Merge pull request #20478 from mariemC/Mariem/dtls_default_user_param…

…s_fix pkg/tinydtls: enforce the default dtls user params to be configurable
RIOT-OS · Mar 26, 2024 · 222a2e1 · 222a2e1
2 parents 4059244 + 208e757
commit 222a2e1
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/pkg/tinydtls/contrib/sock_dtls.c b/pkg/tinydtls/contrib/sock_dtls.c
@@ -60,7 +60,8 @@ static int _read(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
                  size_t len);
 static int _event(struct dtls_context_t *ctx, session_t *session,
                   dtls_alert_level_t level, unsigned short code);
-
+static void _get_user_parameters(struct dtls_context_t *ctx,
+                    session_t *session, dtls_user_parameters_t *user_parameters);
 static void _session_to_ep(const session_t *session, sock_udp_ep_t *ep);
 static void _ep_to_session(const sock_udp_ep_t *ep, session_t *session);
 static uint32_t _update_timeout(uint32_t start, uint32_t timeout);
@@ -69,6 +70,7 @@ static dtls_handler_t _dtls_handler = {
     .event = _event,
     .write = _write,
     .read = _read,
+    .get_user_parameters = _get_user_parameters,
 #ifdef CONFIG_DTLS_PSK
     .get_psk_info = _get_psk_info,
 #endif /* CONFIG_DTLS_PSK */
@@ -176,6 +178,15 @@ static int _event(struct dtls_context_t *ctx, session_t *session,
     return 0;
 }
 
+static void _get_user_parameters(struct dtls_context_t *ctx,
+                    session_t *session, dtls_user_parameters_t *user_parameters) {
+  (void) ctx;
+  (void) session;
+
+  user_parameters->force_extended_master_secret = CONFIG_DTLS_FORCE_EXTENDED_MASTER_SECRET;
+  user_parameters->force_renegotiation_info = CONFIG_DTLS_FORCE_RENEGOTIATION_INFO;
+}
+
 #ifdef CONFIG_DTLS_PSK
 static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
                          dtls_credentials_type_t type,

diff --git a/sys/include/net/sock/dtls.h b/sys/include/net/sock/dtls.h
@@ -581,6 +581,20 @@ extern "C" {
  */
 #define SOCK_DTLS_HANDSHAKE     (EXDEV)
 
+/**
+ * @brief Force extended master secret extension
+ */
+#ifndef CONFIG_DTLS_FORCE_EXTENDED_MASTER_SECRET
+#define CONFIG_DTLS_FORCE_EXTENDED_MASTER_SECRET 1
+#endif
+
+/**
+ * @brief Force renegotiation info extension
+ */
+#ifndef CONFIG_DTLS_FORCE_RENEGOTIATION_INFO
+#define CONFIG_DTLS_FORCE_RENEGOTIATION_INFO 1
+#endif
+
 /**
  * @brief DTLS version number
  * @anchor sock_dtls_prot_version