Return an error from mbedtls_ssl_handshake_step() if neither client nor server

This prevents an infinite loop in mbedtls_ssl_handshake(). Fixes #6305.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
This commit is contained in:
Tom Cosgrove 2022-09-21 12:33:17 +01:00
parent e5833c182c
commit 2fdc7b3599

View File

@ -3243,6 +3243,10 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
if( ret != 0 )
goto cleanup;
/* If ssl->conf->endpoint is not one of MBEDTLS_SSL_IS_CLIENT or
* MBEDTLS_SSL_IS_SERVER, this is the return code we give */
ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
#if defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
{