Add warnings about status of implementation of CID API

2024-11-26 11:55:41 +01:00 · 2019-04-23 12:01:20 +01:00 · 2019-04-23 12:01:20 +01:00 · f1f9a82320
commit f1f9a82320
parent 9bae30d00d
2 changed files with 20 additions and 3 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1495,8 +1495,8 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,


 /**
- * \brief             Configure the use of the Connection ID (CID) extension
- *                    in the next handshake.
+ * \brief             (STUB) Configure the use of the Connection ID (CID)
+ *                    extension in the next handshake.
 *
 *                    Reference:
 *                    https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04
@ -1519,6 +1519,11 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
 *                    extension in the next handshake and to set the value of
 *                    the CID to be used for incoming messages.
 *
+ * \warning           The current implementation of this API does nothing!
+ *                    It is included solely to allow review and coding against
+ *                    the new Connection CID API.
+ *                    The actual implementation will be added in the future.
+ *
 * \param ssl         The SSL context to configure. This must be initialized.
 * \param enable      This value determines whether the CID extension should
 *                    be used or not. Possible values are:
@ -1578,9 +1583,15 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
                         size_t own_cid_len );

 /**
- * \brief              Get information about the current use of the
+ * \brief              (STUB) Get information about the current use of the
 *                     CID extension.
 *
+ * \warning            The current implementation of this API does nothing
+ *                     except setting `*enabled` to MBEDTLS_SSL_CID_DISABLED!
+ *                     It is included solely to allow review and coding against
+ *                     the new Connection CID API.
+ *                     The actual implementation will be added in the future.
+ *
 * \param ssl          The SSL context to query.
 * \param enabled      The address at which to store whether the CID extension
 *                     is currently in use or not. If the CID is in use,
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -120,6 +120,9 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl,

 /* Top-level Connection ID API */

+/* WARNING: This implementation is a stub and doesn't do anything!
+ *          It is included solely to allow review and coding against
+ *          the new Connection CID API. */
 int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
                         int enable,
                         unsigned char const *own_cid,
@ -132,6 +135,9 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
    return( 0 );
 }

+/* WARNING: This implementation is a stub and doesn't do anything!
+ *          It is included solely to allow review and coding against
+ *          the new Connection CID API. */
 int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
                     int *enabled,
                     unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ],