yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refactor HRR routine

Browse source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-05-05 11:05:22 +08:00
parent 086edc2807
commit 49ca92892d
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
library/ssl_tls13_server.c
View file

@ -391,7 +391,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
const unsigned char *cipher_suites_end;
size_t extensions_len;
const unsigned char *extensions_end;
int hrr_required = SSL_CLIENT_HELLO_OK;
int hrr_required = 0;
const mbedtls_ssl_ciphersuite_t* ciphersuite_info;
@ -619,7 +619,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
if( ret == SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "HRR needed " ) );
hrr_required |= SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH;
hrr_required = 1;
}
if( ret < 0 )
@ -699,7 +699,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
}
return( hrr_required );
return( hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK );
}
/* Update the handshake state machine */
@ -730,7 +730,7 @@ static int ssl_tls13_process_client_hello( mbedtls_ssl_context *ssl )
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char* buf = NULL;
size_t buflen = 0;
int hrr_required ;
int parse_client_hello_ret ;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg(
@ -740,10 +740,10 @@ static int ssl_tls13_process_client_hello( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_PROC_CHK_NEG( ssl_tls13_parse_client_hello( ssl, buf,
buf + buflen ) );
hrr_required = ret;
parse_client_hello_ret = ret;
MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_client_hello( ssl ) );
if( hrr_required == SSL_CLIENT_HELLO_OK )
if( parse_client_hello_ret == SSL_CLIENT_HELLO_OK )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO );
else
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HELLO_RETRY_REQUEST );