yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-02 07:41:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make authmode volatile

Browse source 
This is to enforce reading it from memory for the double
check to prevent compiler from optimising it away.
This commit is contained in:
Jarno Lamsa 2019-12-20 12:09:37 +02:00
parent af60cd7698
commit 015aa44b93
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_tls.c
View file

@ -7931,11 +7931,11 @@ int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
volatile int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET
volatile const int authmode = ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET
? ssl->handshake->sni_authmode
: mbedtls_ssl_conf_get_authmode( ssl->conf );
#else
const int authmode = mbedtls_ssl_conf_get_authmode( ssl->conf );
volatile const int authmode = mbedtls_ssl_conf_get_authmode( ssl->conf );
#endif
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
volatile int crt_expected = SSL_CERTIFICATE_EXPECTED;
@ -7989,6 +7989,7 @@ int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
1 )
#endif
{
mbedtls_platform_enforce_volatile_reads();
if( authmode == MBEDTLS_SSL_VERIFY_NONE ||
authmode == MBEDTLS_SSL_VERIFY_OPTIONAL ||
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)