lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-11-03 20:33:16 +03:00
Code Activity

Rename SSL_RENEGOTIATION macro

Browse Source 
- new name is more explicit
- avoids collision with POLARSSL_SSL_RENEGOTIATION config flag when prefixing
  will be applied
This commit is contained in:
Manuel Pégourié-Gonnard
2015-03-09 11:12:32 +00:00
parent e7e906de13
commit 2f5a1b4e55
4 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/polarssl/ssl.h
View File

@@ -236,7 +236,7 @@
#define SSL_VERIFY_REQUIRED 2 #define SSL_VERIFY_REQUIRED 2
#define SSL_INITIAL_HANDSHAKE 0 #define SSL_INITIAL_HANDSHAKE 0
#define SSL_RENEGOTIATION 1 /* In progress */ #define SSL_RENEGOTIATION_IN_PROGRESS 1 /* In progress */
#define SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ #define SSL_RENEGOTIATION_DONE 2 /* Done or aborted */
#define SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ #define SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */

10
library/ssl_cli.c
View File

@@ -120,7 +120,7 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl,
*olen = 0; *olen = 0;
if( ssl->renegotiation != SSL_RENEGOTIATION ) if( ssl->renegotiation != SSL_RENEGOTIATION_IN_PROGRESS )
return; return;
SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) ); SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) );
@@ -1195,7 +1195,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) if( ssl->in_msgtype != SSL_MSG_HANDSHAKE )
{ {
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION ) if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
ssl->renego_records_seen++; ssl->renego_records_seen++;
@@ -1581,21 +1581,21 @@ static int ssl_parse_server_hello( ssl_context *ssl )
handshake_failure = 1; handshake_failure = 1;
} }
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
else if( ssl->renegotiation == SSL_RENEGOTIATION && else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION &&
renegotiation_info_seen == 0 ) renegotiation_info_seen == 0 )
{ {
SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION && else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION )
{ {
SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION && else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
renegotiation_info_seen == 1 ) renegotiation_info_seen == 1 )
{ {

12
library/ssl_srv.c
View File

@@ -1189,7 +1189,7 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl )
{ {
SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION ) if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV "
"during renegotiation" ) ); "during renegotiation" ) );
@@ -1805,7 +1805,7 @@ read_record_header:
case TLS_EXT_SIG_ALG: case TLS_EXT_SIG_ALG:
SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION ) if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS )
break; break;
#endif #endif
@@ -1941,7 +1941,7 @@ read_record_header:
if( p[0] == 0 && p[1] == SSL_EMPTY_RENEGOTIATION_INFO ) if( p[0] == 0 && p[1] == SSL_EMPTY_RENEGOTIATION_INFO )
{ {
SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
if( ssl->renegotiation == SSL_RENEGOTIATION ) if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) ); SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) );
@@ -1965,21 +1965,21 @@ read_record_header:
handshake_failure = 1; handshake_failure = 1;
} }
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
else if( ssl->renegotiation == SSL_RENEGOTIATION && else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION &&
renegotiation_info_seen == 0 ) renegotiation_info_seen == 0 )
{ {
SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION && else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION )
{ {
SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION && else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
renegotiation_info_seen == 1 ) renegotiation_info_seen == 1 )
{ {

10
library/ssl_tls.c
View File

@@ -3206,7 +3206,7 @@ static int ssl_parse_record_header( ssl_context *ssl )
* except at the beginning of renegotiations */ * except at the beginning of renegotiations */
if( ssl->in_msgtype == SSL_MSG_APPLICATION_DATA && if( ssl->in_msgtype == SSL_MSG_APPLICATION_DATA &&
ssl->state != SSL_HANDSHAKE_OVER && ssl->state != SSL_HANDSHAKE_OVER &&
! ( ssl->renegotiation == SSL_RENEGOTIATION && ! ( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->state == SSL_SERVER_HELLO ) ) ssl->state == SSL_SERVER_HELLO ) )
{ {
SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) ); SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) );
@@ -3942,7 +3942,7 @@ int ssl_parse_certificate( ssl_context *ssl )
*/ */
#if defined(POLARSSL_SSL_RENEGOTIATION) && defined(POLARSSL_SSL_CLI_C) #if defined(POLARSSL_SSL_RENEGOTIATION) && defined(POLARSSL_SSL_CLI_C)
if( ssl->endpoint == SSL_IS_CLIENT && if( ssl->endpoint == SSL_IS_CLIENT &&
ssl->renegotiation == SSL_RENEGOTIATION ) ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
if( ssl->session->peer_cert == NULL ) if( ssl->session->peer_cert == NULL )
{ {
@@ -4487,7 +4487,7 @@ void ssl_handshake_wrapup( ssl_context *ssl )
SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION ) if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
ssl->renegotiation = SSL_RENEGOTIATION_DONE; ssl->renegotiation = SSL_RENEGOTIATION_DONE;
ssl->renego_records_seen = 0; ssl->renego_records_seen = 0;
@@ -5979,7 +5979,7 @@ static int ssl_start_renegotiation( ssl_context *ssl )
#endif #endif
ssl->state = SSL_HELLO_REQUEST; ssl->state = SSL_HELLO_REQUEST;
ssl->renegotiation = SSL_RENEGOTIATION; ssl->renegotiation = SSL_RENEGOTIATION_IN_PROGRESS;
if( ( ret = ssl_handshake( ssl ) ) != 0 ) if( ( ret = ssl_handshake( ssl ) ) != 0 )
{ {
@@ -6022,7 +6022,7 @@ int ssl_renegotiate( ssl_context *ssl )
* On client, either start the renegotiation process or, * On client, either start the renegotiation process or,
* if already in progress, continue the handshake * if already in progress, continue the handshake
*/ */
if( ssl->renegotiation != SSL_RENEGOTIATION ) if( ssl->renegotiation != SSL_RENEGOTIATION_IN_PROGRESS )
{ {
if( ssl->state != SSL_HANDSHAKE_OVER ) if( ssl->state != SSL_HANDSHAKE_OVER )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );