mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-03 01:20:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add mbedtls_ssl_is_handshake_over() function

Browse Source 
Add function to query if SSL handshake is over or not, in order to
determine when to stop calling mbedtls_ssl_handshake_step among other
things. Document function, and add warnings that the previous method of
ascertaining if handshake was over is now deprecated, and may break in
future releases.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2022-03-18 21:51:13 +00:00
parent 8d4bc5eeb9
commit 93ba3e3918
2 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog.d/add_handshake_completion_accessor Normal file
View File

@ -0,0 +1,4 @@
Features
* Add function mbedtls_ssl_is_handshake_over() to enable querying if the SSL
Handshake has completed or not, and thus whether to continue calling
mbedtls_ssl_handshake_step(), requested in #4383

31
include/mbedtls/ssl.h
View File

@ -4357,12 +4357,41 @@ int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
*/ */
int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl ); int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
/**
* \brief After calling mbedtls_ssl_handshake() to start the SSL
* handshake you can call this function to check whether the
* handshake is over for a given SSL context. This function
* should be also used to determine when to stop calling
* mbedtls_handshake_step() for that context.
*
* \param ssl SSL context
*
* \return \c 1 if handshake is over, \c 0 if it is still ongoing.
*/
static inline int mbedtls_ssl_is_handshake_over( mbedtls_ssl_context *ssl )
{
return( ssl->MBEDTLS_PRIVATE( state ) == MBEDTLS_SSL_HANDSHAKE_OVER );
}
/** /**
* \brief Perform a single step of the SSL handshake * \brief Perform a single step of the SSL handshake
* *
* \note The state of the context (ssl->state) will be at * \note The state of the context (ssl->state) will be at
* the next state after this function returns \c 0. Do not * the next state after this function returns \c 0. Do not
* call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER. * call this function if mbedtls_ssl_is_handshake_over()
* returns \c 1.
*
* \warning Whilst in the past you may have used direct access to the
* context state (ssl->state) in order to ascertain when to
* stop calling this function and although you can still do
* so with something like ssl->MBEDTLS_PRIVATE(state) or by
* defining MBEDTLS_ALLOW_PRIVATE_ACCESS, this is now
* considered deprecated and could be broken in any future
* release. If you still find you have good reason for such
* direct access, then please do contact the team to explain
* this (raise an issue or post to the mailing list), so that
* we can add a solution to your problem that will be
* guaranteed to work in the future.
* *
* \param ssl SSL context * \param ssl SSL context
* *