Use mbedtls_ssl_is_handshake_over()

Switch over to using the new function both internally and in tests. Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2025-07-30 22:43:08 +03:00 · 2022-03-18 21:55:32 +00:00
parent 93ba3e3918
commit 27b0d94e25
3 changed files with 23 additions and 23 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -120,7 +120,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
    *enabled = MBEDTLS_SSL_CID_DISABLED;

    if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
-        ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+        mbedtls_ssl_is_handshake_over( ssl ) == 0 )
    {
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    }
@ -2750,7 +2750,7 @@ int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
    if( ssl            == NULL                       ||
        ssl->conf      == NULL                       ||
        ssl->handshake == NULL                       ||
-        ssl->state     == MBEDTLS_SSL_HANDSHAKE_OVER )
+        mbedtls_ssl_is_handshake_over( ssl ) == 1 )
    {
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
    }
@ -2833,7 +2833,7 @@ int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl )
    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) );

    /* Main handshake loop */
-    while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    while( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
    {
        ret = mbedtls_ssl_handshake_step( ssl );

@ -2933,7 +2933,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
    /* On server, just send the request */
    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
    {
-        if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+        if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );

        ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
@ -2953,7 +2953,7 @@ int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
     */
    if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
    {
-        if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+        if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );

        if( ( ret = mbedtls_ssl_start_renegotiation( ssl ) ) != 0 )
@ -3235,7 +3235,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
     * (only DTLS) but are currently used to simplify the implementation.
     */
    /* The initial handshake must be over */
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    if( mbedtls_ssl_is_handshake_over( ssl ) == 0 )
    {
        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Initial handshake isn't over" ) );
        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );