yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Change place of ssl_tls13_check_ephemeral_key_exchange

Browse source 
Change-Id: Id49172f7375e2a0771ad1216fb7eead808f0db3e
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
XiaokangQian 2022-06-15 09:42:45 +00:00
parent fb665a8452
commit 75fe8c7e54
2 changed files with 16 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_tls.c
View file

@ -8257,6 +8257,11 @@ int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl,
if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME )
{ {
/* sni_name is intended to be used only during the parsing of the
* ClientHello message (it is reset to NULL before the end of
* the message parsing). Thus it is ok to just point to the
* reception buffer and not make a copy of it.
*/
ssl->handshake->sni_name = p + 3; ssl->handshake->sni_name = p + 3;
ssl->handshake->sni_name_len = hostname_len; ssl->handshake->sni_name_len = hostname_len;
if( ssl->conf->f_sni == NULL ) if( ssl->conf->f_sni == NULL )

21
library/ssl_tls13_server.c
View file

@ -392,7 +392,7 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
{ {
ssl->handshake->key_cert = key_cert; ssl->handshake->key_cert = key_cert;
MBEDTLS_SSL_DEBUG_CRT( MBEDTLS_SSL_DEBUG_CRT(
3, "selected certificate chain, certificate", 3, "selected certificate (chain)",
ssl->handshake->key_cert->cert ); ssl->handshake->key_cert->cert );
return( 0 ); return( 0 );
} }
@ -769,10 +769,18 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
ssl_tls13_debug_print_client_hello_exts( ssl ); ssl_tls13_debug_print_client_hello_exts( ssl );
#endif /* MBEDTLS_DEBUG_C */ #endif /* MBEDTLS_DEBUG_C */
return( hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK );
}
/* Update the handshake state machine */
static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* /*
* Here we only support the ephemeral or (EC)DHE key echange mode * Here we only support the ephemeral or (EC)DHE key echange mode
*/ */
if( !ssl_tls13_check_ephemeral_key_exchange( ssl ) ) if( !ssl_tls13_check_ephemeral_key_exchange( ssl ) )
{ {
MBEDTLS_SSL_DEBUG_MSG( MBEDTLS_SSL_DEBUG_MSG(
@ -783,15 +791,6 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
} }
return( hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK );
}
/* Update the handshake state machine */
static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/* /*
* Server certificate selection * Server certificate selection
*/ */