mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 13:55:43 +00:00
Introduce CRT counter to CRT chain parsing function
So far, we've used the `peer_cert` pointer to detect whether we're parsing the first CRT, but that will soon be removed if `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` is unset.
This commit is contained in:
parent
22141593e1
commit
8794fd927c
|
@ -6171,7 +6171,7 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session )
|
|||
*/
|
||||
static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
int ret, crt_cnt=0;
|
||||
size_t i, n;
|
||||
uint8_t alert;
|
||||
|
||||
|
@ -6298,7 +6298,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
|
|||
}
|
||||
|
||||
/* Check if we're handling the first CRT in the chain. */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
if( crt_cnt++ == 0 )
|
||||
{
|
||||
/* During client-side renegotiation, check that the server's
|
||||
* end-CRTs hasn't changed compared to the initial handshake,
|
||||
|
|
Loading…
Reference in a new issue