From e2c46e0413f9b6c145e54bc60a5848a03492dc70 Mon Sep 17 00:00:00 2001 From: Hannes Tschofenig Date: Wed, 23 Nov 2022 10:44:11 +0100 Subject: [PATCH] Reference to RFC 9146 added MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added deprecated keyword to MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT Signed-off-by: Hannes Tschofenig Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/mbedtls_config.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 7706250104..8f45236940 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -1320,9 +1320,10 @@ /** * \def MBEDTLS_SSL_DTLS_CONNECTION_ID * - * Enable support for the DTLS Connection ID extension, + * Enable support for the DTLS Connection ID (CID) extension, * which allows to identify DTLS connections across changes - * in the underlying transport. + * in the underlying transport. The CID functionality is described + * in RFC 9146. * * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()`, * mbedtls_ssl_get_own_cid()`, `mbedtls_ssl_get_peer_cid()` and @@ -1352,6 +1353,13 @@ * Set the value to 0 for the standard version, and * 1 for the legacy draft version. * + * \deprecated Support for the legacy version of the DTLS + * Connection ID feature is deprecated. Please + * switch to the standardized version defined + * in RFC 9146 enabled by utilizing + * MBEDTLS_SSL_DTLS_CONNECTION_ID without use + * of MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT. + * * Requires: MBEDTLS_SSL_DTLS_CONNECTION_ID */ #define MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 0