cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-30 19:20:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Restore certificate_request state

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-10-29 10:08:19 +08:00
parent b640bf6c15
commit d2674314a3
1 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
library/ssl_tls13_client.c
View File

@ -1527,7 +1527,7 @@ static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl
if( mbedtls_ssl_tls1_3_some_psk_enabled( ssl ) ) if( mbedtls_ssl_tls1_3_some_psk_enabled( ssl ) )
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
else else
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
#else #else
((void) ssl); ((void) ssl);
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
@ -1536,6 +1536,34 @@ static int ssl_tls13_postprocess_encrypted_extensions( mbedtls_ssl_context *ssl
} }
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/*
* Handler for MBEDTLS_SSL_CERTIFICATE_REQUEST
*/
static int ssl_tls13_process_certificate_request( mbedtls_ssl_context *ssl )
{
int ret = mbedtls_ssl_read_record( ssl, 0 );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
return( ret );
}
if( ( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) &&
( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ) )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "CertificateRequest not supported" ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE,
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
}
ssl->keep_current_message = 1;
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE );
return( 0 );
}
/* /*
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE * Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
*/ */
@ -1647,6 +1675,10 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
break; break;
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
case MBEDTLS_SSL_CERTIFICATE_REQUEST:
ret = ssl_tls13_process_certificate_request( ssl );
break;
case MBEDTLS_SSL_SERVER_CERTIFICATE: case MBEDTLS_SSL_SERVER_CERTIFICATE:
ret = ssl_tls1_3_process_server_certificate( ssl ); ret = ssl_tls1_3_process_server_certificate( ssl );
break; break;