From 2234e650f72d96917ee11b32d317ac0e5cd2b77e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:12:41 +0100 Subject: [PATCH] Add new configuration option controlling CID extension --- include/mbedtls/config.h | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index cc3fa14b1..2f46be47c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1326,6 +1326,29 @@ */ #define MBEDTLS_SSL_ALL_ALERT_MESSAGES +/** + * \def MBEDTLS_SSL_CID + * + * Enable support for the DTLS Connection ID extension which + * allows to identify DTLS connections across changes in the + * underlying transport. + * + * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()` + * and `mbedtls_ssl_get_peer_cid()`. See their documentation for more + * information. + * + * \warning The Connection ID extension is still in draft state. + * We make no stability promises for the availability + * or the shape of the API controlled by this option. + * + * See also MBEDTLS_SSL_CID_OUT_LEN_MAX and MBEDTLS_SSL_CID_IN_LEN_MAX. + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Uncomment to enable the Connection ID extension. + */ +#define MBEDTLS_SSL_CID + /** * \def MBEDTLS_SSL_ASYNC_PRIVATE * @@ -3313,6 +3336,20 @@ */ //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 +/** \def MBEDTLS_SSL_CID_IN_LEN_MAX + * + * The maximum length of CIDs used for incoming DTLS messages. + * + */ +//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 + +/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX + * + * The maximum length of CIDs used for outgoing DTLS messages. + * + */ +//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 + /** \def MBEDTLS_SSL_OUT_CONTENT_LEN * * Maximum length (in bytes) of outgoing plaintext fragments.