Allow configuration of ConnectionID at compile-time

Introduces - MBEDTLS_SSL_CONF_CID_LEN and - MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID to control - the length of incoming CIDs - the behaviour in receipt of unexpected CIDs at compile-time. Impact on code-size: | | GCC 82.1 | ARMC5 5.06 | ARMC6 6.12 | | --- | --- | --- | --- | | `libmbedtls.a` before | 23223 | 23865 | 26775 | | `libmbedtls.a` after | 23147 | 23781 | 26703 | | gain in Bytes | 76 | 84 | 72 |
2026-05-11 14:38:17 +02:00 · 2019-06-13 09:23:43 +01:00
parent b0b2b67568
commit e0200dad63
9 changed files with 109 additions and 12 deletions
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2489,7 +2489,9 @@ int main( int argc, char *argv[] )
    };
 #endif

-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) && \
+    !defined(MBEDTLS_SSL_CONF_CID_LEN) &&      \
+    !defined(MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID)
    if( opt.cid_enabled == 1 || opt.cid_enabled_renego == 1 )
    {
        if( opt.cid_enabled == 1        &&
@@ -2514,7 +2516,9 @@ int main( int argc, char *argv[] )
            goto exit;
        }
    }
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID &&
+          !MBEDTLS_SSL_CONF_CID_LEN &&
+          !MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID */

 #if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
    if( opt.trunc_hmac != DFL_TRUNC_HMAC )