1
10
13
14
20
21
22
23
24
25
26
27
28
29
30
31
32
39
40
41
47
48
49
50
51
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
119
124
125
126
128
129
135
136
137
138
139
140
141
145
146
149
150
151
152
153
170
171
172
173
174
...
...
...
#define NX_SECURE_SOURCE_CODE
#include "nx_secure_tls.h"
#ifdef NX_SECURE_ENABLE_DTLS
#include "nx_secure_dtls.h"
#endif
static const NX_SECURE_TLS_VERSIONS nx_secure_tls_supported_versions[] =
{
{NX_SECURE_TLS_VERSION_SSL_3_0, NX_SECURE_TLS_SSL_3_0_ENABLED},
{NX_SECURE_TLS_VERSION_TLS_1_0, NX_SECURE_TLS_TLS_1_0_ENABLED},
{NX_SECURE_TLS_VERSION_TLS_1_1, NX_SECURE_TLS_TLS_1_1_ENABLED},
{NX_SECURE_TLS_VERSION_TLS_1_2, NX_SECURE_TLS_TLS_1_2_ENABLED},
...};
#ifdef NX_SECURE_ENABLE_DTLS
static const NX_SECURE_TLS_VERSIONS nx_secure_dtls_supported_versions[] =
{
{NX_SECURE_DTLS_VERSION_1_0, NX_SECURE_TLS_TLS_1_1_ENABLED},
{NX_SECURE_DTLS_VERSION_1_2, NX_SECURE_TLS_TLS_1_2_ENABLED},
...};/* ... */
#endif
NX_SECURE_VERSIONS_LIST nx_secure_supported_versions_list[] =
{
{nx_secure_tls_supported_versions, sizeof(nx_secure_tls_supported_versions) / sizeof(NX_SECURE_TLS_VERSIONS)},
#ifdef NX_SECURE_ENABLE_DTLS
{nx_secure_dtls_supported_versions, sizeof(nx_secure_dtls_supported_versions) / sizeof(NX_SECURE_TLS_VERSIONS)},
#endif
...};
...
...
UINT _nx_secure_tls_check_protocol_version(NX_SECURE_TLS_SESSION *tls_session,
USHORT protocol_version, UINT id)
{
UINT i;
if (tls_session -> nx_secure_tls_protocol_version != 0)
{
/* ... */
if (tls_session -> nx_secure_tls_protocol_version == protocol_version)
{
return(NX_SUCCESS);
}if (tls_session -> nx_secure_tls_protocol_version == protocol_version) { ... }
#if !defined(NX_SECURE_TLS_DISABLE_PROTOCOL_VERSION_DOWNGRADE) && !defined(NX_SECURE_TLS_CLIENT_DISABLED)
if ((tls_session -> nx_secure_tls_socket_type == NX_SECURE_TLS_SESSION_TYPE_SERVER) ||
(tls_session -> nx_secure_tls_client_state != NX_SECURE_TLS_CLIENT_STATE_IDLE))/* ... */
#endif
{
/* ... */
return(NX_SECURE_TLS_PROTOCOL_VERSION_CHANGED);
...}
}if (tls_session -> nx_secure_tls_protocol_version != 0) { ... }
if (tls_session -> nx_secure_tls_protocol_version_override != 0)
{
if (tls_session -> nx_secure_tls_protocol_version_override == protocol_version)
{
return(NX_SUCCESS);
}if (tls_session -> nx_secure_tls_protocol_version_override == protocol_version) { ... }
/* ... */
return(NX_SECURE_TLS_UNSUPPORTED_TLS_VERSION);
}if (tls_session -> nx_secure_tls_protocol_version_override != 0) { ... }
for (i = 0; i < nx_secure_supported_versions_list[id].nx_secure_versions_list_count; ++i)
{
if (protocol_version == nx_secure_supported_versions_list[id].nx_secure_versions_list[i].nx_secure_tls_protocol_version)
{
if (nx_secure_supported_versions_list[id].nx_secure_versions_list[i].nx_secure_tls_is_supported)
{
return(NX_SUCCESS);
}if (nx_secure_supported_versions_list[id].nx_secure_versions_list[i].nx_secure_tls_is_supported) { ... }
else
{
return(NX_SECURE_TLS_UNSUPPORTED_TLS_VERSION);
}else { ... }
}if (protocol_version == nx_secure_supported_versions_list[id].nx_secure_versions_list[i].nx_secure_tls_protocol_version) { ... }
}for (i = 0; i < nx_secure_supported_versions_list[id].nx_secure_versions_list_count; ++i) { ... }
return(NX_SECURE_TLS_UNKNOWN_TLS_VERSION);
}{ ... }