yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-22 13:51:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow calling CID API outside of DTLS

Browse source
This commit is contained in:
Hanno Becker 2019-05-03 14:38:32 +01:00
parent e2c2314ab4
commit 76a79ab4a2
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
library/ssl_tls.c
View file

@ -128,6 +128,9 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl,
unsigned char const *own_cid, unsigned char const *own_cid,
size_t own_cid_len ) size_t own_cid_len )
{ {
if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
ssl->negotiate_cid = enable; ssl->negotiate_cid = enable;
if( enable == MBEDTLS_SSL_CID_DISABLED ) if( enable == MBEDTLS_SSL_CID_DISABLED )
{ {
@ -162,8 +165,11 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl,
{ {
*enabled = MBEDTLS_SSL_CID_DISABLED; *enabled = MBEDTLS_SSL_CID_DISABLED;
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ||
ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
/* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions
* were used, but client and server requested the empty CID. * were used, but client and server requested the empty CID.