diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 8c7b7281db..1fe1ac5e3b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -4465,8 +4465,7 @@ int mbedtls_ssl_conf_max_frag_len(mbedtls_ssl_config *conf, unsigned char mfl_co void mbedtls_ssl_conf_preference_order(mbedtls_ssl_config *conf, int order); #endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \ - defined(MBEDTLS_SSL_CLI_C) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) /** * \brief Enable / Disable TLS 1.2 session tickets (client and TLS 1.2 only). * Disabled by default. @@ -4479,16 +4478,6 @@ void mbedtls_ssl_conf_preference_order(mbedtls_ssl_config *conf, int order); */ void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets); -/** - * \brief Get if TLS 1.2 session tickets usage is enabled or not - * - * \param conf SSL configuration - * - * \return MBEDTLS_SSL_SESSION_TICKETS_ENABLED or - * MBEDTLS_SSL_SESSION_TICKETS_DISABLED - */ -int mbedtls_ssl_conf_get_session_tickets(const mbedtls_ssl_config *conf); - #if defined(MBEDTLS_SSL_PROTO_TLS1_3) /** * \brief Enable / Disable handling of TLS 1.3 NewSessionTicket messages (client and TLS 1.3 only). @@ -4525,19 +4514,8 @@ int mbedtls_ssl_conf_get_session_tickets(const mbedtls_ssl_config *conf); void mbedtls_ssl_conf_enable_new_session_tickets(mbedtls_ssl_config *conf, int use_new_session_tickets); -/** - * \brief Get if usage of TLS 1.3 NewSessionTicket messages is enabled or not - * - * \param conf SSL configuration - * - * \return MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED or - * MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED - */ -int mbedtls_ssl_conf_is_new_session_tickets_enabled(const mbedtls_ssl_config *conf); - #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ -#endif /* MBEDTLS_SSL_SESSION_TICKETS && - MBEDTLS_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && \ defined(MBEDTLS_SSL_SRV_C) && \ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 082bc9bd93..10cb68456d 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2934,8 +2934,37 @@ static inline void mbedtls_ssl_tls13_session_clear_ticket_flags( { session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); } + #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) +#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_BIT 0 +#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_BIT 1 + +#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_MASK \ + (1 << MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_BIT) +#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_MASK \ + (1 << MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_BIT) + +static inline int mbedtls_ssl_conf_get_session_tickets( + const mbedtls_ssl_config *conf) +{ + return conf->session_tickets & MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_MASK ? + MBEDTLS_SSL_SESSION_TICKETS_ENABLED : + MBEDTLS_SSL_SESSION_TICKETS_DISABLED; +} + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +static inline int mbedtls_ssl_conf_is_new_session_tickets_enabled( + const mbedtls_ssl_config *conf) +{ + return conf->session_tickets & MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_MASK ? + MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED : + MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED; +} +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ +#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ + #if defined(MBEDTLS_SSL_CLI_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3) int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl); #endif diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 89588a4787..fe1a1efa99 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3010,14 +3010,6 @@ void mbedtls_ssl_conf_renegotiation_period(mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_CLI_C) -#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_BIT 0 -#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_BIT 1 - -#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_MASK \ - (1 << MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_BIT) -#define MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_MASK \ - (1 << MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_BIT) - void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets) { conf->session_tickets &= ~MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_MASK; @@ -3025,13 +3017,6 @@ void mbedtls_ssl_conf_session_tickets(mbedtls_ssl_config *conf, int use_tickets) MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_BIT; } -int mbedtls_ssl_conf_get_session_tickets(const mbedtls_ssl_config *conf) -{ - return conf->session_tickets & MBEDTLS_SSL_SESSION_TICKETS_TLS1_2_MASK ? - MBEDTLS_SSL_SESSION_TICKETS_ENABLED : - MBEDTLS_SSL_SESSION_TICKETS_DISABLED; -} - #if defined(MBEDTLS_SSL_PROTO_TLS1_3) void mbedtls_ssl_conf_enable_new_session_tickets(mbedtls_ssl_config *conf, int use_new_session_tickets) @@ -3040,13 +3025,6 @@ void mbedtls_ssl_conf_enable_new_session_tickets(mbedtls_ssl_config *conf, conf->session_tickets |= (use_new_session_tickets != 0) << MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_BIT; } - -int mbedtls_ssl_conf_is_new_session_tickets_enabled(const mbedtls_ssl_config *conf) -{ - return conf->session_tickets & MBEDTLS_SSL_SESSION_TICKETS_TLS1_3_MASK ? - MBEDTLS_SSL_NEW_SESSION_TICKETS_ENABLED : - MBEDTLS_SSL_NEW_SESSION_TICKETS_DISABLED; -} #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ #endif /* MBEDTLS_SSL_CLI_C */