mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-22 13:41:04 +00:00
Fix whitespace and formatting in ssl_srv.c
This commit is contained in:
Simon Butcher
parent
f65013d76d
commit
584a547873
|
|
@ -1512,195 +1512,192 @@ read_record_header:
|
||||||
if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
|
if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
|
||||||
{
|
{
|
||||||
#endif
|
#endif
|
||||||
|
/*
|
||||||
/*
|
* Check the extension length
|
||||||
* Check the extension length
|
*/
|
||||||
*/
|
ext_offset = comp_offset + 1 + comp_len;
|
||||||
ext_offset = comp_offset + 1 + comp_len;
|
if( msg_len > ext_offset )
|
||||||
if( msg_len > ext_offset )
|
|
||||||
{
|
|
||||||
if( msg_len < ext_offset + 2 )
|
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
if( msg_len < ext_offset + 2 )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
||||||
|
}
|
||||||
|
|
||||||
|
ext_len = ( buf[ext_offset + 0] << 8 )
|
||||||
|
| ( buf[ext_offset + 1] );
|
||||||
|
|
||||||
|
if( ( ext_len > 0 && ext_len < 4 ) ||
|
||||||
|
msg_len != ext_offset + 2 + ext_len )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
ext_len = 0;
|
||||||
|
|
||||||
ext_len = ( buf[ext_offset + 0] << 8 )
|
ext = buf + ext_offset + 2;
|
||||||
| ( buf[ext_offset + 1] );
|
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
|
||||||
|
|
||||||
if( ( ext_len > 0 && ext_len < 4 ) ||
|
while( ext_len != 0 )
|
||||||
msg_len != ext_offset + 2 + ext_len )
|
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
unsigned int ext_id = ( ( ext[0] << 8 )
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
| ( ext[1] ) );
|
||||||
}
|
unsigned int ext_size = ( ( ext[2] << 8 )
|
||||||
}
|
| ( ext[3] ) );
|
||||||
else
|
|
||||||
ext_len = 0;
|
|
||||||
|
|
||||||
ext = buf + ext_offset + 2;
|
if( ext_size + 4 > ext_len )
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
||||||
while( ext_len != 0 )
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
||||||
{
|
}
|
||||||
unsigned int ext_id = ( ( ext[0] << 8 )
|
switch( ext_id )
|
||||||
| ( ext[1] ) );
|
{
|
||||||
unsigned int ext_size = ( ( ext[2] << 8 )
|
|
||||||
| ( ext[3] ) );
|
|
||||||
|
|
||||||
if( ext_size + 4 > ext_len )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
|
||||||
}
|
|
||||||
switch( ext_id )
|
|
||||||
{
|
|
||||||
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
|
||||||
case MBEDTLS_TLS_EXT_SERVERNAME:
|
case MBEDTLS_TLS_EXT_SERVERNAME:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) );
|
||||||
if( ssl->conf->f_sni == NULL )
|
if( ssl->conf->f_sni == NULL )
|
||||||
break;
|
break;
|
||||||
|
|
||||||
ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
|
||||||
|
|
||||||
case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
|
case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
|
||||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||||
renegotiation_info_seen = 1;
|
renegotiation_info_seen = 1;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size );
|
ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
|
||||||
case MBEDTLS_TLS_EXT_SIG_ALG:
|
case MBEDTLS_TLS_EXT_SIG_ALG:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
|
||||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||||
if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
|
if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
|
||||||
MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
|
MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES:
|
case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size );
|
ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
|
case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
|
||||||
ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
|
ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
|
||||||
|
|
||||||
ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
|
ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
|
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
|
||||||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
|
||||||
case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
|
case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size );
|
ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
|
case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
|
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
|
||||||
case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
|
case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
|
||||||
case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
|
case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
|
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
|
||||||
case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
|
case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
|
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||||
case MBEDTLS_TLS_EXT_SESSION_TICKET:
|
case MBEDTLS_TLS_EXT_SESSION_TICKET:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_ALPN)
|
#if defined(MBEDTLS_SSL_ALPN)
|
||||||
case MBEDTLS_TLS_EXT_ALPN:
|
case MBEDTLS_TLS_EXT_ALPN:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
|
||||||
|
|
||||||
ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size );
|
ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
break;
|
break;
|
||||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
|
||||||
|
|
||||||
default:
|
default:
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
|
||||||
ext_id ) );
|
ext_id ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
ext_len -= 4 + ext_size;
|
||||||
|
ext += 4 + ext_size;
|
||||||
|
|
||||||
|
if( ext_len > 0 && ext_len < 4 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ext_len -= 4 + ext_size;
|
|
||||||
ext += 4 + ext_size;
|
|
||||||
|
|
||||||
if( ext_len > 0 && ext_len < 4 )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
#if defined(MBEDTLS_SSL_PROTO_SSL3)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue