rename ticket_flags helper functions to generic ones

Ticket flags is quite generic and may make sense in the future versions of TLS or even in TLS 1.2 with new extensions. This change remane the ticket_flags helper functions with more generic `mbedtls_ssl_session` prefix instead of `mbedtls_ssl_tls13_session`. Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2025-03-03 10:13:40 +00:00 · 2023-01-12 11:54:04 +08:00 · 2023-01-12 11:54:04 +08:00 · 80270b2151
commit 80270b2151
parent a1aa31b8b1
3 changed files with 14 additions and 12 deletions
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -2720,20 +2720,20 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session,
 #endif

 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
-static inline uint8_t mbedtls_ssl_tls13_session_get_ticket_flags(
+static inline unsigned int mbedtls_ssl_session_get_ticket_flags(
    mbedtls_ssl_session *session, uint8_t flags)
 {
    return session->ticket_flags &
           (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
 }

-static inline void mbedtls_ssl_tls13_session_set_ticket_flags(
+static inline void mbedtls_ssl_session_set_ticket_flags(
    mbedtls_ssl_session *session, uint8_t flags)
 {
    session->ticket_flags |= (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
 }

-static inline void mbedtls_ssl_tls13_session_clear_ticket_flags(
+static inline void mbedtls_ssl_session_clear_ticket_flags(
    mbedtls_ssl_session *session, uint8_t flags)
 {
    session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@ -677,9 +677,9 @@ static int ssl_tls13_has_compat_ticket_flags(mbedtls_ssl_context *ssl)
    mbedtls_ssl_session *session = ssl->session_negotiate;
    return session != NULL &&
           mbedtls_ssl_conf_tls13_check_kex_modes(ssl,
-                                                  mbedtls_ssl_tls13_session_get_ticket_flags(
+                                                  mbedtls_ssl_session_get_ticket_flags(
                                                      session,
-                                                      MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL));
+                                                      MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL));
 }

 static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl)
@ -2630,7 +2630,7 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl,
    session->ticket_len = ticket_len;

    /* Clear all flags in ticket_flags */
-    mbedtls_ssl_tls13_session_clear_ticket_flags(
+    mbedtls_ssl_session_clear_ticket_flags(
        session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);

    MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
@ -2717,7 +2717,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl,
                          session->resumption_key_len);

    /* Set ticket_flags depends on the selected key exchange modes */
-    mbedtls_ssl_tls13_session_set_ticket_flags(
+    mbedtls_ssl_session_set_ticket_flags(
        session, ssl->conf->tls13_kex_modes);
    MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);

--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -170,10 +170,12 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket(
     * We regard the ticket with incompatible key exchange modes as not match.
     */
    ret = MBEDTLS_ERR_SSL_TICKET_INVALID_KEX_MODE;
-    MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);
+    MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4,
+                                   session->ticket_flags);
    if (mbedtls_ssl_tls13_check_kex_modes(ssl,
-                                          mbedtls_ssl_tls13_session_get_ticket_flags(
-                                              session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL))) {
+                                          mbedtls_ssl_session_get_ticket_flags(
+                                              session,
+                                              MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL))) {
        MBEDTLS_SSL_DEBUG_MSG(3, ("No suitable key exchange mode"));
        goto exit;
    }
@ -2632,10 +2634,10 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
 #endif

    /* Set ticket_flags depends on the advertised psk key exchange mode */
-    mbedtls_ssl_tls13_session_clear_ticket_flags(
+    mbedtls_ssl_session_clear_ticket_flags(
        session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
 #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
-    mbedtls_ssl_tls13_session_set_ticket_flags(
+    mbedtls_ssl_session_set_ticket_flags(
        session, ssl->handshake->tls13_kex_modes);
 #endif
    MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);