Merge pull request #4852 from hanno-arm/unify_cli_srv_hs_step

Share preparatory code between client and server handshake steps
2025-10-30 19:20:40 -04:00 · 2021-08-12 12:24:51 +02:00 · 2021-08-12 12:24:51 +02:00 · 2fb897ecf9
commit 2fb897ecf9
parent b7745d2323 41934dd20a
3 changed files with 30 additions and 32 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -4210,23 +4210,8 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
 {
    int ret = 0;
    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) );
    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
        return( ret );
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
    {
        if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
            return( ret );
    }
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
    /* Change state now, so that it is right in mbedtls_ssl_read_record(), used
     * by DTLS for dropping out-of-sequence ChangeCipherSpec records */
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -4258,23 +4258,8 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl )
 {
    int ret = 0;
    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) );
    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
        return( ret );
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
    {
        if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
            return( ret );
    }
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
    switch( ssl->state )
    {
        case MBEDTLS_SSL_HELLO_REQUEST:
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -5130,12 +5130,40 @@ int mbedtls_ssl_session_load( mbedtls_ssl_session *session,
 /*
 * Perform a single step of the SSL handshake
 */
 static int ssl_prepare_handshake_step( mbedtls_ssl_context *ssl )
 {
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
        return( ret );
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
    {
        if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 )
            return( ret );
    }
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
    return( ret );
 }
 int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
 {
-    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-    if( ssl == NULL || ssl->conf == NULL )
+    if( ssl            == NULL                       ||
        ssl->conf      == NULL                       ||
        ssl->handshake == NULL                       ||
        ssl->state     == MBEDTLS_SSL_HANDSHAKE_OVER )
    {
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    }
    ret = ssl_prepare_handshake_step( ssl );
    if( ret != 0 )
        return( ret );
 #if defined(MBEDTLS_SSL_CLI_C)
    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )