Add function for set pending alert flag

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2025-07-29 11:41:15 +03:00 · 2021-09-14 22:17:21 +08:00
parent 33cedca8aa
commit 394ece6cdd
3 changed files with 29 additions and 16 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1527,10 +1527,7 @@ struct mbedtls_ssl_context
                                     on next call to record layer? */

    /* The following three variables indicate if and, if yes,
-     * what kind of alert or warning is pending to be sent.
-     * They should not be set manually but through the macro
-     * MBEDTLS_SSL_PEND_FATAL_ALERT( type, user_return_value )
-     * defined below.
+     * what kind of alert is pending to be sent.
     */
    unsigned char MBEDTLS_PRIVATE(send_alert);   /*!< Determines if a fatal alert
                                                should be sent. Values:
@ -1640,14 +1637,6 @@ struct mbedtls_ssl_context
 #endif
 };

-#define MBEDTLS_SSL_PEND_FATAL_ALERT( type, user_return_value )         \
-    do                                                                  \
-    {                                                                   \
-        ssl->send_alert = 1;                                            \
-        ssl->alert_reason = (user_return_value);                        \
-        ssl->alert_type = (type);                                       \
-    } while( 0 )
-
 /**
 * \brief               Return the name of the ciphersuite associated with the
 *                      given ID
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -1343,10 +1343,22 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );

 /*
- * Send pending fatal alerts or warnings.
+ * Send pending alert
 */
 int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl );

+/*
+ * Set pending fatal alert flag.
+ */
+void mbedtls_ssl_pend_fatal_alert( mbedtls_ssl_context *ssl,
+                                   unsigned char alert_type,
+                                   int alert_reason );
+
+/* Alias of mbedtls_ssl_pend_fatal_alert */
+#define MBEDTLS_SSL_PEND_FATAL_ALERT( type, user_return_value )         \
+            mbedtls_ssl_pend_fatal_alert( ssl, type, user_return_value )
+
+
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
 void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl );
 #endif
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -5649,16 +5649,28 @@ int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl )
    /* Send alert if requested */
    if( ssl->send_alert != 0 )
    {
+        /* Clear send_alert to avoid infinite loop */
+        ssl->send_alert = 0;
+
        ret = mbedtls_ssl_send_alert_message( ssl,
                                 MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                 ssl->alert_type );
        if( ret != 0 )
            return( ret );
    }
-
-    ssl->send_alert = 0;
-    ssl->alert_type = 0;
    return( 0 );
 }

+/*
+ * Set pending fatal alert flag.
+ */
+void mbedtls_ssl_pend_fatal_alert( mbedtls_ssl_context *ssl,
+                                   unsigned char alert_type,
+                                   int alert_reason )
+{
+    ssl->send_alert = 1;
+    ssl->alert_type = alert_type;
+    ssl->alert_reason = alert_reason;
+}
+
 #endif /* MBEDTLS_SSL_TLS_C */