yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-30 08:24:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Mention possibility of hardcoding SSL config in ssl.h

Browse Source
This commit is contained in:
Hanno Becker 2019-06-12 13:35:03 +01:00
parent f765ce617f
commit ab1ce76682
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
include/mbedtls/ssl.h
View File

@ -2845,6 +2845,7 @@ void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
#if !defined(MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET)
/** /**
* \brief Enable or disable Extended Master Secret negotiation. * \brief Enable or disable Extended Master Secret negotiation.
* (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED) * (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED)
@ -2853,11 +2854,20 @@ void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
* protocol, and should not cause any interoperability issue * protocol, and should not cause any interoperability issue
* (used only if the peer supports it too). * (used only if the peer supports it too).
* *
* \note On constrained systems, this option can also be
* fixed at compile-time by defining the constant
* MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET
* as MBEDTLS_SSL_EXTENDED_MS_ENABLED or
* MBEDTLS_SSL_EXTENDED_MS_DISABLED.
*
* \param conf SSL configuration * \param conf SSL configuration
* \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED * \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or
* MBEDTLS_SSL_EXTENDED_MS_DISABLED
*/ */
void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems ); void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
#endif /* !MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET */
#if !defined(MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET)
/** /**
* \brief Enable or disable Extended Master Secret enforcing. * \brief Enable or disable Extended Master Secret enforcing.
* (Default: MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED) * (Default: MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED)
@ -2874,9 +2884,17 @@ void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems
* \param conf Currently used SSL configuration struct. * \param conf Currently used SSL configuration struct.
* \param ems_enf MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED or * \param ems_enf MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED or
* MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED * MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED
* \note On constrained systems, this option can also be
* fixed at compile-time by defining the constant
* MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET
* as MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED or
* MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED.
*
*/ */
void mbedtls_ssl_conf_extended_master_secret_enforce( mbedtls_ssl_config *conf, void mbedtls_ssl_conf_extended_master_secret_enforce( mbedtls_ssl_config *conf,
char ems_enf ); char ems_enf );
#endif /* !MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET */
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
#if defined(MBEDTLS_ARC4_C) #if defined(MBEDTLS_ARC4_C)