Make ssl_renegotiate the only interface
ssl_write_hello_request() is no private
This commit is contained in:
parent
caed0541a0
commit
214eed38c7
3 changed files with 44 additions and 30 deletions
|
@ -1566,8 +1566,6 @@ static inline x509_crt *ssl_own_cert( ssl_context *ssl )
|
|||
}
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C */
|
||||
|
||||
int ssl_write_hello_request( ssl_context *ssl );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -335,30 +335,6 @@ static int ssl_parse_ticket( ssl_context *ssl,
|
|||
}
|
||||
#endif /* POLARSSL_SSL_SESSION_TICKETS */
|
||||
|
||||
/*
|
||||
* Write HelloRequest to request renegotiation
|
||||
*/
|
||||
int ssl_write_hello_request( ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> write hello request" ) );
|
||||
|
||||
ssl->out_msglen = 4;
|
||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||
ssl->out_msg[0] = SSL_HS_HELLO_REQUEST;
|
||||
|
||||
if( ( ret = ssl_write_record( ssl ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "ssl_write_record", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= write hello request" ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
/*
|
||||
* Wrapper around f_sni, allowing use of ssl_set_own_cert() but
|
||||
|
|
|
@ -3972,9 +3972,37 @@ int ssl_handshake( ssl_context *ssl )
|
|||
}
|
||||
|
||||
/*
|
||||
* Renegotiate current connection
|
||||
* Write HelloRequest to request renegotiation on server
|
||||
*/
|
||||
int ssl_renegotiate( ssl_context *ssl )
|
||||
static int ssl_write_hello_request( ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> write hello request" ) );
|
||||
|
||||
ssl->out_msglen = 4;
|
||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||
ssl->out_msg[0] = SSL_HS_HELLO_REQUEST;
|
||||
|
||||
if( ( ret = ssl_write_record( ssl ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "ssl_write_record", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= write hello request" ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Actually renegotiate current connection, triggered by either:
|
||||
* - calling ssl_renegotiate() on client,
|
||||
* - receiving a HelloRequestion on client during ssl_read(),
|
||||
* - receiving any handshake message on server during ssl_read() after the
|
||||
* initial handshake is completed
|
||||
*/
|
||||
static int ssl_do_renegotiate( ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
@ -4006,6 +4034,18 @@ int ssl_renegotiate( ssl_context *ssl )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Renegotiate current connection on client,
|
||||
* or request renegotiation on server
|
||||
*/
|
||||
int ssl_renegotiate( ssl_context *ssl )
|
||||
{
|
||||
if( ssl->endpoint == SSL_IS_CLIENT )
|
||||
return( ssl_do_renegotiate( ssl ) );
|
||||
else
|
||||
return( ssl_write_hello_request( ssl ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Receive application data decrypted from the SSL layer
|
||||
*/
|
||||
|
@ -4101,9 +4141,9 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
|
|||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = ssl_renegotiate( ssl ) ) != 0 )
|
||||
if( ( ret = ssl_do_renegotiate( ssl ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "ssl_renegotiate", ret );
|
||||
SSL_DEBUG_RET( 1, "ssl_do_renegotiate", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue