From a8b38879e1e7be5fbf1a020b72ed56ddacaa011c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 9 Mar 2022 07:59:25 +0100 Subject: [PATCH] Move state change from CLIENT_CERTIFICATE_VERIFY to its main handler Signed-off-by: Ronald Cron --- library/ssl_tls13_client.c | 7 ++++++- library/ssl_tls13_generic.c | 18 ------------------ 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 6516523746..e4c3af5b7c 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1962,7 +1962,12 @@ static int ssl_tls13_write_client_certificate( mbedtls_ssl_context *ssl ) */ static int ssl_tls13_write_client_certificate_verify( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_tls13_write_certificate_verify( ssl ) ); + int ret = mbedtls_ssl_tls13_write_certificate_verify( ssl ); + + if( ret == 0 ) + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); + + return( ret ); } #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 088b7bbada..24a3d9dc34 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1106,22 +1106,6 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl, return( ret ); } -static int ssl_tls13_finalize_certificate_verify( mbedtls_ssl_context *ssl ) -{ -#if defined(MBEDTLS_SSL_CLI_C) - if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED ); - } - else -#endif /* MBEDTLS_SSL_CLI_C */ - { - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); - } - - return( 0 ); -} - int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl ) { int ret = 0; @@ -1138,8 +1122,6 @@ int mbedtls_ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl ) mbedtls_ssl_tls13_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, buf, msg_len ); - /* Update state */ - MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_certificate_verify( ssl ) ); MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_finish_handshake_msg( ssl, buf_len, msg_len ) );