Rename ssl_set_xxx() to ssl_conf_xxx()
diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
index 26439c7..dd03b71 100644
--- a/include/mbedtls/compat-1.3.h
+++ b/include/mbedtls/compat-1.3.h
@@ -2443,7 +2443,7 @@
#define ssl_hw_record_write mbedtls_ssl_hw_record_write
#define ssl_init mbedtls_ssl_init
#define ssl_key_cert mbedtls_ssl_key_cert
-#define ssl_legacy_renegotiation mbedtls_set_ssl_legacy_renegotiation
+#define ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
#define ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
#define ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
#define ssl_optimize_checksum mbedtls_ssl_optimize_checksum
@@ -2471,49 +2471,49 @@
#define ssl_session_free mbedtls_ssl_session_free
#define ssl_session_init mbedtls_ssl_session_init
#define ssl_session_reset mbedtls_ssl_session_reset
-#define ssl_set_alpn_protocols mbedtls_ssl_set_alpn_protocols
-#define ssl_set_arc4_support mbedtls_ssl_set_arc4_support
-#define ssl_set_authmode mbedtls_ssl_set_authmode
+#define ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
+#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
+#define ssl_set_authmode mbedtls_ssl_conf_authmode
#define ssl_set_bio mbedtls_ssl_set_bio
#define ssl_set_bio mbedtls_ssl_set_bio_timeout
-#define ssl_set_ca_chain mbedtls_ssl_set_ca_chain
-#define ssl_set_cbc_record_splitting mbedtls_ssl_set_cbc_record_splitting
-#define ssl_set_ciphersuites mbedtls_ssl_set_ciphersuites
-#define ssl_set_ciphersuites_for_version mbedtls_ssl_set_ciphersuites_for_version
+#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
+#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
+#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
+#define ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
#define ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
-#define ssl_set_curves mbedtls_ssl_set_curves
-#define ssl_set_dbg mbedtls_ssl_set_dbg
-#define ssl_set_dh_param mbedtls_ssl_set_dh_param
-#define ssl_set_dh_param_ctx mbedtls_ssl_set_dh_param_ctx
-#define ssl_set_dtls_anti_replay mbedtls_ssl_set_dtls_anti_replay
-#define ssl_set_dtls_badmac_limit mbedtls_ssl_set_dtls_badmac_limit
-#define ssl_set_dtls_cookies mbedtls_ssl_set_dtls_cookies
-#define ssl_set_encrypt_then_mac mbedtls_ssl_set_encrypt_then_mac
-#define ssl_set_endpoint mbedtls_ssl_set_endpoint
-#define ssl_set_extended_master_secret mbedtls_ssl_set_extended_master_secret
-#define ssl_set_fallback mbedtls_ssl_set_fallback
-#define ssl_set_handshake_timeout mbedtls_ssl_set_handshake_timeout
+#define ssl_set_curves mbedtls_ssl_conf_curves
+#define ssl_set_dbg mbedtls_ssl_conf_dbg
+#define ssl_set_dh_param mbedtls_ssl_conf_dh_param
+#define ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
+#define ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
+#define ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
+#define ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
+#define ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
+#define ssl_set_endpoint mbedtls_ssl_conf_endpoint
+#define ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
+#define ssl_set_fallback mbedtls_ssl_conf_fallback
+#define ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
#define ssl_set_hostname mbedtls_ssl_set_hostname
-#define ssl_set_max_frag_len mbedtls_ssl_set_max_frag_len
-#define ssl_set_max_version mbedtls_ssl_set_max_version
-#define ssl_set_min_version mbedtls_ssl_set_min_version
-#define ssl_set_own_cert mbedtls_ssl_set_own_cert
+#define ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
+#define ssl_set_max_version mbedtls_ssl_conf_max_version
+#define ssl_set_min_version mbedtls_ssl_conf_min_version
+#define ssl_set_own_cert mbedtls_ssl_conf_own_cert
#define ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt
#define ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa
-#define ssl_set_psk mbedtls_ssl_set_psk
-#define ssl_set_psk_cb mbedtls_ssl_set_psk_cb
-#define ssl_set_renegotiation mbedtls_ssl_set_renegotiation
-#define ssl_set_renegotiation_enforced mbedtls_ssl_set_renegotiation_enforced
-#define ssl_set_renegotiation_period mbedtls_ssl_set_renegotiation_period
-#define ssl_set_rng mbedtls_ssl_set_rng
+#define ssl_set_psk mbedtls_ssl_conf_psk
+#define ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
+#define ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
+#define ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
+#define ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
+#define ssl_set_rng mbedtls_ssl_conf_rng
#define ssl_set_session mbedtls_ssl_set_session
-#define ssl_set_session_cache mbedtls_ssl_set_session_cache
-#define ssl_set_session_ticket_lifetime mbedtls_ssl_set_session_ticket_lifetime
-#define ssl_set_session_tickets mbedtls_ssl_set_session_tickets
-#define ssl_set_sni mbedtls_ssl_set_sni
-#define ssl_set_transport mbedtls_ssl_set_transport
-#define ssl_set_truncated_hmac mbedtls_ssl_set_truncated_hmac
-#define ssl_set_verify mbedtls_ssl_set_verify
+#define ssl_set_session_cache mbedtls_ssl_conf_session_cache
+#define ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime
+#define ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
+#define ssl_set_sni mbedtls_ssl_conf_sni
+#define ssl_set_transport mbedtls_ssl_conf_transport
+#define ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
+#define ssl_set_verify mbedtls_ssl_conf_verify
#define ssl_sig_from_pk mbedtls_ssl_sig_from_pk
#define ssl_states mbedtls_ssl_states
#define ssl_ticket_keys mbedtls_ssl_ticket_keys
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 46cc7ae..0c72da9 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -361,7 +361,7 @@
* Remove RC4 ciphersuites by default in SSL / TLS.
* This flag removes the ciphersuites based on RC4 from the default list as
* returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
- * enable (some of) them with mbedtls_ssl_set_ciphersuites() by including them
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
* explicitly.
*
* Uncomment this macro to remove RC4 ciphersuites by default.
@@ -1064,7 +1064,7 @@
* MBEDTLS_SSL_PROTO_DTLS
*
* \warning Disabling this is often a security risk!
- * See mbedtls_ssl_set_dtls_anti_replay() for details.
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
*
* Comment this to disable anti-replay in DTLS.
*/
@@ -1094,7 +1094,7 @@
*
* Enable support for a limit of records with bad MAC.
*
- * See mbedtls_ssl_set_dtls_badmac_limit().
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
*
* Requires: MBEDTLS_SSL_PROTO_DTLS
*/
@@ -1136,14 +1136,14 @@
/**
* \def MBEDTLS_SSL_SET_CURVES
*
- * Enable mbedtls_ssl_set_curves().
+ * Enable mbedtls_ssl_conf_curves().
*
* This is disabled by default since it breaks binary compatibility with the
* 1.3.x line. If you choose to enable it, you will need to rebuild your
* application against the new header files, relinking will not be enough.
* It will be enabled by default, or no longer an option, in the 1.4 branch.
*
- * Uncomment to make mbedtls_ssl_set_curves() available.
+ * Uncomment to make mbedtls_ssl_conf_curves() available.
*/
//#define MBEDTLS_SSL_SET_CURVES
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index da47f12..742e9e4 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -789,7 +789,7 @@
#endif /* MBEDTLS_SSL_PROTO_DTLS */
/**
- * SSL/TLS configuration to be shared between ssl_context structures.
+ * SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
*/
typedef struct
{
@@ -1179,7 +1179,7 @@
* \param conf SSL configuration
* \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
*/
-void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint );
+void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
/**
* \brief Set the transport type (TLS or DTLS).
@@ -1193,9 +1193,9 @@
*
* \note For DTLS, you must either provide a recv callback that
* doesn't block, or one that handles timeouts, see
- * mbedtls_ssl_set_bio()
+ * mbedtls_ssl_conf_bio()
*/
-int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport );
+int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
/**
* \brief Set the certificate verification mode
@@ -1222,7 +1222,7 @@
* the verification as soon as possible. For example, REQUIRED was protecting
* against the "triple handshake" attack even before it was found.
*/
-void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode );
+void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/**
@@ -1236,7 +1236,7 @@
* \param f_vrfy verification function
* \param p_vrfy verification parameter
*/
-void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
void *p_vrfy );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
@@ -1248,7 +1248,7 @@
* \param f_rng RNG function
* \param p_rng RNG parameter
*/
-void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
@@ -1259,7 +1259,7 @@
* \param f_dbg debug function
* \param p_dbg debug parameter
*/
-void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
void (*f_dbg)(void *, int, const char *),
void *p_dbg );
@@ -1296,7 +1296,7 @@
* \note With blocking I/O, this will only work if a non-NULL
* \c f_recv_timeout was set with \c mbedtls_ssl_set_bio().
*/
-void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
+void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
/**
@@ -1376,7 +1376,7 @@
* \param f_cookie_check Cookie check callback
* \param p_cookie Context for both callbacks
*/
-void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
mbedtls_ssl_cookie_write_t *f_cookie_write,
mbedtls_ssl_cookie_check_t *f_cookie_check,
void *p_cookie );
@@ -1398,7 +1398,7 @@
* packets and needs information about them to adjust its
* transmission strategy, then you'll want to disable this.
*/
-void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
+void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
@@ -1425,7 +1425,7 @@
* might make us waste resources checking authentication on
* many bogus packets.
*/
-void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
+void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -1445,7 +1445,7 @@
* handshake latency. Lower values may increase the risk of
* network congestion by causing more retransmissions.
*/
-void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_SRV_C)
@@ -1486,7 +1486,7 @@
* \param f_get_cache session get callback
* \param f_set_cache session set callback
*/
-void mbedtls_ssl_set_session_cache( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
void *p_cache,
int (*f_get_cache)(void *, mbedtls_ssl_session *),
int (*f_set_cache)(void *, const mbedtls_ssl_session *) );
@@ -1522,7 +1522,7 @@
* \param conf SSL configuration
* \param ciphersuites 0-terminated list of allowed ciphersuites
*/
-void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites );
/**
@@ -1541,7 +1541,7 @@
* \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0
* and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
-void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
const int *ciphersuites,
int major, int minor );
@@ -1553,7 +1553,7 @@
* \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
* \param ca_crl trusted CA CRLs
*/
-void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
mbedtls_x509_crt *ca_chain,
mbedtls_x509_crl *ca_crl );
@@ -1580,7 +1580,7 @@
*
* \return 0 on success or MBEDTLS_ERR_SSL_MALLOC_FAILED
*/
-int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
mbedtls_pk_context *pk_key );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
@@ -1590,7 +1590,7 @@
* \brief Set the Pre Shared Key (PSK) and the expected identity name
*
* \note This is mainly useful for clients. Servers will usually
- * want to use \c mbedtls_ssl_set_psk_cb() instead.
+ * want to use \c mbedtls_ssl_conf_psk_cb() instead.
*
* \param conf SSL configuration
* \param psk pointer to the pre-shared key
@@ -1600,7 +1600,7 @@
*
* \return 0 if successful or MBEDTLS_ERR_SSL_MALLOC_FAILED
*/
-int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
const unsigned char *psk, size_t psk_len,
const unsigned char *psk_identity, size_t psk_identity_len );
@@ -1609,7 +1609,7 @@
* \brief Set the Pre Shared Key (PSK) for the current handshake
*
* \note This should only be called inside the PSK callback,
- * ie the function passed to \c mbedtls_ssl_set_psk_cb().
+ * ie the function passed to \c mbedtls_ssl_conf_psk_cb().
*
* \param ssl SSL context
* \param psk pointer to the pre-shared key
@@ -1638,13 +1638,13 @@
*
* \note If you set a PSK callback using this function, then you
* don't need to set a PSK key and identity using
- * \c mbedtls_ssl_set_psk().
+ * \c mbedtls_ssl_conf_psk().
*
* \param conf SSL configuration
* \param f_psk PSK identity function
* \param p_psk PSK identity parameter
*/
-void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
void *p_psk );
@@ -1662,7 +1662,7 @@
*
* \return 0 if successful
*/
-int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G );
+int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G );
/**
* \brief Set the Diffie-Hellman public P and G values,
@@ -1673,7 +1673,7 @@
*
* \return 0 if successful
*/
-int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
+int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
#endif /* MBEDTLS_DHM_C */
#if defined(MBEDTLS_SSL_SET_CURVES)
@@ -1695,7 +1695,7 @@
* \param curves Ordered list of allowed curves,
* terminated by MBEDTLS_ECP_DP_NONE.
*/
-void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
+void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
#endif /* MBEDTLS_SSL_SET_CURVES */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -1716,7 +1716,7 @@
/**
* \brief Set own certificate and key for the current handshake
*
- * \note Same as \c mbedtls_ssl_set_own_cert() but for use within
+ * \note Same as \c mbedtls_ssl_conf_own_cert() but for use within
* the SNI callback.
*
* \param ssl SSL context
@@ -1733,7 +1733,7 @@
* \brief Set the data required to verify peer certificate for the
* current handshake
*
- * \note Same as \c mbedtls_ssl_set_ca_chain() but for use within
+ * \note Same as \c mbedtls_ssl_conf_ca_chain() but for use within
* the SNI callback.
*
* \param ssl SSL context
@@ -1764,7 +1764,7 @@
* \param f_sni verification function
* \param p_sni verification parameter
*/
-void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
void *p_sni );
@@ -1780,7 +1780,7 @@
*
* \return 0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
*/
-int mbedtls_ssl_set_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
+int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
/**
* \brief Get the name of the negotiated Application Layer Protocol.
@@ -1811,7 +1811,7 @@
* \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
* MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
-int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor );
+int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
/**
* \brief Set the minimum accepted SSL/TLS protocol version
@@ -1832,7 +1832,7 @@
* \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
* MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
*/
-int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor );
+int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
/**
@@ -1854,7 +1854,7 @@
* \param conf SSL configuration
* \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
*/
-void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback );
+void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
@@ -1869,7 +1869,7 @@
* \param conf SSL configuration
* \param etm MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
*/
-void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
+void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
@@ -1884,7 +1884,7 @@
* \param conf SSL configuration
* \param ems MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
*/
-void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems );
+void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
/**
@@ -1900,7 +1900,7 @@
* \param conf SSL configuration
* \param arc4 MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
*/
-void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 );
+void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 );
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
/**
@@ -1918,7 +1918,7 @@
*
* \return O if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
*/
-int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
+int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
@@ -1932,7 +1932,7 @@
*
* \return Always 0.
*/
-int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
+int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
@@ -1947,7 +1947,7 @@
* \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or
* MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
*/
-void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
+void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
@@ -1956,7 +1956,7 @@
* (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED on client,
* MBEDTLS_SSL_SESSION_TICKETS_DISABLED on server)
*
- * \note On server, mbedtls_ssl_set_rng() must be called before this function
+ * \note On server, mbedtls_ssl_conf_rng() must be called before this function
* to allow generating the ticket encryption and
* authentication keys.
*
@@ -1967,7 +1967,7 @@
* \return O if successful,
* or a specific error code (server only).
*/
-int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
+int mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
/**
* \brief Set session ticket lifetime (server only)
@@ -1976,7 +1976,7 @@
* \param conf SSL configuration
* \param lifetime session ticket lifetime
*/
-void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime );
+void mbedtls_ssl_conf_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime );
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_RENEGOTIATION)
@@ -1993,7 +1993,7 @@
* \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
* MBEDTLS_SSL_RENEGOTIATION_DISABLED)
*/
-void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
+void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
#endif /* MBEDTLS_SSL_RENEGOTIATION */
/**
@@ -2023,7 +2023,7 @@
* SSL_ALLOW_LEGACY_RENEGOTIATION or
* MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
*/
-void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
+void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
/**
@@ -2063,7 +2063,7 @@
* enforce renegotiation, or a non-negative value to enforce
* it but allow for a grace period of max_records records.
*/
-void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
+void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
/**
* \brief Set record counter threshold for periodic renegotiation.
@@ -2082,7 +2082,7 @@
* \param period The threshold value: a big-endian 64-bit number.
* Set to 2^64 - 1 to disable periodic renegotiation
*/
-void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
const unsigned char period[8] );
#endif /* MBEDTLS_SSL_RENEGOTIATION */
@@ -2295,7 +2295,7 @@
*
* \param conf SSL configuration context
*
- * \note See \c mbedtls_ssl_set_transport() for notes on DTLS.
+ * \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
*
* \return 0 if successful, or
* MBEDTLS_ERR_XXX_ALLOC_FAILED on memorr allocation error.
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e83466e..3e2b901 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -377,7 +377,7 @@
return( 0 );
}
-void mbedtls_ssl_set_dtls_cookies( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
mbedtls_ssl_cookie_write_t *f_cookie_write,
mbedtls_ssl_cookie_check_t *f_cookie_check,
void *p_cookie )
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6618ebe..b098e0d 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1952,7 +1952,7 @@
ssl->in_msglen );
mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec,
ssl->in_msg + ssl->in_msglen );
- /* Call md_process at least once due to cache attacks */
+ /* Call mbedtls_md_process at least once due to cache attacks */
for( j = 0; j < extra_run + 1; j++ )
mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg );
@@ -5180,12 +5180,12 @@
/*
* SSL set accessors
*/
-void mbedtls_ssl_set_endpoint( mbedtls_ssl_config *conf, int endpoint )
+void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint )
{
conf->endpoint = endpoint;
}
-int mbedtls_ssl_set_transport( mbedtls_ssl_config *conf, int transport )
+int mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
{
conf->transport = transport;
@@ -5193,34 +5193,34 @@
}
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
-void mbedtls_ssl_set_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
+void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
{
conf->anti_replay = mode;
}
#endif
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
-void mbedtls_ssl_set_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
+void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
{
conf->badmac_limit = limit;
}
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
-void mbedtls_ssl_set_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
{
conf->hs_timeout_min = min;
conf->hs_timeout_max = max;
}
#endif
-void mbedtls_ssl_set_authmode( mbedtls_ssl_config *conf, int authmode )
+void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode )
{
conf->authmode = authmode;
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
-void mbedtls_ssl_set_verify( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
void *p_vrfy )
{
@@ -5229,7 +5229,7 @@
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-void mbedtls_ssl_set_rng( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@@ -5237,7 +5237,7 @@
conf->p_rng = p_rng;
}
-void mbedtls_ssl_set_dbg( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
void (*f_dbg)(void *, int, const char *),
void *p_dbg )
{
@@ -5257,13 +5257,13 @@
ssl->f_recv_timeout = f_recv_timeout;
}
-void mbedtls_ssl_set_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
+void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
{
conf->read_timeout = timeout;
}
#if defined(MBEDTLS_SSL_SRV_C)
-void mbedtls_ssl_set_session_cache( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
void *p_cache,
int (*f_get_cache)(void *, mbedtls_ssl_session *),
int (*f_set_cache)(void *, const mbedtls_ssl_session *) )
@@ -5296,7 +5296,7 @@
}
#endif /* MBEDTLS_SSL_CLI_C */
-void mbedtls_ssl_set_ciphersuites( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
const int *ciphersuites )
{
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
@@ -5305,7 +5305,7 @@
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
}
-void mbedtls_ssl_set_ciphersuites_for_version( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
const int *ciphersuites,
int major, int minor )
{
@@ -5350,14 +5350,14 @@
return( 0 );
}
-int mbedtls_ssl_set_own_cert( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
mbedtls_x509_crt *own_cert,
mbedtls_pk_context *pk_key )
{
return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) );
}
-void mbedtls_ssl_set_ca_chain( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
mbedtls_x509_crt *ca_chain,
mbedtls_x509_crl *ca_crl )
{
@@ -5385,7 +5385,7 @@
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-int mbedtls_ssl_set_psk( mbedtls_ssl_config *conf,
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
const unsigned char *psk, size_t psk_len,
const unsigned char *psk_identity, size_t psk_identity_len )
{
@@ -5443,7 +5443,7 @@
return( 0 );
}
-void mbedtls_ssl_set_psk_cb( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
size_t),
void *p_psk )
@@ -5454,7 +5454,7 @@
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(MBEDTLS_DHM_C)
-int mbedtls_ssl_set_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
+int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
{
int ret;
@@ -5469,7 +5469,7 @@
return( 0 );
}
-int mbedtls_ssl_set_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
+int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
{
int ret;
@@ -5489,7 +5489,7 @@
/*
* Set the allowed elliptic curves
*/
-void mbedtls_ssl_set_curves( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
const mbedtls_ecp_group_id *curve_list )
{
conf->curve_list = curve_list;
@@ -5523,7 +5523,7 @@
#endif
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
-void mbedtls_ssl_set_sni( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
int (*f_sni)(void *, mbedtls_ssl_context *,
const unsigned char *, size_t),
void *p_sni )
@@ -5534,7 +5534,7 @@
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#if defined(MBEDTLS_SSL_ALPN)
-int mbedtls_ssl_set_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
+int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
{
size_t cur_len, tot_len;
const char **p;
@@ -5588,7 +5588,7 @@
return( 0 );
}
-int mbedtls_ssl_set_max_version( mbedtls_ssl_config *conf, int major, int minor )
+int mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
{
if( ssl_check_version( conf, major, minor ) != 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -5599,7 +5599,7 @@
return( 0 );
}
-int mbedtls_ssl_set_min_version( mbedtls_ssl_config *conf, int major, int minor )
+int mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
{
if( ssl_check_version( conf, major, minor ) != 0 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -5611,33 +5611,33 @@
}
#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
-void mbedtls_ssl_set_fallback( mbedtls_ssl_config *conf, char fallback )
+void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
{
conf->fallback = fallback;
}
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
-void mbedtls_ssl_set_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
+void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
{
conf->encrypt_then_mac = etm;
}
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-void mbedtls_ssl_set_extended_master_secret( mbedtls_ssl_config *conf, char ems )
+void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems )
{
conf->extended_ms = ems;
}
#endif
-void mbedtls_ssl_set_arc4_support( mbedtls_ssl_config *conf, char arc4 )
+void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 )
{
conf->arc4_disabled = arc4;
}
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
-int mbedtls_ssl_set_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
+int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
{
if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
mfl_code_to_length[mfl_code] > MBEDTLS_SSL_MAX_CONTENT_LEN )
@@ -5652,7 +5652,7 @@
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-int mbedtls_ssl_set_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
+int mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
{
conf->trunc_hmac = truncate;
@@ -5661,29 +5661,29 @@
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
-void mbedtls_ssl_set_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
+void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
{
conf->cbc_record_splitting = split;
}
#endif
-void mbedtls_set_ssl_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
+void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
{
conf->allow_legacy_renegotiation = allow_legacy;
}
#if defined(MBEDTLS_SSL_RENEGOTIATION)
-void mbedtls_ssl_set_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
+void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
{
conf->disable_renegotiation = renegotiation;
}
-void mbedtls_ssl_set_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
+void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
{
conf->renego_max_records = max_records;
}
-void mbedtls_ssl_set_renegotiation_period( mbedtls_ssl_config *conf,
+void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
const unsigned char period[8] )
{
memcpy( conf->renego_period, period, 8 );
@@ -5691,7 +5691,7 @@
#endif /* MBEDTLS_SSL_RENEGOTIATION */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
-int mbedtls_ssl_set_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
+int mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
{
conf->session_tickets = use_tickets;
@@ -5706,7 +5706,7 @@
return( ssl_ticket_keys_init( conf ) );
}
-void mbedtls_ssl_set_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
+void mbedtls_ssl_conf_session_ticket_lifetime( mbedtls_ssl_config *conf, int lifetime )
{
conf->ticket_lifetime = lifetime;
}
@@ -6735,7 +6735,7 @@
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
if( endpoint == MBEDTLS_SSL_IS_SERVER )
{
- if( ( ret = mbedtls_ssl_set_dh_param( conf,
+ if( ( ret = mbedtls_ssl_conf_dh_param( conf,
MBEDTLS_DHM_RFC5114_MODP_2048_P,
MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 )
{
diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c
index 658555a..fb95adf 100644
--- a/programs/ssl/dtls_client.c
+++ b/programs/ssl/dtls_client.c
@@ -179,16 +179,16 @@
/* OPTIONAL is usually a bad choice for security, but makes interop easier
* in this simplified example, in which the ca chain is hardcoded.
* Production code should set a proper ca chain and use REQUIRED. */
- mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
- mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_set_hostname( &ssl, SERVER_NAME ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd,
mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout );
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index 5d1134c..55b6b3e 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -206,19 +206,19 @@
goto exit;
}
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_set_session_cache( &conf, &cache,
+ mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
#endif
- mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+ mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
- printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
@@ -229,7 +229,7 @@
goto exit;
}
- mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
+ mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
&cookie_ctx );
printf( " ok\n" );
@@ -275,7 +275,7 @@
sizeof( client_ip ) ) ) != 0 )
{
printf( " failed\n ! "
- "ssl_set_client_tranport_id() returned -0x%x\n\n", -ret );
+ "ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
goto exit;
}
diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c
index 0504c76..d770754 100644
--- a/programs/ssl/mini_client.c
+++ b/programs/ssl/mini_client.c
@@ -203,10 +203,10 @@
goto exit;
}
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
- mbedtls_ssl_set_psk( &ssl, psk, sizeof( psk ),
+ mbedtls_ssl_conf_psk( &ssl, psk, sizeof( psk ),
(const unsigned char *) psk_id, sizeof( psk_id ) - 1 );
#endif
@@ -217,13 +217,13 @@
goto exit;
}
- mbedtls_ssl_set_ca_chain( &conf, &ca, NULL );
+ mbedtls_ssl_conf_ca_chain( &conf, &ca, NULL );
if( mbedtls_ssl_set_hostname( &ssl, HOSTNAME ) != 0 )
{
ret = hostname_failed;
goto exit;
}
- mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
#endif
/*
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index f3b22fd..cf5598b 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -168,16 +168,16 @@
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
- mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
- mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_set_hostname( &ssl, "mbed TLS Server 1" ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
/*
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 0f03a81..6620d4e 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1065,58 +1065,58 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( opt.debug_level > 0 )
- mbedtls_ssl_set_verify( &conf, my_verify, NULL );
+ mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
#endif
if( opt.auth_mode != DFL_AUTH_MODE )
- mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
+ mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
- mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
+ mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- if( ( ret = mbedtls_ssl_set_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
- mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
+ mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
- mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
+ mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( opt.etm != DFL_ETM )
- mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
+ mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
#endif
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
if( opt.recsplit != DFL_RECSPLIT )
- mbedtls_ssl_set_cbc_record_splitting( &conf, opt.recsplit
+ mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit
? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
: MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
#endif
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
- if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
if( opt.nbio == 2 )
mbedtls_ssl_set_bio( &ssl, &server_fd, my_send, my_recv, NULL );
@@ -1128,40 +1128,40 @@
NULL
#endif
);
- mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout );
+ mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session_tickets returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
- mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
+ mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
if( opt.arc4 != DFL_ARC4 )
- mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
+ mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
- mbedtls_set_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
+ mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
- mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
+ mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
- mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
}
if( strcmp( opt.crt_file, "none" ) != 0 &&
strcmp( opt.key_file, "none" ) != 0 )
{
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
}
@@ -1173,18 +1173,18 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
- if( ( ret = mbedtls_ssl_set_psk( &conf, psk, psk_len,
+ if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
(const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_psk returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret );
goto exit;
}
#endif
if( opt.min_version != DFL_MIN_VERSION )
{
- ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
+ ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected min_version is not available\n" );
@@ -1194,7 +1194,7 @@
if( opt.max_version != DFL_MAX_VERSION )
{
- ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
+ ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected max_version is not available\n" );
@@ -1204,7 +1204,7 @@
#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
if( opt.fallback != DFL_FALLBACK )
- mbedtls_ssl_set_fallback( &conf, opt.fallback );
+ mbedtls_ssl_conf_fallback( &conf, opt.fallback );
#endif
mbedtls_printf( " ok\n" );
@@ -1520,7 +1520,7 @@
if( ( ret = mbedtls_ssl_set_session( &ssl, &saved_session ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_session returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 2d03c8b..e064c5c 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -265,14 +265,14 @@
mbedtls_printf( " ok\n" );
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
- mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+ mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index f4f6b3b..d28b851 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -602,24 +602,24 @@
/* OPTIONAL is not optimal for security,
* but makes interop easier in this simplified example */
- mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_OPTIONAL );
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
- mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
+ mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
- mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 7b7138a..9150a8e 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -176,22 +176,22 @@
goto thread_exit;
}
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_mutexed_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_mutexed_debug, stdout );
/* mbedtls_ssl_cache_get() and mbedtls_ssl_cache_set() are thread-safe if
* MBEDTLS_THREADING_C is set.
*/
#if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_set_session_cache( &conf,
+ mbedtls_ssl_conf_session_cache( &conf,
mbedtls_ssl_cache_get, thread_info->cache,
mbedtls_ssl_cache_set, thread_info->cache );
#endif
- mbedtls_ssl_set_ca_chain( &conf, thread_info->ca_chain, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
+ mbedtls_ssl_conf_ca_chain( &conf, thread_info->ca_chain, NULL );
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, thread_info->server_cert, thread_info->server_key ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto thread_exit;
}
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index c1ad8ba..150b626 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -205,19 +205,19 @@
goto exit;
}
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
- mbedtls_ssl_set_session_cache( &conf, &cache,
+ mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
#endif
- mbedtls_ssl_set_ca_chain( &conf, srvcert.next, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+ mbedtls_ssl_conf_ca_chain( &conf, srvcert.next, NULL );
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 0b690b0..81b92a6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1534,47 +1534,47 @@
}
if( opt.auth_mode != DFL_AUTH_MODE )
- mbedtls_ssl_set_authmode( &conf, opt.auth_mode );
+ mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )
- mbedtls_ssl_set_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
+ mbedtls_ssl_conf_handshake_timeout( &conf, opt.hs_to_min, opt.hs_to_max );
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- if( ( ret = mbedtls_ssl_set_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_max_frag_len( &conf, opt.mfl_code ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_max_frag_len returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
goto exit;
};
#endif
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
- mbedtls_ssl_set_truncated_hmac( &conf, opt.trunc_hmac );
+ mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
- mbedtls_ssl_set_extended_master_secret( &conf, opt.extended_ms );
+ mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( opt.etm != DFL_ETM )
- mbedtls_ssl_set_encrypt_then_mac( &conf, opt.etm );
+ mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
#endif
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
- if( ( ret = mbedtls_ssl_set_alpn_protocols( &conf, alpn_list ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_alpn_protocols returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_alpn_protocols returned %d\n\n", ret );
goto exit;
}
#endif
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
#if defined(MBEDTLS_SSL_CACHE_C)
if( opt.cache_max != -1 )
@@ -1583,20 +1583,20 @@
if( opt.cache_timeout != -1 )
mbedtls_ssl_cache_set_timeout( &cache, opt.cache_timeout );
- mbedtls_ssl_set_session_cache( &conf, &cache,
+ mbedtls_ssl_conf_session_cache( &conf, &cache,
mbedtls_ssl_cache_get,
mbedtls_ssl_cache_set );
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- if( ( ret = mbedtls_ssl_set_session_tickets( &conf, opt.tickets ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_session_tickets returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_session_tickets returned %d\n\n", ret );
goto exit;
}
if( opt.ticket_timeout != -1 )
- mbedtls_ssl_set_session_ticket_lifetime( &conf, opt.ticket_timeout );
+ mbedtls_ssl_conf_session_ticket_lifetime( &conf, opt.ticket_timeout );
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -1612,7 +1612,7 @@
goto exit;
}
- mbedtls_ssl_set_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
+ mbedtls_ssl_conf_dtls_cookies( &conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
&cookie_ctx );
}
else
@@ -1620,7 +1620,7 @@
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if( opt.cookies == 0 )
{
- mbedtls_ssl_set_dtls_cookies( &conf, NULL, NULL, NULL );
+ mbedtls_ssl_conf_dtls_cookies( &conf, NULL, NULL, NULL );
}
else
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
@@ -1630,50 +1630,50 @@
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( opt.anti_replay != DFL_ANTI_REPLAY )
- mbedtls_ssl_set_dtls_anti_replay( &conf, opt.anti_replay );
+ mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay );
#endif
#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
if( opt.badmac_limit != DFL_BADMAC_LIMIT )
- mbedtls_ssl_set_dtls_badmac_limit( &conf, opt.badmac_limit );
+ mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit );
#endif
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER )
- mbedtls_ssl_set_ciphersuites( &conf, opt.force_ciphersuite );
+ mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite );
if( opt.arc4 != DFL_ARC4 )
- mbedtls_ssl_set_arc4_support( &conf, opt.arc4 );
+ mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 );
if( opt.version_suites != NULL )
{
- mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[0],
+ mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_0 );
- mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[1],
+ mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[1],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_1 );
- mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[2],
+ mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[2],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_2 );
- mbedtls_ssl_set_ciphersuites_for_version( &conf, version_suites[3],
+ mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[3],
MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3 );
}
if( opt.allow_legacy != DFL_ALLOW_LEGACY )
- mbedtls_set_ssl_legacy_renegotiation( &conf, opt.allow_legacy );
+ mbedtls_ssl_conf_legacy_renegotiation( &conf, opt.allow_legacy );
#if defined(MBEDTLS_SSL_RENEGOTIATION)
- mbedtls_ssl_set_renegotiation( &conf, opt.renegotiation );
+ mbedtls_ssl_conf_renegotiation( &conf, opt.renegotiation );
if( opt.renego_delay != DFL_RENEGO_DELAY )
- mbedtls_ssl_set_renegotiation_enforced( &conf, opt.renego_delay );
+ mbedtls_ssl_conf_renegotiation_enforced( &conf, opt.renego_delay );
if( opt.renego_period != DFL_RENEGO_PERIOD )
{
renego_period[7] = opt.renego_period;
- mbedtls_ssl_set_renegotiation_period( &conf, renego_period );
+ mbedtls_ssl_conf_renegotiation_period( &conf, renego_period );
}
#endif
@@ -1681,42 +1681,42 @@
if( strcmp( opt.ca_path, "none" ) != 0 &&
strcmp( opt.ca_file, "none" ) != 0 )
{
- mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
}
if( key_cert_init )
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
if( key_cert_init2 )
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &srvcert2, &pkey2 ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto exit;
}
#endif
#if defined(SNI_OPTION)
if( opt.sni != NULL )
- mbedtls_ssl_set_sni( &conf, sni_callback, sni_info );
+ mbedtls_ssl_conf_sni( &conf, sni_callback, sni_info );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
{
- ret = mbedtls_ssl_set_psk( &conf, psk, psk_len,
+ ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
(const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) );
if( ret != 0 )
{
- mbedtls_printf( " failed\n mbedtls_ssl_set_psk returned -0x%04X\n\n", - ret );
+ mbedtls_printf( " failed\n mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
goto exit;
}
}
if( opt.psk_list != NULL )
- mbedtls_ssl_set_psk_cb( &conf, psk_callback, psk_info );
+ mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
#endif
#if defined(MBEDTLS_DHM_C)
@@ -1725,18 +1725,18 @@
*/
#if defined(MBEDTLS_FS_IO)
if( opt.dhm_file != NULL )
- ret = mbedtls_ssl_set_dh_param_ctx( &conf, &dhm );
+ ret = mbedtls_ssl_conf_dh_param_ctx( &conf, &dhm );
#endif
if( ret != 0 )
{
- mbedtls_printf( " failed\n mbedtls_ssl_set_dh_param returned -0x%04X\n\n", - ret );
+ mbedtls_printf( " failed\n mbedtls_ssl_conf_dh_param returned -0x%04X\n\n", - ret );
goto exit;
}
#endif
if( opt.min_version != DFL_MIN_VERSION )
{
- ret = mbedtls_ssl_set_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
+ ret = mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected min_version is not available\n" );
@@ -1746,7 +1746,7 @@
if( opt.max_version != DFL_MIN_VERSION )
{
- ret = mbedtls_ssl_set_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
+ ret = mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! selected max_version is not available\n" );
@@ -1823,7 +1823,7 @@
NULL
#endif
);
- mbedtls_ssl_set_read_timeout( &conf, opt.read_timeout );
+ mbedtls_ssl_conf_read_timeout( &conf, opt.read_timeout );
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
@@ -1832,7 +1832,7 @@
sizeof( client_ip ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
- "ssl_set_client_tranport_id() returned -0x%x\n\n", -ret );
+ "ssl_set_client_transport_id() returned -0x%x\n\n", -ret );
goto exit;
}
}
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index fb81287..79a652e 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -412,20 +412,20 @@
if( verify )
{
- mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
- mbedtls_ssl_set_ca_chain( &conf, &cacert, NULL );
- mbedtls_ssl_set_verify( &conf, my_verify, NULL );
+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_REQUIRED );
+ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL );
+ mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
}
else
- mbedtls_ssl_set_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
+ mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
- mbedtls_ssl_set_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
- mbedtls_ssl_set_dbg( &conf, my_debug, stdout );
+ mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg );
+ mbedtls_ssl_conf_dbg( &conf, my_debug, stdout );
mbedtls_ssl_set_bio( &ssl, &server_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
- if( ( ret = mbedtls_ssl_set_own_cert( &conf, &clicert, &pkey ) ) != 0 )
+ if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_set_own_cert returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_own_cert returned %d\n\n", ret );
goto ssl_exit;
}
diff --git a/scripts/data_files/rename-1.3-2.0.txt b/scripts/data_files/rename-1.3-2.0.txt
index 431e1be..f86341e 100644
--- a/scripts/data_files/rename-1.3-2.0.txt
+++ b/scripts/data_files/rename-1.3-2.0.txt
@@ -1969,7 +1969,7 @@
ssl_hw_record_write mbedtls_ssl_hw_record_write
ssl_init mbedtls_ssl_init
ssl_key_cert mbedtls_ssl_key_cert
-ssl_legacy_renegotiation mbedtls_set_ssl_legacy_renegotiation
+ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
ssl_optimize_checksum mbedtls_ssl_optimize_checksum
@@ -1997,49 +1997,49 @@
ssl_session_free mbedtls_ssl_session_free
ssl_session_init mbedtls_ssl_session_init
ssl_session_reset mbedtls_ssl_session_reset
-ssl_set_alpn_protocols mbedtls_ssl_set_alpn_protocols
-ssl_set_arc4_support mbedtls_ssl_set_arc4_support
-ssl_set_authmode mbedtls_ssl_set_authmode
+ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
+ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
+ssl_set_authmode mbedtls_ssl_conf_authmode
ssl_set_bio mbedtls_ssl_set_bio
ssl_set_bio_timeout mbedtls_ssl_set_bio_timeout
-ssl_set_ca_chain mbedtls_ssl_set_ca_chain
-ssl_set_cbc_record_splitting mbedtls_ssl_set_cbc_record_splitting
-ssl_set_ciphersuites mbedtls_ssl_set_ciphersuites
-ssl_set_ciphersuites_for_version mbedtls_ssl_set_ciphersuites_for_version
+ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
+ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
+ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
+ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
-ssl_set_curves mbedtls_ssl_set_curves
-ssl_set_dbg mbedtls_ssl_set_dbg
-ssl_set_dh_param mbedtls_ssl_set_dh_param
-ssl_set_dh_param_ctx mbedtls_ssl_set_dh_param_ctx
-ssl_set_dtls_anti_replay mbedtls_ssl_set_dtls_anti_replay
-ssl_set_dtls_badmac_limit mbedtls_ssl_set_dtls_badmac_limit
-ssl_set_dtls_cookies mbedtls_ssl_set_dtls_cookies
-ssl_set_encrypt_then_mac mbedtls_ssl_set_encrypt_then_mac
-ssl_set_endpoint mbedtls_ssl_set_endpoint
-ssl_set_extended_master_secret mbedtls_ssl_set_extended_master_secret
-ssl_set_fallback mbedtls_ssl_set_fallback
-ssl_set_handshake_timeout mbedtls_ssl_set_handshake_timeout
+ssl_set_curves mbedtls_ssl_conf_curves
+ssl_set_dbg mbedtls_ssl_conf_dbg
+ssl_set_dh_param mbedtls_ssl_conf_dh_param
+ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
+ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
+ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
+ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
+ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
+ssl_set_endpoint mbedtls_ssl_conf_endpoint
+ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
+ssl_set_fallback mbedtls_ssl_conf_fallback
+ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
ssl_set_hostname mbedtls_ssl_set_hostname
-ssl_set_max_frag_len mbedtls_ssl_set_max_frag_len
-ssl_set_max_version mbedtls_ssl_set_max_version
-ssl_set_min_version mbedtls_ssl_set_min_version
-ssl_set_own_cert mbedtls_ssl_set_own_cert
+ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
+ssl_set_max_version mbedtls_ssl_conf_max_version
+ssl_set_min_version mbedtls_ssl_conf_min_version
+ssl_set_own_cert mbedtls_ssl_conf_own_cert
ssl_set_own_cert_alt mbedtls_ssl_set_own_cert_alt
ssl_set_own_cert_rsa mbedtls_ssl_set_own_cert_rsa
-ssl_set_psk mbedtls_ssl_set_psk
-ssl_set_psk_cb mbedtls_ssl_set_psk_cb
-ssl_set_renegotiation mbedtls_ssl_set_renegotiation
-ssl_set_renegotiation_enforced mbedtls_ssl_set_renegotiation_enforced
-ssl_set_renegotiation_period mbedtls_ssl_set_renegotiation_period
-ssl_set_rng mbedtls_ssl_set_rng
+ssl_set_psk mbedtls_ssl_conf_psk
+ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
+ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
+ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
+ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
+ssl_set_rng mbedtls_ssl_conf_rng
ssl_set_session mbedtls_ssl_set_session
-ssl_set_session_cache mbedtls_ssl_set_session_cache
-ssl_set_session_ticket_lifetime mbedtls_ssl_set_session_ticket_lifetime
-ssl_set_session_tickets mbedtls_ssl_set_session_tickets
-ssl_set_sni mbedtls_ssl_set_sni
-ssl_set_transport mbedtls_ssl_set_transport
-ssl_set_truncated_hmac mbedtls_ssl_set_truncated_hmac
-ssl_set_verify mbedtls_ssl_set_verify
+ssl_set_session_cache mbedtls_ssl_conf_session_cache
+ssl_set_session_ticket_lifetime mbedtls_ssl_conf_session_ticket_lifetime
+ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
+ssl_set_sni mbedtls_ssl_conf_sni
+ssl_set_transport mbedtls_ssl_conf_transport
+ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
+ssl_set_verify mbedtls_ssl_conf_verify
ssl_sig_from_pk mbedtls_ssl_sig_from_pk
ssl_states mbedtls_ssl_states
ssl_ticket_keys mbedtls_ssl_ticket_keys
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index 5fd5d34..5c8993f 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -46,7 +46,7 @@
mbedtls_debug_set_log_mode( MBEDTLS_DEBUG_LOG_FULL );
mbedtls_debug_set_threshold( threshold );
- mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_msg( &ssl, level, file, line,
mbedtls_debug_fmt("Text message, 2 == %d", 2 ) );
@@ -75,7 +75,7 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_log_mode( mode );
- mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_ret( &ssl, 0, file, line, text, value);
@@ -108,7 +108,7 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_log_mode( mode );
- mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_buf( &ssl, 0, file, line, text, data, data_len );
@@ -138,7 +138,7 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
mbedtls_debug_set_log_mode( mode );
- mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 );
mbedtls_debug_print_crt( &ssl, 0, file, line, prefix, &crt);
@@ -172,7 +172,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
mbedtls_debug_set_log_mode( mode );
- mbedtls_ssl_set_dbg( &conf, string_debug, &buffer);
+ mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
mbedtls_debug_print_mpi( &ssl, 0, file, line, prefix, &val);
