Fix bug in cert digest serialisation
This bug was present since cert digest had been introduced, which highlights the need for testing. While at it, fix a bug in the comment explaining the format - this was introduced by me copy-pasting to hastily from current baremetal, that has a different format (see next PR in the series for the same in development).
This commit is contained in:
parent
686adb4d54
commit
51a0bfd9bc
1 changed files with 2 additions and 3 deletions
|
@ -9849,8 +9849,7 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co
|
|||
* opaque session_struct[n]; // n = sizeof(mbedtls_ssl_session)
|
||||
* select (MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) {
|
||||
* case enabled: opaque peer_cert<0..2^24-1>; // length 0 means no cert
|
||||
* case disabled: uint8_t peer_cert_digest_type;
|
||||
* opaque peer_cert_digest<0..2^8-1>;
|
||||
* case disabled: opaque peer_cert_digest<0..2^8-1>;
|
||||
* }
|
||||
* opaque ticket<0..2^24-1>; // 0 means no ticket
|
||||
*
|
||||
|
@ -9910,7 +9909,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session,
|
|||
}
|
||||
}
|
||||
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( session->peer_cert_digest != NULL )
|
||||
if( session->peer_cert_digest == NULL )
|
||||
cert_digest_len = 0;
|
||||
else
|
||||
cert_digest_len = session->peer_cert_digest_len;
|
||||
|
|
Loading…
Reference in a new issue