Fixes for building without DTLS v1.2 and TLS v1.2. Fixes for explicit cast warnings.

examples/benchmark/tls_bench.c

@@ -905,9 +905,15 @@ static int bench_tls_client(info_t* info)
 #ifdef WOLFSSL_DTLS
     if (info->doDTLS) {
         if (tls13) {
-            return WOLFSSL_SUCCESS;
+        #ifdef WOLFSSL_DTLS13
+            cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_3_client_method());
+        #endif
+        }
+        else {
+        #ifndef WOLFSSL_NO_TLS12
+            cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
+        #endif
         }
-        cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
     }
     else
 #endif
@@ -1348,9 +1354,15 @@ static int bench_tls_server(info_t* info)
 #ifdef WOLFSSL_DTLS
     if (info->doDTLS) {
         if (tls13) {
-            return WOLFSSL_SUCCESS;
+        #ifdef WOLFSSL_DTLS13
+            srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_3_server_method());
+        #endif
+        }
+        else {
+        #ifndef WOLFSSL_NO_TLS12
+            srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
+        #endif
         }
-        srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
     }
     else
 #endif

examples/echoclient/echoclient.c

@@ -138,7 +138,11 @@ void echoclient_test(void* args)
 #endif
 
 #if defined(CYASSL_DTLS)
+    #ifdef WOLFSSL_DTLS13
+    method = wolfDTLSv1_3_client_method();
+    #elif !defined(WOLFSSL_NO_TLS12)
     method  = DTLSv1_2_client_method();
+    #endif
 #elif !defined(NO_TLS)
     #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
     method = CyaTLSv1_2_client_method();

examples/echoserver/echoserver.c

@@ -145,7 +145,11 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
 
 #if defined(CYASSL_DTLS)
+    #ifdef WOLFSSL_DTLS13
+    method = wolfDTLSv1_3_server_method();
+    #elif !defined(WOLFSSL_NO_TLS12)
     method  = CyaDTLSv1_2_server_method();
+    #endif
 #elif !defined(NO_TLS)
     #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
     method = CyaTLSv1_2_server_method();

src/dtls13.c

@@ -372,7 +372,7 @@ static int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
         if (ret != 0)
             break;
 
-        Dtls13MsgWasProcessed(ssl, msg->type);
+        Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
 
         ssl->dtls_rx_msg_list = msg->next;
         DtlsMsgDelete(msg, ssl->heap);
@@ -814,7 +814,8 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
     byte* output;
     int ret;
 
-    isEncrypted = Dtls13TypeIsEncrypted(ssl->dtls13FragHandshakeType);
+    isEncrypted = Dtls13TypeIsEncrypted(
+        (enum HandShakeType)ssl->dtls13FragHandshakeType);
     rlHeaderLength = Dtls13GetRlHeaderLength(isEncrypted);
     maxFragment = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
 
@@ -840,8 +841,8 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
             ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length;
 
         ret = Dtls13HandshakeAddHeaderFrag(ssl, output + rlHeaderLength,
-            ssl->dtls13FragHandshakeType, ssl->dtls13FragOffset, fragLength,
-            ssl->dtls13MessageLength);
+            (enum HandShakeType)ssl->dtls13FragHandshakeType,
+            ssl->dtls13FragOffset, fragLength, ssl->dtls13MessageLength);
         if (ret != 0) {
             Dtls13FreeFragmentsBuffer(ssl);
             return ret;
@@ -851,7 +852,8 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
             ssl->dtls13FragmentsBuffer.buffer + ssl->dtls13FragOffset,
             fragLength);
 
-        ret = Dtls13SendOneFragmentRtx(ssl, ssl->dtls13FragHandshakeType,
+        ret = Dtls13SendOneFragmentRtx(ssl,
+            (enum HandShakeType)ssl->dtls13FragHandshakeType,
             recordLength + MAX_MSG_EXTRA, output, recordLength, 0);
         if (ret == WANT_WRITE) {
             ssl->dtls13FragOffset += fragLength;
@@ -1321,7 +1323,8 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
         seq = ssl->dtls13EncryptEpoch->nextSeqNumber;
 
         ret = Dtls13SendFragment(ssl, output, sendSz, r->length + headerLength,
-            r->handshakeType, 0, isLast || !ssl->options.groupMessages);
+            (enum HandShakeType)r->handshakeType, 0,
+            isLast || !ssl->options.groupMessages);
         if (ret != 0 && ret != WANT_WRITE)
             return ret;
 
@@ -1385,7 +1388,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
     if (frag_off + frag_length > message_length)
         return BUFFER_ERROR;
 
-    ret = Dtls13RtxMsgRecvd(ssl, handshake_type, frag_off);
+    ret = Dtls13RtxMsgRecvd(ssl, (enum HandShakeType)handshake_type, frag_off);
     if (ret != 0)
         return ret;
 
@@ -1430,7 +1433,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
     if (ret != 0)
         return ret;
 
-    Dtls13MsgWasProcessed(ssl, handshake_type);
+    Dtls13MsgWasProcessed(ssl, (enum HandShakeType)handshake_type);
 
     *processedSize = idx;
 

src/internal.c

@@ -541,6 +541,7 @@ int IsDtlsNotSctpMode(WOLFSSL* ssl)
 #endif
 }
 
+#ifndef WOLFSSL_NO_TLS12
 /* Secure Real-time Transport Protocol */
 /* If SRTP is not enabled returns the state of the dtls option.
  * If SRTP is enabled returns dtls && !dtlsSrtpProfiles. */
@@ -552,6 +553,7 @@ static WC_INLINE int IsDtlsNotSrtpMode(WOLFSSL* ssl)
     return ssl->options.dtls;
 #endif
 }
+#endif /* !WOLFSSL_NO_TLS12 */
 #endif /* WOLFSSL_DTLS */
 
 
@@ -2907,6 +2909,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
     int    dtls   = 0;
     int    haveRSAsig = 1;
 
+#ifdef WOLFSSL_DTLS
+    /* If DTLS v1.2 or later than set tls1_2 flag */
+    if (pv.major == DTLS_MAJOR && pv.minor <= DTLSv1_2_MINOR) {
+        tls1_2 = 1;
+    }
+#endif
+
     (void)tls;  /* shut up compiler */
     (void)tls1_2;
     (void)dtls;
@@ -15382,8 +15391,15 @@ int DtlsMsgDrain(WOLFSSL* ssl)
             item->fragSz == item->sz &&
             ret == 0) {
         word32 idx = 0;
-        if ((ret = DoHandShakeMsgType(ssl, item->msg, &idx, item->type,
-                                      item->sz, item->sz)) == 0) {
+
+    #ifdef WOLFSSL_NO_TLS12
+        ret = DoTls13HandShakeMsgType(ssl, item->msg, &idx, item->type,
+                                      item->sz, item->sz);
+    #else
+        ret = DoHandShakeMsgType(ssl, item->msg, &idx, item->type,
+                                      item->sz, item->sz);
+    #endif
+        if (ret == 0) {
             DtlsTxMsgListClean(ssl);
         }
     #ifdef WOLFSSL_ASYNC_CRYPT
@@ -15520,8 +15536,13 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                 *inOutIdx = totalSz;
             }
             else {
+            #ifdef WOLFSSL_NO_TLS12
+                ret = DoTls13HandShakeMsgType(ssl, input, inOutIdx, type, size,
+                    totalSz);
+            #else
                 ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size,
                     totalSz);
+            #endif
             }
         }
     }
@@ -15623,7 +15644,12 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
 #endif
         ret = DtlsMsgDrain(ssl);
 #else
+    #ifdef WOLFSSL_NO_TLS12
+        ret = DoTls13HandShakeMsgType(ssl, input, inOutIdx, type, size,
+                                      totalSz);
+    #else
         ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
+    #endif
         if (ret == 0) {
             DtlsTxMsgListClean(ssl);
             if (ssl->dtls_rx_msg_list != NULL) {
@@ -15636,7 +15662,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
     WOLFSSL_LEAVE("DoDtlsHandShakeMsg()", ret);
     return ret;
 }
-#endif
+#endif /* WOLFSSL_DTLS13 */
 
 #ifndef WOLFSSL_NO_TLS12
 

src/tls.c

@@ -12510,7 +12510,9 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
         (void)heap;
         WOLFSSL_ENTER("DTLS_client_method_ex");
         if (method) {
-        #if !defined(WOLFSSL_NO_TLS12)
+        #if defined(WOLFSSL_DTLS13)
+            InitSSL_Method(method, MakeDTLSv1_3());
+        #elif !defined(WOLFSSL_NO_TLS12)
             InitSSL_Method(method, MakeDTLSv1_2());
         #elif !defined(NO_OLD_TLS)
             InitSSL_Method(method, MakeDTLSv1());

src/tls13.c

@@ -1653,7 +1653,7 @@ static void AddTls13HandShakeHeader(byte* output, word32 length,
        when computing the hash transcript, we can avoid to use the DTLS
        handshake header. */
     if (ssl->options.dtls && type != message_hash) {
-        Dtls13HandshakeAddHeader(ssl, output, type, length);
+        Dtls13HandshakeAddHeader(ssl, output, (enum HandShakeType)type, length);
         return;
     }
 #endif /* WOLFSSL_DTLS13 */
@@ -1680,7 +1680,7 @@ static void AddTls13Headers(byte* output, word32 length, byte type,
 
 #ifdef WOLFSSL_DTLS13
     if (ssl->options.dtls) {
-        Dtls13AddHeaders(output, length, type, ssl);
+        Dtls13AddHeaders(output, length, (enum HandShakeType)type, ssl);
         return;
     }
 #endif /* WOLFSSL_DTLS13 */
@@ -1711,7 +1711,7 @@ static void AddTls13FragHeaders(byte* output, word32 fragSz, word32 fragOffset,
     /* we ignore fragmentation fields here because fragmentation logic for
        DTLS1.3 is inside dtls13_handshake_send(). */
     if (ssl->options.dtls) {
-        Dtls13AddHeaders(output, length, type, ssl);
+        Dtls13AddHeaders(output, length, (enum HandShakeType)type, ssl);
         return;
     }
 #endif /* WOLFSSL_DTLS13 */