Remove the _SSL_FALLBACK_ parts
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 993b90f..715c73a 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1553,24 +1553,6 @@
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
/**
- * \def MBEDTLS_SSL_FALLBACK_SCSV
- *
- * Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV)
- * for Preventing Protocol Downgrade Attacks.
- *
- * For servers, it is recommended to always enable this, unless you support
- * only one version of TLS, or know for sure that none of your clients
- * implements a fallback strategy.
- *
- * For clients, you only need this if you're using a fallback strategy, which
- * is not recommended in the first place, unless you absolutely need it to
- * interoperate with buggy (version-intolerant) servers.
- *
- * Comment this macro to disable support for FALLBACK_SCSV
- */
-#define MBEDTLS_SSL_FALLBACK_SCSV
-
-/**
* \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
*
* This option controls the availability of the API mbedtls_ssl_get_peer_cert()
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index b520042..8e6c1ee 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -156,9 +156,6 @@
#define MBEDTLS_SSL_IS_CLIENT 0
#define MBEDTLS_SSL_IS_SERVER 1
-#define MBEDTLS_SSL_IS_NOT_FALLBACK 0
-#define MBEDTLS_SSL_IS_FALLBACK 1
-
#define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0
#define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1
@@ -279,7 +276,6 @@
* Signaling ciphersuite values (SCSV)
*/
#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */
-#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< RFC 7507 section 2 */
/*
* Supported Signature and Hash algorithms (For TLS 1.2)
@@ -1198,9 +1194,6 @@
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
unsigned int session_tickets : 1; /*!< use session tickets? */
#endif
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
- unsigned int fallback : 1; /*!< is this a fallback? */
-#endif
#if defined(MBEDTLS_SSL_SRV_C)
unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in
Certificate Request messages? */
@@ -1833,54 +1826,6 @@
void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
/**
- * \brief Check whether a buffer contains a valid and authentic record
- * that has not been seen before. (DTLS only).
- *
- * This function does not change the user-visible state
- * of the SSL context. Its sole purpose is to provide
- * an indication of the legitimacy of an incoming record.
- *
- * This can be useful e.g. in distributed server environments
- * using the DTLS Connection ID feature, in which connections
- * might need to be passed between service instances on a change
- * of peer address, but where such disruptive operations should
- * only happen after the validity of incoming records has been
- * confirmed.
- *
- * \param ssl The SSL context to use.
- * \param buf The address of the buffer holding the record to be checked.
- * This must be a read/write buffer of length \p buflen Bytes.
- * \param buflen The length of \p buf in Bytes.
- *
- * \note This routine only checks whether the provided buffer begins
- * with a valid and authentic record that has not been seen
- * before, but does not check potential data following the
- * initial record. In particular, it is possible to pass DTLS
- * datagrams containing multiple records, in which case only
- * the first record is checked.
- *
- * \note This function modifies the input buffer \p buf. If you need
- * to preserve the original record, you have to maintain a copy.
- *
- * \return \c 0 if the record is valid and authentic and has not been
- * seen before.
- * \return MBEDTLS_ERR_SSL_INVALID_MAC if the check completed
- * successfully but the record was found to be not authentic.
- * \return MBEDTLS_ERR_SSL_INVALID_RECORD if the check completed
- * successfully but the record was found to be invalid for
- * a reason different from authenticity checking.
- * \return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD if the check completed
- * successfully but the record was found to be unexpected
- * in the state of the SSL context, including replayed records.
- * \return Another negative error code on different kinds of failure.
- * In this case, the SSL context becomes unusable and needs
- * to be freed or reset before reuse.
- */
-int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char *buf,
- size_t buflen );
-
-/**
* \brief Set the timer callbacks (Mandatory for DTLS.)
*
* \param ssl SSL context
@@ -3268,29 +3213,6 @@
*/
void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-/**
- * \brief Set the fallback flag (client-side only).
- * (Default: MBEDTLS_SSL_IS_NOT_FALLBACK).
- *
- * \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback
- * connection, that is a connection with max_version set to a
- * lower value than the value you're willing to use. Such
- * fallback connections are not recommended but are sometimes
- * necessary to interoperate with buggy (version-intolerant)
- * servers.
- *
- * \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for
- * non-fallback connections! This would appear to work for a
- * while, then cause failures when the server is upgraded to
- * support a newer TLS version.
- *
- * \param conf SSL configuration
- * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
- */
-void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
-#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
/**
* \brief Enable or disable Encrypt-then-MAC
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 81c0d6b..6cf283e 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1206,19 +1206,6 @@
n++;
}
- /* Some versions of OpenSSL don't handle it correctly if not at end */
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
- if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
- {
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
-
- MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
- *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
- *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE );
- n++;
- }
-#endif
-
*q++ = (unsigned char)( n >> 7 );
*q++ = (unsigned char)( n << 1 );
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 9896ad0..b629d79 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -86,70 +86,6 @@
return( 0 );
}
-static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
- unsigned char *buf,
- size_t len,
- mbedtls_record *rec );
-
-int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
- unsigned char *buf,
- size_t buflen )
-{
- int ret = 0;
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) );
- MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen );
-
- /* We don't support record checking in TLS because
- * (a) there doesn't seem to be a usecase for it, and
- * (b) In TLS 1.0, CBC record decryption has state
- * and we'd need to backup the transform here.
- */
- if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM )
- {
- ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
- goto exit;
- }
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
- else
- {
- mbedtls_record rec;
-
- ret = ssl_parse_record_header( ssl, buf, buflen, &rec );
- if( ret != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret );
- goto exit;
- }
-
- if( ssl->transform_in != NULL )
- {
- ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec );
- if( ret != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret );
- goto exit;
- }
- }
- }
-#endif /* MBEDTLS_SSL_PROTO_DTLS */
-
-exit:
- /* On success, we have decrypted the buffer in-place, so make
- * sure we don't leak any plaintext data. */
- mbedtls_platform_zeroize( buf, buflen );
-
- /* For the purpose of this API, treat messages with unexpected CID
- * as well as such from future epochs as unexpected. */
- if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID ||
- ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE )
- {
- ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD;
- }
-
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) );
- return( ret );
-}
-
#define SSL_DONT_FORCE_FLUSH 0
#define SSL_FORCE_FLUSH 1
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index fb7ba97..e2b2757 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1781,29 +1781,6 @@
ext += 4 + ext_size;
}
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
- for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
- {
- if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
- p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) )
- {
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) );
-
- if( ssl->minor_ver < ssl->conf->max_minor_ver )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
-
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK );
-
- return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
- }
-
- break;
- }
- }
-#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2fcd99d..edb41ef 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4147,13 +4147,6 @@
conf->min_minor_ver = minor;
}
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
-{
- conf->fallback = fallback;
-}
-#endif
-
#if defined(MBEDTLS_SSL_SRV_C)
void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
char cert_req_ca_list )
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 3de9665..af86838 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -287,13 +287,6 @@
#define USAGE_DTLS ""
#endif
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
-#define USAGE_FALLBACK \
- " fallback=0/1 default: (library default: off)\n"
-#else
-#define USAGE_FALLBACK ""
-#endif
-
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
#define USAGE_EMS \
" extended_ms=0/1 default: (library default: on)\n"
@@ -402,7 +395,6 @@
USAGE_TRUNC_HMAC \
USAGE_CONTEXT_CRT_CB \
USAGE_ALPN \
- USAGE_FALLBACK \
USAGE_EMS \
USAGE_ETM \
USAGE_REPRODUCIBLE \
@@ -1055,15 +1047,6 @@
{
opt.alpn_string = q;
}
- else if( strcmp( p, "fallback" ) == 0 )
- {
- switch( atoi( q ) )
- {
- case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break;
- case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break;
- default: goto usage;
- }
- }
else if( strcmp( p, "extended_ms" ) == 0 )
{
switch( atoi( q ) )
@@ -1894,11 +1877,6 @@
mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
opt.max_version );
-#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
- if( opt.fallback != DFL_FALLBACK )
- mbedtls_ssl_conf_fallback( &conf, opt.fallback );
-#endif
-
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n",
diff --git a/tests/compat.sh b/tests/compat.sh
index c57ec4f..6c1e0d4 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -155,7 +155,7 @@
# is_dtls <mode>
is_dtls()
{
- test "$1" = "dtls1" -o "$1" = "dtls1_2"
+ test "$1" = "dtls1_2"
}
# minor_ver <mode>