Make endpoint+transport args of config_defaults()

2025-12-21 21:36:21 +01:00 · 2015-05-04 19:32:36 +02:00 · 2015-05-04 19:32:36 +02:00 · 419d5ae419
commit 419d5ae419
parent def0bbe3ab
14 changed files with 98 additions and 103 deletions
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@ -162,7 +162,9 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "  . Setting up the DTLS structure..." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                   MBEDTLS_SSL_IS_CLIENT,
+                   MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
@ -176,9 +178,6 @@ int main( int argc, char *argv[] )

    mbedtls_printf( " ok\n" );

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
-    mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM );
-
    /* OPTIONAL is usually a bad choice for security, but makes interop easier
     * in this simplified example, in which the ca chain is hardcoded.
     * Production code should set a proper ca chain and use REQUIRED. */
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@ -192,7 +192,9 @@ int main( void )
    printf( "  . Setting up the DTLS data..." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_SERVER,
+                    MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
@ -204,8 +206,6 @@ int main( void )
        goto exit;
    }

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
-    mbedtls_ssl_set_transport( &ssl, MBEDTLS_SSL_TRANSPORT_DATAGRAM );
    mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );

    mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@ -188,7 +188,9 @@ int main( void )
        goto exit;
    }

-    if( mbedtls_ssl_config_defaults( &conf ) != 0 )
+    if( mbedtls_ssl_config_defaults( &conf,
+                MBEDTLS_SSL_IS_CLIENT,
+                MBEDTLS_SSL_TRANSPORT_STREAM) != 0 )
    {
        ret = ssl_config_defaults_failed;
        goto exit;
@ -200,8 +202,6 @@ int main( void )
        goto exit;
    }

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
-
    mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );

 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@ -150,7 +150,9 @@ int main( void )
    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_CLIENT,
+                    MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
@ -164,7 +166,6 @@ int main( void )

    mbedtls_printf( " ok\n" );

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
    /* OPTIONAL is not optimal for security,
     * but makes interop easier in this simplified example */
    mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -1049,7 +1049,9 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_CLIENT,
+                    opt.transport ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
        goto exit;
@ -1066,17 +1068,10 @@ int main( int argc, char *argv[] )
        mbedtls_ssl_set_verify( &ssl, my_verify, NULL );
 #endif

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
    if( opt.auth_mode != DFL_AUTH_MODE )
        mbedtls_ssl_set_authmode( &ssl, opt.auth_mode );

 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ( ret = mbedtls_ssl_set_transport( &ssl, opt.transport ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! selected transport is not available\n" );
-        goto exit;
-    }
-
    if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
        mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max );
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@ -249,7 +249,9 @@ int main( void )
            goto exit;
        }

-        if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+        if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                        MBEDTLS_SSL_IS_SERVER,
+                        MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
        {
            mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
            goto exit;
@ -263,7 +265,6 @@ int main( void )

        mbedtls_printf( " ok\n" );

-        mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
        mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );

        mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@ -584,7 +584,9 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_CLIENT,
+                    MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
@ -598,7 +600,6 @@ int main( int argc, char *argv[] )

    mbedtls_printf( " ok\n" );

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_CLIENT );
    /* OPTIONAL is not optimal for security,
     * but makes interop easier in this simplified example */
    mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_OPTIONAL );
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@ -160,7 +160,9 @@ static void *handle_ssl_connection( void *data )
     */
    mbedtls_printf( "  [ #%d ]  Setting up the SSL data....\n", thread_id );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_SERVER,
+                    MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
    {
        mbedtls_printf( "  [ #%d ]  failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
                thread_id, -ret );
@ -174,7 +176,6 @@ static void *handle_ssl_connection( void *data )
        goto thread_exit;
    }

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
    mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );

    mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@ -191,7 +191,9 @@ int main( void )
    mbedtls_printf( "  . Setting up the SSL data...." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_SERVER,
+                    MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
        goto exit;
@ -203,7 +205,6 @@ int main( void )
        goto exit;
    }

-    mbedtls_ssl_set_endpoint( &ssl, MBEDTLS_SSL_IS_SERVER );
    mbedtls_ssl_set_authmode( &ssl, MBEDTLS_SSL_VERIFY_NONE );

    mbedtls_ssl_set_rng( &ssl, mbedtls_ctr_drbg_random, &ctr_drbg );
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -1520,7 +1520,9 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "  . Setting up the SSL/TLS structure..." );
    fflush( stdout );

-    if( ( ret = mbedtls_ssl_config_defaults( &conf ) ) != 0 )
+    if( ( ret = mbedtls_ssl_config_defaults( &conf,
+                    MBEDTLS_SSL_IS_SERVER,
+                    opt.transport ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
        goto exit;
@ -1537,12 +1539,6 @@ int main( int argc, char *argv[] )
        mbedtls_ssl_set_authmode( &ssl, opt.auth_mode );

 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-    if( ( ret = mbedtls_ssl_set_transport( &ssl, opt.transport ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! selected transport is not available\n" );
-        goto exit;
-    }
-
    if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
        mbedtls_ssl_set_handshake_timeout( &ssl, opt.hs_to_min, opt.hs_to_max );
 #endif /* MBEDTLS_SSL_PROTO_DTLS */