yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-26 01:15:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce CRT counter to CRT chain parsing function

Browse source 
So far, we've used the `peer_cert` pointer to detect whether
we're parsing the first CRT, but that will soon be removed
if `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` is unset.
This commit is contained in:
Hanno Becker 2019-02-05 12:38:45 +00:00
parent 22141593e1
commit 8794fd927c
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
library/ssl_tls.c
View file

@ -6171,7 +6171,7 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session )
*/ */
static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl ) static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
{ {
int ret; int ret, crt_cnt=0;
size_t i, n; size_t i, n;
uint8_t alert; uint8_t alert;
@ -6298,7 +6298,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
} }
/* Check if we're handling the first CRT in the chain. */ /* Check if we're handling the first CRT in the chain. */
if( ssl->session_negotiate->peer_cert == NULL ) if( crt_cnt++ == 0 )
{ {
/* During client-side renegotiation, check that the server's /* During client-side renegotiation, check that the server's
* end-CRTs hasn't changed compared to the initial handshake, * end-CRTs hasn't changed compared to the initial handshake,