mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-24 15:02:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tls13: srv: Code improvements

Browse Source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2024-03-05 09:11:55 +01:00
parent 3811765c0c
commit f602f7ba50
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
library/ssl_tls13_server.c
View File

@ -218,20 +218,24 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket(
ret = ssl->conf->f_ticket_parse(ssl->conf->p_ticket, ret = ssl->conf->f_ticket_parse(ssl->conf->p_ticket,
session, session,
ticket_buffer, identity_len); ticket_buffer, identity_len);
if (ret == 0) { switch (ret) {
case 0:
ret = SSL_TLS1_3_PSK_IDENTITY_MATCH; ret = SSL_TLS1_3_PSK_IDENTITY_MATCH;
} else { break;
if (ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) {
case MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED:
MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is expired")); MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is expired"));
ret = SSL_TLS1_3_PSK_IDENTITY_MATCH_BUT_PSK_NOT_USABLE; ret = SSL_TLS1_3_PSK_IDENTITY_MATCH_BUT_PSK_NOT_USABLE;
} else { break;
if (ret == MBEDTLS_ERR_SSL_INVALID_MAC) {
case MBEDTLS_ERR_SSL_INVALID_MAC:
MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic")); MBEDTLS_SSL_DEBUG_MSG(3, ("ticket is not authentic"));
} else {
MBEDTLS_SSL_DEBUG_RET(1, "ticket_parse", ret);
}
ret = SSL_TLS1_3_PSK_IDENTITY_DOES_NOT_MATCH; ret = SSL_TLS1_3_PSK_IDENTITY_DOES_NOT_MATCH;
} break;
default:
MBEDTLS_SSL_DEBUG_RET(1, "ticket_parse", ret);
ret = SSL_TLS1_3_PSK_IDENTITY_DOES_NOT_MATCH;
} }
/* We delete the temporary buffer */ /* We delete the temporary buffer */