific defaults