Open Codeglitches opened 4 months ago
Mbedtls 3 support is in progress when I have time.
https://github.com/Synss/python-mbedtls/tree/mbedtls-3.x
It’s actually more work than I expected. I will most likely remove a lot of things from python-mbedtls to concentrate on TLS and DTLS only.
I am submitting a …
Description
Connection ID (CID) extension to DTLS is described in RFC 9146 (or draft-ietf-tls-dtls-connection-id-05 for legacy version).
From the mbedtls
ssl.h
file:The draft (or legacy) version is supported since mbedtls 2.18.0. However the "final" RFC 9146 version is only supported from mbedtls version 3.3.0 onward. Unfortunately, the draft version is not compatible with the final version.
As python-mbeddtls is currently based on the 2.x version of mbedtls, I understand python-mbedtls needs to be ported to the 3.x virsion first. According to issue #46 from July 2021 moving to the 3.x version was in the planning for the future; maybe this could be a reason to make the future happen?
I am interested in helping to add CID support to python-mbedtls, but moving the project to version 3.x of mbedtls will be to much for me.
Current behavior
DTLS CID is not supported
Expected behavior
DTLS CID is supported