mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-01 22:20:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix various issue

Browse Source 
- remove unused test case
- add alert message
- improve readabitlity

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-07-13 23:06:36 +08:00
parent fe52e55301
commit 299e31f10e
2 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
library/ssl_tls13_server.c
View File

@ -57,22 +57,27 @@ static int ssl_tls13_parse_key_exchange_modes_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf, const unsigned char *buf,
const unsigned char *end ) const unsigned char *end )
{ {
const unsigned char *p = buf;
size_t ke_modes_len; size_t ke_modes_len;
int ke_modes = 0; int ke_modes = 0;
/* Read PSK mode list length (1 Byte) */ /* Read PSK mode list length (1 Byte) */
MBEDTLS_SSL_CHK_BUF_READ_PTR( buf, end, 1 ); MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 1 );
ke_modes_len = *buf++; ke_modes_len = *p++;
/* Currently, there are only two PSK modes, so even without looking /* Currently, there are only two PSK modes, so even without looking
* at the content, something's wrong if the list has more than 2 items. */ * at the content, something's wrong if the list has more than 2 items. */
if( ke_modes_len > 2 ) if( ke_modes_len > 2 )
{
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
MBEDTLS_SSL_CHK_BUF_READ_PTR( buf, end, ke_modes_len ); MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, ke_modes_len );
while( ke_modes_len-- != 0 ) while( ke_modes_len-- != 0 )
{ {
switch( *buf++ ) switch( *p++ )
{ {
case MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE: case MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE:
ke_modes |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; ke_modes |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
@ -83,6 +88,8 @@ static int ssl_tls13_parse_key_exchange_modes_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Found PSK_EPHEMERAL KEX MODE" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "Found PSK_EPHEMERAL KEX MODE" ) );
break; break;
default: default:
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
} }
} }

11
tests/ssl-opt.sh
View File

@ -878,6 +878,8 @@ wait_client_done() {
CLI_EXIT=$? CLI_EXIT=$?
kill $DOG_PID >/dev/null 2>&1 kill $DOG_PID >/dev/null 2>&1
# For ubuntu 22.04, `Terminated` message is outputed from `wait` command.
# to eliminate it from stdout, redirect stdout/stderr to CLI_OUT
wait $DOG_PID >> $CLI_OUT 2>&1 wait $DOG_PID >> $CLI_OUT 2>&1
echo "EXIT: $CLI_EXIT" >> $CLI_OUT echo "EXIT: $CLI_EXIT" >> $CLI_OUT
@ -2309,15 +2311,6 @@ run_test "TLS 1.3: psk_key_exchange_modes: basic check, G->m" \
-s "Found PSK_EPHEMERAL KEX MODE" \ -s "Found PSK_EPHEMERAL KEX MODE" \
-s "Found PSK KEX MODE" -s "Found PSK KEX MODE"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_SRV_C
requires_config_enabled MBEDTLS_DEBUG_C
run_test "TLS 1.3: psk_key_exchange_modes: basic check, O->G" \
"$G_NEXT_SRV -d 50 --pskpasswd data_files/passwd.psk --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \
"$O_NEXT_CLI -tls1_3 -psk 6162636465666768696a6b6c6d6e6f70" \
0
# Tests for datagram packing # Tests for datagram packing
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS: multiple records in same datagram, client and server" \ run_test "DTLS: multiple records in same datagram, client and server" \