Fix minor code style issues

This commit is contained in:
Darryl Green 2018-03-13 15:22:58 +00:00
parent cdd97fd632
commit 11999bb72e
32 changed files with 73 additions and 101 deletions

View file

@ -166,7 +166,7 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
* \param threshold Minimum required from source before entropy is released * \param threshold Minimum required from source before entropy is released
* ( with mbedtls_entropy_func() ) (in bytes) * ( with mbedtls_entropy_func() ) (in bytes)
* \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or * \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or
* MBEDTSL_ENTROPY_SOURCE_WEAK. * MBEDTLS_ENTROPY_SOURCE_WEAK.
* At least one strong source needs to be added. * At least one strong source needs to be added.
* Weaker sources (such as the cycle counter) can be used as * Weaker sources (such as the cycle counter) can be used as
* a complement. * a complement.

View file

@ -232,10 +232,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
int ret; int ret;
size_t len = 0; size_t len = 0;
// TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
if( *p - start < 1 ) if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

View file

@ -6950,30 +6950,6 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
} }
} }
/*
* The logic could be streamlined here. Instead of
* - Manually checking whether ssl->in_offt is NULL
* - Fetching a new record if yes
* - Setting ssl->in_offt if one finds an application record
* - Resetting keep_current_message after handling the application data
* one should
* - Adapt read_record to set ssl->in_offt automatically
* when a new application data record is processed.
* - Always call mbedtls_ssl_read_record here.
* This way, the logic of ssl_read would be much clearer:
* (1) Always call record layer and see what kind of record is on
* and have it ready for consumption (in particular, in_offt
* properly set for application data records).
* (2) If it's application data (either freshly fetched
* or something already being partially processed),
* serve the read request from it.
* (3) If it's something different from application data,
* handle it accordingly, e.g. potentially start a
* renegotiation.
* This will also remove the need to manually reset
* ssl->keep_current_message = 0 below.
*/
/* Loop as long as no application data record is available */ /* Loop as long as no application data record is available */
while( ssl->in_offt == NULL ) while( ssl->in_offt == NULL )
{ {