Safe-guard ssl_conf_remove_psk()
for simultaneous raw-opaque PSKs
The code maintains the invariant that raw and opaque PSKs are never configured simultaneously, so strictly speaking `ssl_conf_remove_psk()` need not consider clearing the raw PSK if it has already cleared an opaque one - and previously, it didn't. However, it doesn't come at any cost to keep this check as a safe-guard to future unforeseen situations where opaque and raw PSKs _are_ both present.
This commit is contained in:
parent
4d057f61a7
commit
bffefae305
1 changed files with 5 additions and 1 deletions
|
@ -7426,7 +7426,11 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
|
|||
* user's responsibility. */
|
||||
conf->psk_opaque = 0;
|
||||
}
|
||||
else
|
||||
/* This and the following branch should never
|
||||
* be taken simultaenously as we maintain the
|
||||
* invariant that raw and opaque PSKs are never
|
||||
* configured simultaneously. As a safeguard,
|
||||
* though, `else` is omitted here. */
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
if( conf->psk != NULL )
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue