Merge remote-tracking branch 'origin/pr/2854' into development

* origin/pr/2854: Shorter version of mbedtls_ssl_send_fatal_handshake_failure Resolve #2801 - remove repetitive assignment to ssl->in_msg (the first value was never used) Resolve #2800 - move declaration to avoid unused variable warning in case MBEDTLS_SSL_PROTO_DTLS was undefined Resolve #2717 - remove erroneous sizeof (the operator was applied to constant integer number)
2025-07-29 11:41:15 +03:00 · 2019-11-22 10:20:19 +00:00
parent ed7b8b73ad 6c0da64094
commit 5d74241b54
2 changed files with 17 additions and 13 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -120,7 +120,6 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
                              size_t buflen )
 {
    int ret = 0;
-    mbedtls_record rec;
    MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) );
    MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen );

@ -137,6 +136,8 @@ int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl,
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    else
    {
+        mbedtls_record rec;
+
        ret = ssl_parse_record_header( ssl, buf, buflen, &rec );
        if( ret != 0 )
        {
@ -6452,7 +6453,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    ssl->in_len = ssl->in_cid + rec.cid_len;
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-    ssl->in_iv  = ssl->in_msg = ssl->in_len + 2;
+    ssl->in_iv  = ssl->in_len + 2;

    /* The record content type may change during decryption,
     * so re-read it. */
@ -6606,16 +6607,9 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )

 int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl )
 {
-    int ret;
-
-    if( ( ret = mbedtls_ssl_send_alert_message( ssl,
-                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                    MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    return( 0 );
+    return( mbedtls_ssl_send_alert_message( ssl,
+                  MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                  MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) );
 }

 int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
@ -7303,7 +7297,7 @@ static int ssl_remember_peer_crt_digest( mbedtls_ssl_context *ssl,
    if( ssl->session_negotiate->peer_cert_digest == NULL )
    {
        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
-                                    sizeof( MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) ) );
+                                    MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) );
        mbedtls_ssl_send_alert_message( ssl,
                                        MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );