From 8476f2f30a1b775d25349e082caf993b8213cbdb Mon Sep 17 00:00:00 2001
From: TRodziewicz <tomasz.rodziewicz@mobica.com>
Date: Wed, 2 Jun 2021 14:34:47 +0200
Subject: [PATCH] Turn _SSL_SRV_RESPECT_CLIENT_PREFERENCE config option to a
 runtime option

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
---
 ChangeLog.d/issue4398.txt |  9 +++++++
 include/mbedtls/config.h  | 10 -------
 include/mbedtls/ssl.h     | 21 ++++++++++++++-
 library/ssl_srv.c         | 56 +++++++++++++++++++++++++++------------
 library/ssl_tls.c         |  1 +
 5 files changed, 69 insertions(+), 28 deletions(-)
 create mode 100644 ChangeLog.d/issue4398.txt

diff --git a/ChangeLog.d/issue4398.txt b/ChangeLog.d/issue4398.txt
new file mode 100644
index 0000000000..67acbf5a2d
--- /dev/null
+++ b/ChangeLog.d/issue4398.txt
@@ -0,0 +1,9 @@
+API changes
+    * Remove the MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE option from config.h.
+      Replace it with SSL runtime option which can be enabled or disabled using
+      new added API function mbedtls_ssl_conf_respect_client_preference(). Add
+      a new field respect_cli_pref in the mbedtls_ssl_config structure and two
+      defines used as a parameter: MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED
+      and MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED. Adapt the code used for
+      searching for a matching ciphersuite to use the new field instead of the
+      removed config.h option. Fixes #3498.
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 3139b223d9..c1106a6e80 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1471,16 +1471,6 @@
  */
 #define MBEDTLS_SSL_RENEGOTIATION
 
-/**
- * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
- *
- * Pick the ciphersuite according to the client's preferences rather than ours
- * in the SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to respect client's ciphersuite order
- */
-//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
-
 /**
  * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
  *
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index c293b88e53..364239a840 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -200,6 +200,9 @@
 #define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED    0
 #define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED      1
 
+#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED    1
+#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED   0
+
 /*
  * Default range for DTLS retransmission timer value, in milliseconds.
  * RFC 6347 4.2.4.1 says from 1 second to 60 seconds.
@@ -1185,6 +1188,9 @@ struct mbedtls_ssl_config
 #if defined(MBEDTLS_SSL_SRV_C)
     unsigned int cert_req_ca_list : 1;  /*!< enable sending CA list in
                                           Certificate Request messages?     */
+    unsigned int respect_cli_pref : 1;  /*!< pick the ciphersuite according to
+                                          the client's preferences rather
+                                          than ours                         */
 #endif
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
     unsigned int ignore_unexpected_cid : 1; /*!< Determines whether DTLS
@@ -2494,7 +2500,7 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
  *
  *                      Note: The server uses its own preferences
  *                      over the preference of the client unless
- *                      MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined!
+ *                      conf->respect_cli_pref is enabled!
  *
  * \param conf          SSL configuration
  * \param ciphersuites  0-terminated list of allowed ciphersuites
@@ -3292,6 +3298,19 @@ void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
 int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
 #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
 
+#if defined(MBEDTLS_SSL_SRV_C)
+/**
+ * \brief          Pick the ciphersuite according to the client's preferences
+ *                 rather than ours in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *                 (Default: MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED)
+ *
+ * \param conf     SSL configuration
+ * \param enable   Enable or disable (MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED
+ *                                 or MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED)
+ */
+void mbedtls_ssl_conf_respect_client_preference( mbedtls_ssl_config *conf, int enable );
+#endif /* MBEDTLS_SSL_SRV_C */
+
 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
 /**
  * \brief          Activate negotiation of truncated HMAC
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 4fe6b02f10..c7ec4fe2aa 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1872,27 +1872,43 @@ read_record_header:
     got_common_suite = 0;
     ciphersuites = ssl->conf->ciphersuite_list;
     ciphersuite_info = NULL;
-#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
-    for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
-        for( i = 0; ciphersuites[i] != 0; i++ )
-#else
-    for( i = 0; ciphersuites[i] != 0; i++ )
+
+    if (ssl->conf->respect_cli_pref == MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_ENABLED)
+    {
         for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
-#endif
-        {
-            if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
-                p[1] != ( ( ciphersuites[i]      ) & 0xFF ) )
-                continue;
+            for( i = 0; ciphersuites[i] != 0; i++ )
+            {
+                if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
+                    p[1] != ( ( ciphersuites[i]      ) & 0xFF ) )
+                    continue;
 
-            got_common_suite = 1;
+                got_common_suite = 1;
 
-            if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
-                                               &ciphersuite_info ) ) != 0 )
-                return( ret );
+                if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
+                                                   &ciphersuite_info ) ) != 0 )
+                    return( ret );
 
-            if( ciphersuite_info != NULL )
-                goto have_ciphersuite;
-        }
+                if( ciphersuite_info != NULL )
+                    goto have_ciphersuite;
+            }
+    } else {
+        for( i = 0; ciphersuites[i] != 0; i++ )
+            for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
+            {
+                if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
+                    p[1] != ( ( ciphersuites[i]      ) & 0xFF ) )
+                    continue;
+
+                got_common_suite = 1;
+
+                if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
+                                                   &ciphersuite_info ) ) != 0 )
+                    return( ret );
+
+                if( ciphersuite_info != NULL )
+                    goto have_ciphersuite;
+            }
+    }
 
     if( got_common_suite )
     {
@@ -4416,4 +4432,10 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl )
 
     return( ret );
 }
+
+void mbedtls_ssl_conf_respect_client_preference( mbedtls_ssl_config *conf, int enable )
+{
+    conf->respect_cli_pref = enable;
+}
+
 #endif /* MBEDTLS_SSL_SRV_C */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3bdc1cfa4a..ab11391ba2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6189,6 +6189,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
 
 #if defined(MBEDTLS_SSL_SRV_C)
     conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED;
+    conf->respect_cli_pref = MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREF_DISABLED;
 #endif
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)