mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-28 19:21:08 +00:00
Update mbedtls_ssl_handshake_free() and address review comments.
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
This commit is contained in:
parent
51f515a503
commit
c234ecf695
@ -5579,7 +5579,12 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
|
||||
mbedtls_free( (void*) handshake->sig_algs );
|
||||
handshake->sig_algs = NULL;
|
||||
#endif /* MBEDTLS_DEPRECATED_REMOVED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
if( ssl->handshake->certificate_request_context )
|
||||
{
|
||||
mbedtls_free( (void*) handshake->certificate_request_context );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
|
@ -1468,6 +1468,7 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
||||
|
||||
if( certificate_request_context_len > 0 )
|
||||
{
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_request_context_len );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context",
|
||||
p, certificate_request_context_len );
|
||||
|
||||
@ -1479,7 +1480,6 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
|
||||
return ( MBEDTLS_ERR_SSL_ALLOC_FAILED );
|
||||
}
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_request_context_len );
|
||||
memcpy( handshake->certificate_request_context, p,
|
||||
certificate_request_context_len );
|
||||
p += certificate_request_context_len;
|
||||
@ -1523,7 +1523,7 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "Duplicate signature algorithms extensions found" ) );
|
||||
goto error;
|
||||
goto decode_error;
|
||||
}
|
||||
break;
|
||||
|
||||
@ -1540,23 +1540,21 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
|
||||
if( p != end )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "CertificateRequset misaligned" ) );
|
||||
goto error;
|
||||
( "CertificateRequest misaligned" ) );
|
||||
goto decode_error;
|
||||
}
|
||||
/* Check that we found signature algorithms extension */
|
||||
if( ! sig_alg_ext_found )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||
( "no signature algorithms extension found" ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "ssl_tls13_parse_certificate_request" ) );
|
||||
goto error;
|
||||
goto decode_error;
|
||||
}
|
||||
|
||||
ssl->client_auth = 1;
|
||||
return( 0 );
|
||||
|
||||
error:
|
||||
decode_error:
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
|
||||
MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
|
@ -158,9 +158,8 @@ int mbedtls_ssl_tls13_parse_sig_alg_ext( mbedtls_ssl_context *ssl,
|
||||
size_t supported_sig_algs_len = 0;
|
||||
const unsigned char *supported_sig_algs_end;
|
||||
uint16_t sig_alg;
|
||||
uint32_t common_idx = 0; /* iterate through received signature schemes list */
|
||||
uint32_t common_idx = 0;
|
||||
|
||||
/* skip 2 bytes of signature algorithms length */
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
|
||||
supported_sig_algs_len = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
p += 2;
|
||||
|
Loading…
x
Reference in New Issue
Block a user