diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 84432a3d53..5c22ed221d 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -56,9 +56,9 @@ void mbedtls_ssl_print_extension(const mbedtls_ssl_context *ssl, const char *extra_msg0, const char *extra_msg1); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -void mbedtls_debug_print_ticket_flags(const mbedtls_ssl_context *ssl, - int level, const char *file, int line, - unsigned int flag); +void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl, + int level, const char *file, int line, + unsigned int flags); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ #define MBEDTLS_SSL_PRINT_EXTS(level, hs_msg_type, extensions_mask) \ @@ -71,8 +71,8 @@ void mbedtls_debug_print_ticket_flags(const mbedtls_ssl_context *ssl, extra, NULL) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag) \ - mbedtls_debug_print_ticket_flags(ssl, level, __FILE__, __LINE__, flag) +#define MBEDTLS_SSL_PRINT_TICKET_FLAGS(level, flags) \ + mbedtls_ssl_print_ticket_flags(ssl, level, __FILE__, __LINE__, flags) #endif #else @@ -82,7 +82,7 @@ void mbedtls_debug_print_ticket_flags(const mbedtls_ssl_context *ssl, #define MBEDTLS_SSL_PRINT_EXT(level, hs_msg_type, extension_type, extra) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define MBEDTLS_SSL_DEBUG_TICKET_FLAGS(level, flag) +#define MBEDTLS_SSL_PRINT_TICKET_FLAGS(level, flags) #endif #endif /* MBEDTLS_DEBUG_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fdec4904ef..86f5c0b555 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -745,17 +745,19 @@ static const char *ticket_flag_name_table[] = [3] = "ALLOW_EARLY_DATA", }; -void mbedtls_debug_print_ticket_flags( - const mbedtls_ssl_context *ssl, int level, - const char *file, int line, unsigned int flag) +void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl, + int level, const char *file, int line, + unsigned int flags) { size_t i; mbedtls_debug_print_msg(ssl, level, file, line, - "print ticket_flags (0x%02x)", flag); + "print ticket_flags (0x%02x)", flags); + + flags = flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK; for (i = 0; i < ARRAY_LENGTH(ticket_flag_name_table); i++) { - if ((flag & (1 << i)) & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK) { + if ((flags & (1 << i))) { mbedtls_debug_print_msg(ssl, level, file, line, "- %s is set.", ticket_flag_name_table[i]); } diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a6b3c54147..cda1a51508 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2719,7 +2719,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, /* Set ticket_flags depends on the selected key exchange modes */ mbedtls_ssl_session_set_ticket_flags( session, ssl->conf->tls13_kex_modes); - MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags); + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); return 0; } diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index aaf2be336b..acb1523b48 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -170,7 +170,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * We regard the ticket with incompatible key exchange modes as not match. */ ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; - MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); if (mbedtls_ssl_tls13_check_kex_modes(ssl, mbedtls_ssl_session_get_ticket_flags( @@ -2639,7 +2639,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, mbedtls_ssl_session_set_ticket_flags( session, ssl->handshake->tls13_kex_modes); #endif - MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags); + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); /* Generate ticket_age_add */ if ((ret = ssl->conf->f_rng(ssl->conf->p_rng,