Fix bug in cert digest serialisation
This bug was present since cert digest had been introduced, which highlights the need for testing. While at it, fix a bug in the comment explaining the format - this was introduced by me copy-pasting to hastily from current baremetal, that has a different format (see next PR in the series for the same in development).
This commit is contained in:
Manuel Pégourié-Gonnard
Jarno Lamsa
parent
686adb4d54
commit
51a0bfd9bc
1 changed files with 2 additions and 3 deletions
|
|
@ -9849,8 +9849,7 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
|
||||||
* opaque session_struct[n]; // n = sizeof(mbedtls_ssl_session)
|
* opaque session_struct[n]; // n = sizeof(mbedtls_ssl_session)
|
||||||
* select (MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) {
|
* select (MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) {
|
||||||
* case enabled: opaque peer_cert<0..2^24-1>; // length 0 means no cert
|
* case enabled: opaque peer_cert<0..2^24-1>; // length 0 means no cert
|
||||||
* case disabled: uint8_t peer_cert_digest_type;
|
* case disabled: opaque peer_cert_digest<0..2^8-1>;
|
||||||
* opaque peer_cert_digest<0..2^8-1>;
|
|
||||||
* }
|
* }
|
||||||
* opaque ticket<0..2^24-1>; // 0 means no ticket
|
* opaque ticket<0..2^24-1>; // 0 means no ticket
|
||||||
*
|
*
|
||||||
|
|
@ -9910,7 +9909,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||||
if( session->peer_cert_digest != NULL )
|
if( session->peer_cert_digest == NULL )
|
||||||
cert_digest_len = 0;
|
cert_digest_len = 0;
|
||||||
else
|
else
|
||||||
cert_digest_len = session->peer_cert_digest_len;
|
cert_digest_len = session->peer_cert_digest_len;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue