Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix bug for extension of TLS handshake #270

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 49 additions & 3 deletions deps/mbedtls-config.h
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,6 @@
#define MBEDTLS_SSL_PROTO_TLS1_1
#define MBEDTLS_SSL_PROTO_TLS1_2

/* Enable SNI in TLS handshake */
#define MBEDTLS_SSL_SERVER_NAME_INDICATION 1

/* mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_ASN1_PARSE_C
Expand Down Expand Up @@ -77,6 +74,55 @@
#define MBEDTLS_VERSION_C
#define MBEDTLS_VERSION_FEATURES

/* Enable extensions in TLS handshake */
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
#define MBEDTLS_ECDH_C
#define MBEDTLS_SSL_PROTO_TLS1_3
#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
#define MBEDTLS_ECDSA_C
#define MBEDTLS_ECP_C
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
#define MBEDTLS_PKCS1_V21
#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
#define MBEDTLS_SSL_ALPN
#define MBEDTLS_SSL_SESSION_TICKETS
#define MBEDTLS_SSL_CIPHERSUITES \
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, \
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, \
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, \
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, \
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, \
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, \
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, \
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, \
MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, \
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, \
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, \
MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, \
MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, \
MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, \
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA

/* For test certificates */
#define MBEDTLS_BASE64_C
#define MBEDTLS_CERTS_C
Expand Down
Loading