cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Documentation fixes according to review

Browse Source 
Improve grammar and replace the word 'fresh' with
an explanation what is going to be verified.
This commit is contained in:
Jarno Lamsa 2019-08-14 10:39:32 +03:00
parent 1f3fe87da3
commit 31c3b14e37
2 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/mbedtls/config.h
View File

@ -1353,9 +1353,10 @@
/** /**
* \def MBEDTLS_SSL_RECORD_CHECKING * \def MBEDTLS_SSL_RECORD_CHECKING
* *
* Enable the API mbedtls_ssl_check_record() which allows to check the * Enable the function mbedtls_ssl_check_record() which can be used to check
* validity, freshness and authenticity of an incoming record without * the validity and authenticity of an incoming record, to verify that it has
* modifying the externally visible state of the SSL context. * not been seen before. These checks are performed without modifying the
* externally visible state of the SSL context.
* *
* See mbedtls_ssl_check_record() for more information. * See mbedtls_ssl_check_record() for more information.
* *

18
include/mbedtls/ssl.h
View File

@ -1758,8 +1758,8 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
#if defined(MBEDTLS_SSL_RECORD_CHECKING) #if defined(MBEDTLS_SSL_RECORD_CHECKING)
/** /**
* \brief Check whether a buffer contains a valid, fresh * \brief Check whether a buffer contains a valid and authentic record
* and authentic record (DTLS only). * that has not been seen before. (DTLS only).
* *
* This function does not change the user-visible state * This function does not change the user-visible state
* of the SSL context. Its sole purpose is to provide * of the SSL context. Its sole purpose is to provide
@ -1774,19 +1774,21 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
* *
* \param ssl The SSL context to use. * \param ssl The SSL context to use.
* \param buf The address of the buffer holding the record to be checked. * \param buf The address of the buffer holding the record to be checked.
* This must be an R/W buffer of length \p buflen Bytes. * This must be a read/write buffer of length \p buflen Bytes.
* \param buflen The length of \p buf in Bytes. * \param buflen The length of \p buf in Bytes.
* *
* \note This routine only checks whether the provided buffer begins * \note This routine only checks whether the provided buffer begins
* with a valid, fresh and authentic record, but does not check * with a valid and authentic record that has not been seen
* potential data following the initial record. In particular, * before, but does not check potential data following the
* it is possible to pass DTLS datagrams containing multiple * initial record. In particular, it is possible to pass DTLS
* records, in which case only the first record is checked. * datagrams containing multiple records, in which case only
* the first record is checked.
* *
* \note This function modifies the input buffer \p buf. If you need * \note This function modifies the input buffer \p buf. If you need
* to preserve the original record, you have to maintain a copy. * to preserve the original record, you have to maintain a copy.
* *
* \return \c 0 if the record is valid, fresh and authentic. * \return \c 0 if the record is valid and authentic and has not been
* seen before.
* \return MBEDTLS_ERR_SSL_INVALID_MAC if the check completed * \return MBEDTLS_ERR_SSL_INVALID_MAC if the check completed
* successfully but the record was found to be not authentic. * successfully but the record was found to be not authentic.
* \return MBEDTLS_ERR_SSL_INVALID_RECORD if the check completed * \return MBEDTLS_ERR_SSL_INVALID_RECORD if the check completed