Improve getter for renegotiation enabled

include/mbedtls/ssl_internal.h

@@ -1243,14 +1243,15 @@ static inline int mbedtls_ssl_get_renego_status(
 #endif
 }
 
-static inline int mbedtls_ssl_conf_get_disable_renego(
+static inline int mbedtls_ssl_conf_is_renegotiation_enabled(
         const mbedtls_ssl_config *conf )
 {
 #if defined(MBEDTLS_SSL_RENEGOTIATION)
-    return( conf->disable_renegotiation );
+    return( conf->disable_renegotiation ==
+            MBEDTLS_SSL_RENEGOTIATION_ENABLED );
 #else
     (void) conf;
-    return( MBEDTLS_SSL_RENEGOTIATION_DISABLED );
+    return( 0 );
 #endif
 }
 

library/ssl_tls.c

@@ -10030,7 +10030,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
 
     if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
         ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
-        ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
+        ! mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
     {
         return( 0 );
     }
@@ -10855,8 +10855,7 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl,
         /* ... with an AEAD ciphersuite. */
         mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 ||
         /* Renegotation is disabled. */
-        mbedtls_ssl_conf_get_disable_renego( ssl->conf )
+        mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
-            != MBEDTLS_SSL_RENEGOTIATION_DISABLED )
     {
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
@@ -11079,8 +11078,7 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
             MBEDTLS_SSL_MINOR_VERSION_3 ||
         mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) >
             MBEDTLS_SSL_MINOR_VERSION_3 ||
-        mbedtls_ssl_conf_get_disable_renego( ssl->conf )
+        mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
-            != MBEDTLS_SSL_RENEGOTIATION_DISABLED )
     {
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }