Use mbedtls_ssl_is_handshake_over()
Switch over to using the new function both internally and in tests. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
parent
93ba3e3918
commit
27b0d94e25
3 changed files with 23 additions and 23 deletions
|
@ -1820,7 +1820,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
||||||
{
|
{
|
||||||
len = in_buf_len - ( ssl->in_hdr - ssl->in_buf );
|
len = in_buf_len - ( ssl->in_hdr - ssl->in_buf );
|
||||||
|
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
timeout = ssl->handshake->retransmit_timeout;
|
timeout = ssl->handshake->retransmit_timeout;
|
||||||
else
|
else
|
||||||
timeout = ssl->conf->read_timeout;
|
timeout = ssl->conf->read_timeout;
|
||||||
|
@ -1844,7 +1844,7 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) );
|
||||||
mbedtls_ssl_set_timer( ssl, 0 );
|
mbedtls_ssl_set_timer( ssl, 0 );
|
||||||
|
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
{
|
{
|
||||||
if( ssl_double_retransmit_timeout( ssl ) != 0 )
|
if( ssl_double_retransmit_timeout( ssl ) != 0 )
|
||||||
{
|
{
|
||||||
|
@ -2279,7 +2279,7 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
/* Update state and set timer */
|
/* Update state and set timer */
|
||||||
if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 1 )
|
||||||
ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
|
ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -2835,9 +2835,9 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ssl->handshake != NULL &&
|
if( ssl->handshake != NULL &&
|
||||||
( ( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER &&
|
( ( mbedtls_ssl_is_handshake_over( ssl ) == 0 &&
|
||||||
recv_msg_seq != ssl->handshake->in_msg_seq ) ||
|
recv_msg_seq != ssl->handshake->in_msg_seq ) ||
|
||||||
( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER &&
|
( mbedtls_ssl_is_handshake_over( ssl ) == 1 &&
|
||||||
ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) )
|
ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) ) )
|
||||||
{
|
{
|
||||||
if( recv_msg_seq > ssl->handshake->in_msg_seq )
|
if( recv_msg_seq > ssl->handshake->in_msg_seq )
|
||||||
|
@ -2903,7 +2903,7 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
|
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
|
||||||
|
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 && hs != NULL )
|
||||||
{
|
{
|
||||||
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
|
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
|
||||||
}
|
}
|
||||||
|
@ -3524,7 +3524,7 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
|
||||||
*/
|
*/
|
||||||
if( rec_epoch == 0 &&
|
if( rec_epoch == 0 &&
|
||||||
ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
|
ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
|
||||||
ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER &&
|
mbedtls_ssl_is_handshake_over( ssl ) == 1 &&
|
||||||
ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
|
ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
|
||||||
ssl->in_left > 13 &&
|
ssl->in_left > 13 &&
|
||||||
ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO )
|
ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO )
|
||||||
|
@ -4681,7 +4681,7 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
|
||||||
/* Drop unexpected ApplicationData records,
|
/* Drop unexpected ApplicationData records,
|
||||||
* except at the beginning of renegotiations */
|
* except at the beginning of renegotiations */
|
||||||
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA &&
|
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA &&
|
||||||
ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER
|
mbedtls_ssl_is_handshake_over( ssl ) == 0
|
||||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||||
&& ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
|
&& ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
|
||||||
ssl->state == MBEDTLS_SSL_SERVER_HELLO )
|
ssl->state == MBEDTLS_SSL_SERVER_HELLO )
|
||||||
|
@ -4693,7 +4693,7 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ssl->handshake != NULL &&
|
if( ssl->handshake != NULL &&
|
||||||
ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
|
mbedtls_ssl_is_handshake_over( ssl ) == 1 )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl );
|
mbedtls_ssl_handshake_wrapup_free_hs_transform( ssl );
|
||||||
}
|
}
|
||||||
|
@ -5117,7 +5117,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
||||||
int in_ctr_cmp;
|
int in_ctr_cmp;
|
||||||
int out_ctr_cmp;
|
int out_ctr_cmp;
|
||||||
|
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 ||
|
||||||
ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
|
ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
|
||||||
ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
|
ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
|
||||||
{
|
{
|
||||||
|
@ -5295,7 +5295,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
{
|
{
|
||||||
ret = mbedtls_ssl_handshake( ssl );
|
ret = mbedtls_ssl_handshake( ssl );
|
||||||
if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
|
if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
|
||||||
|
@ -5406,7 +5406,7 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
|
||||||
|
|
||||||
/* We're going to return something now, cancel timer,
|
/* We're going to return something now, cancel timer,
|
||||||
* except if handshake (renegotiation) is in progress */
|
* except if handshake (renegotiation) is in progress */
|
||||||
if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 1 )
|
||||||
mbedtls_ssl_set_timer( ssl, 0 );
|
mbedtls_ssl_set_timer( ssl, 0 );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||||
|
@ -5550,7 +5550,7 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
{
|
{
|
||||||
if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
|
if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
|
||||||
{
|
{
|
||||||
|
@ -5581,7 +5581,7 @@ int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl )
|
||||||
if( ssl->out_left != 0 )
|
if( ssl->out_left != 0 )
|
||||||
return( mbedtls_ssl_flush_output( ssl ) );
|
return( mbedtls_ssl_flush_output( ssl ) );
|
||||||
|
|
||||||
if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 1 )
|
||||||
{
|
{
|
||||||
if( ( ret = mbedtls_ssl_send_alert_message( ssl,
|
if( ( ret = mbedtls_ssl_send_alert_message( ssl,
|
||||||
MBEDTLS_SSL_ALERT_LEVEL_WARNING,
|
MBEDTLS_SSL_ALERT_LEVEL_WARNING,
|
||||||
|
|
|
@ -120,7 +120,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
|
||||||
*enabled = MBEDTLS_SSL_CID_DISABLED;
|
*enabled = MBEDTLS_SSL_CID_DISABLED;
|
||||||
|
|
||||||
if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
|
if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
|
||||||
ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
{
|
{
|
||||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
}
|
}
|
||||||
|
@ -2750,7 +2750,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
|
||||||
if( ssl == NULL ||
|
if( ssl == NULL ||
|
||||||
ssl->conf == NULL ||
|
ssl->conf == NULL ||
|
||||||
ssl->handshake == NULL ||
|
ssl->handshake == NULL ||
|
||||||
ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
|
mbedtls_ssl_is_handshake_over( ssl ) == 1 )
|
||||||
{
|
{
|
||||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
}
|
}
|
||||||
|
@ -2833,7 +2833,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl )
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) );
|
||||||
|
|
||||||
/* Main handshake loop */
|
/* Main handshake loop */
|
||||||
while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
while( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
{
|
{
|
||||||
ret = mbedtls_ssl_handshake_step( ssl );
|
ret = mbedtls_ssl_handshake_step( ssl );
|
||||||
|
|
||||||
|
@ -2933,7 +2933,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
|
||||||
/* On server, just send the request */
|
/* On server, just send the request */
|
||||||
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
|
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
|
||||||
{
|
{
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
|
||||||
ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
|
ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
|
||||||
|
@ -2953,7 +2953,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
|
||||||
*/
|
*/
|
||||||
if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
|
if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
|
||||||
{
|
{
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_start_renegotiation( ssl ) ) != 0 )
|
if( ( ret = mbedtls_ssl_start_renegotiation( ssl ) ) != 0 )
|
||||||
|
@ -3235,7 +3235,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
|
||||||
* (only DTLS) but are currently used to simplify the implementation.
|
* (only DTLS) but are currently used to simplify the implementation.
|
||||||
*/
|
*/
|
||||||
/* The initial handshake must be over */
|
/* The initial handshake must be over */
|
||||||
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Initial handshake isn't over" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Initial handshake isn't over" ) );
|
||||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
|
|
@ -1044,7 +1044,7 @@ int mbedtls_move_handshake_to_state( mbedtls_ssl_context *ssl,
|
||||||
{
|
{
|
||||||
/* If /p second_ssl ends the handshake procedure before /p ssl then
|
/* If /p second_ssl ends the handshake procedure before /p ssl then
|
||||||
* there is no need to call the next step */
|
* there is no need to call the next step */
|
||||||
if( second_ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
|
if( !mbedtls_ssl_is_handshake_over( second_ssl ) )
|
||||||
{
|
{
|
||||||
ret = mbedtls_ssl_handshake_step( second_ssl );
|
ret = mbedtls_ssl_handshake_step( second_ssl );
|
||||||
if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
if( ret != 0 && ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
||||||
|
@ -2048,8 +2048,8 @@ void perform_handshake( handshake_test_options* options )
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
TEST_ASSERT( mbedtls_ssl_is_handshake_over( &client.ssl ) == 1 );
|
||||||
TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
TEST_ASSERT( mbedtls_ssl_is_handshake_over( &server.ssl ) == 1 );
|
||||||
|
|
||||||
/* Check that both sides have negotiated the expected version. */
|
/* Check that both sides have negotiated the expected version. */
|
||||||
mbedtls_test_set_step( 0 );
|
mbedtls_test_set_step( 0 );
|
||||||
|
|
Loading…
Reference in a new issue