Rename mbedtls_ssl_session minor_ver to tls_version

Store the TLS version instead of minor version number in tls_version.

Note: struct member size changed from unsigned char to uint16_t
Due to standard structure padding, the structure size does not change
unless alignment is 1-byte (instead of 2-byte or more)

Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is compatible on little-endian platforms,
but not compatible on big-endian platforms.  The enum values for
the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of
MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and
MBEDTLS_SSL_MINOR_VERSION_4, respectively.

Note: care has been taken to preserve serialized session format,
which uses only the lower byte of the TLS version.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

include/mbedtls/ssl.h

@@ -1126,11 +1126,10 @@ struct mbedtls_ssl_session
 
     unsigned char MBEDTLS_PRIVATE(exported);
 
-    /*!< Minor version negotiated in the session. Used if and when
+    /*!< TLS version negotiated in the session. Used if and when renegotiating
-     *   renegotiating or resuming a session instead of the configured minor
+     *   or resuming a session instead of the configured minor TLS version.
-     *   version.
      */
-    unsigned char MBEDTLS_PRIVATE(minor_ver);
+    unsigned char MBEDTLS_PRIVATE(tls_version);
 
 #if defined(MBEDTLS_HAVE_TIME)
     mbedtls_time_t MBEDTLS_PRIVATE(start);       /*!< starting time      */

library/ssl_client.c

@@ -859,7 +859,7 @@ static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl )
 
         if( ssl->handshake->resume )
         {
-             ssl->minor_ver = ssl->session_negotiate->minor_ver;
+             ssl->minor_ver = ssl->session_negotiate->tls_version & 0xFF;
              ssl->handshake->min_minor_ver = ssl->minor_ver;
         }
         else

library/ssl_tls.c

@@ -2650,12 +2650,12 @@ static unsigned char ssl_serialized_session_header[] = {
  *                                 // configuration options which influence
  *                                 // the structure of mbedtls_ssl_session.
  *
- *    uint8_t minor_ver;           // Protocol-version. Possible values:
+ *    uint8_t minor_ver;           // Protocol minor version. Possible values:
- *                                 // - TLS 1.2 (MBEDTLS_SSL_MINOR_VERSION_3)
+ *                                 // - TLS 1.2 (3)
  *
- *    select (serialized_session.minor_ver) {
+ *    select (serialized_session.tls_version) {
  *
- *      case MBEDTLS_SSL_MINOR_VERSION_3: // TLS 1.2
+ *      case MBEDTLS_SSL_VERSION_TLS1_2:
  *        serialized_session_tls12 data;
  *
  *   };
@@ -2695,14 +2695,14 @@ static int ssl_session_save( const mbedtls_ssl_session *session,
     used += 1;
     if( used <= buf_len )
     {
-        *p++ = session->minor_ver;
+        *p++ = MBEDTLS_BYTE_0( session->tls_version );
     }
 
     /* Forward to version-specific serialization routine. */
-    switch( session->minor_ver )
+    switch( session->tls_version )
     {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    case MBEDTLS_SSL_MINOR_VERSION_3:
+    case MBEDTLS_SSL_VERSION_TLS1_2:
     {
         size_t remaining_len = used <= buf_len ? buf_len - used : 0;
         used += ssl_session_save_tls12( session, p, remaining_len );
@@ -2768,13 +2768,13 @@ static int ssl_session_load( mbedtls_ssl_session *session,
      */
     if( 1 > (size_t)( end - p ) )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    session->minor_ver = *p++;
+    session->tls_version = 0x0300 | *p++;
 
     /* Dispatch according to TLS version. */
-    switch( session->minor_ver )
+    switch( session->tls_version )
     {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-    case MBEDTLS_SSL_MINOR_VERSION_3: /* TLS 1.2 */
+    case MBEDTLS_SSL_VERSION_TLS1_2:
     {
         size_t remaining_len = ( end - p );
         return( ssl_session_load_tls12( session, p, remaining_len ) );

library/ssl_tls12_client.c

@@ -1300,7 +1300,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
     MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 );
     mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
                       ssl->conf->transport, buf + 0 );
-    ssl->session_negotiate->minor_ver = ssl->minor_ver;
+    ssl->session_negotiate->tls_version = 0x0300 | ssl->minor_ver;
 
     if( ssl->major_ver < ssl->conf->min_major_ver ||
         ssl->minor_ver < ssl->conf->min_minor_ver ||

library/ssl_tls12_server.c

@@ -1407,7 +1407,7 @@ read_record_header:
 
     mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
                       ssl->conf->transport, buf );
-    ssl->session_negotiate->minor_ver = ssl->minor_ver;
+    ssl->session_negotiate->tls_version = 0x0300 | ssl->minor_ver;
 
     if( ( ssl->major_ver != MBEDTLS_SSL_MAJOR_VERSION_3 ) ||
         ( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) )

tests/suites/test_suite_ssl.function

@@ -1634,7 +1634,7 @@ static int ssl_populate_session_tls12( mbedtls_ssl_session *session,
 #if defined(MBEDTLS_HAVE_TIME)
     session->start = mbedtls_time( NULL ) - 42;
 #endif
-    session->minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
+    session->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
     session->ciphersuite = 0xabcd;
     session->compression = 1;
     session->id_len = sizeof( session->id );
@@ -4585,7 +4585,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
 #if defined(MBEDTLS_HAVE_TIME)
     TEST_ASSERT( original.start == restored.start );
 #endif
-    TEST_ASSERT( original.minor_ver == restored.minor_ver );
+    TEST_ASSERT( original.tls_version == restored.tls_version );
     TEST_ASSERT( original.ciphersuite == restored.ciphersuite );
     TEST_ASSERT( original.compression == restored.compression );
     TEST_ASSERT( original.id_len == restored.id_len );