Remove min/maj version from SSL context if only one version enabled

If the minor/major version is enforced at compile-time, the `major_ver` and `minor_ver` fields in `mbedtls_ssl_context` are redundant and can be removed.
2026-04-04 22:19:05 +00:00 · 2019-06-12 14:43:01 +01:00 · 2019-06-12 14:43:01 +01:00 · 381eaa5976
commit 381eaa5976
parent 2881d80138
4 changed files with 39 additions and 0 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -63,6 +63,18 @@
 #include "platform_time.h"
 #endif

+#if defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) && \
+    defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER) && \
+    ( MBEDTLS_SSL_CONF_MAX_MAJOR_VER == MBEDTLS_SSL_CONF_MIN_MAJOR_VER )
+#define MBEDTLS_SSL_CONF_FIXED_MAJOR_VER MBEDTLS_SSL_CONF_MIN_MAJOR_VER
+#endif
+
+#if defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) && \
+    defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER) && \
+    ( MBEDTLS_SSL_CONF_MAX_MINOR_VER == MBEDTLS_SSL_CONF_MIN_MINOR_VER )
+#define MBEDTLS_SSL_CONF_FIXED_MINOR_VER MBEDTLS_SSL_CONF_MIN_MINOR_VER
+#endif
+
 /*
 * SSL Error codes
 */
@ -1229,8 +1241,12 @@ struct mbedtls_ssl_context
                                  renego_max_records is < 0           */
 #endif /* MBEDTLS_SSL_RENEGOTIATION */

+#if !defined(MBEDTLS_SSL_CONF_FIXED_MAJOR_VER)
    int major_ver;              /*!< equal to  MBEDTLS_SSL_MAJOR_VERSION_3    */
+#endif /* !MBEDTLS_SSL_CONF_FIXED_MAJOR_VER */
+#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
    int minor_ver;              /*!< either 0 (SSL3) or 1 (TLS1.0)    */
+#endif /* !MBEDTLS_SSL_CONF_FIXED_MINOR_VER */

 #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
    unsigned badmac_seen;       /*!< records with a bad MAC received    */
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -962,12 +962,22 @@ int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,

 static inline int mbedtls_ssl_get_minor_ver( mbedtls_ssl_context const *ssl )
 {
+#if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
    return( ssl->minor_ver );
+#else /* !MBEDTLS_SSL_CONF_FIXED_MINOR_VER */
+    ((void) ssl);
+    return( MBEDTLS_SSL_CONF_FIXED_MINOR_VER );
+#endif /* MBEDTLS_SSL_CONF_FIXED_MINOR_VER */
 }

 static inline int mbedtls_ssl_get_major_ver( mbedtls_ssl_context const *ssl )
 {
+#if !defined(MBEDTLS_SSL_CONF_FIXED_MAJOR_VER)
    return( ssl->major_ver );
+#else /* !MBEDTLS_SSL_CONF_FIXED_MAJOR_VER */
+    ((void) ssl);
+    return( MBEDTLS_SSL_CONF_FIXED_MAJOR_VER );
+#endif /* MBEDTLS_SSL_CONF_FIXED_MAJOR_VER */
 }

 #if defined(MBEDTLS_X509_CRT_PARSE_C)