From 7ac3ab34042ac5e5c2dc15b2e159a3a8b0e670f4 Mon Sep 17 00:00:00 2001 From: XiaokangQian Date: Tue, 22 Feb 2022 04:03:26 +0000 Subject: [PATCH] Add hello retry request count for server Signed-off-by: XiaokangQian --- library/ssl_misc.h | 4 ++++ library/ssl_tls13_server.c | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 020f062808..f39f78dc48 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -585,6 +585,10 @@ struct mbedtls_ssl_handshake_params /*!< Number of Hello Retry Request messages received from the server. */ int hello_retry_request_count; #endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_SRV_C) + /*!< Number of Hello Retry Request messages sent by the server. */ + int hello_retry_requests_sent; +#endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 0b37947567..be1277834d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -886,7 +886,7 @@ static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl, { int ret = 0; - if( ssl->handshake->hello_retry_request_count == 0 && + if( ssl->handshake->hello_retry_requests_sent == 0 && ssl->conf->rr_config == MBEDTLS_SSL_FORCE_RR_CHECK_ON ) { hrr_required = SSL_CLIENT_HELLO_HRR_REQUIRED; @@ -946,7 +946,7 @@ int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl ) { /* start state */ case MBEDTLS_SSL_HELLO_REQUEST: - ssl->handshake->hello_retry_request_count = 0; + ssl->handshake->hello_retry_requests_sent = 0; mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_HELLO ); break;