From a49ec56f5199ddd895a8ddf7a646049a9aa1b7c8 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 11 Jun 2019 14:47:55 +0100
Subject: [PATCH] Introduce getter function for `extended_ms` field in HS
 struct

---
 include/mbedtls/ssl_internal.h | 18 ++++++++++++++++++
 library/ssl_srv.c              |  3 ++-
 library/ssl_tls.c              |  3 ++-
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index e188c9706..35b3a9001 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -535,6 +535,24 @@ struct mbedtls_ssl_handshake_params
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 };
 
+/*
+ * Getter functions for fields in mbedtls_ssl_handshake_params which
+ * may be statically implied by the configuration and hence be omitted
+ * from the structure.
+ */
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+static inline int mbedtls_ssl_hs_get_extended_ms(
+    mbedtls_ssl_handshake_params const *params )
+{
+#if !defined(MBEDTLS_SSL_EXTENDED_MS_ENFORCED)
+    return( params->extended_ms );
+#else
+    ((void) params);
+    return( MBEDTLS_SSL_EXTENDED_MS_ENABLED );
+#endif /* MBEDTLS_SSL_EXTENDED_MS_ENFORCED */
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
 typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
 
 /*
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index b01291841..023e0a86d 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2270,7 +2270,8 @@ static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
 {
     unsigned char *p = buf;
 
-    if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+    if( mbedtls_ssl_hs_get_extended_ms( ssl->handshake )
+          == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
         ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
     {
         *olen = 0;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5c8a08eb7..0864fc247 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1273,7 +1273,8 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
                                                   handshake->pmslen );
 
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
-    if( handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
+    if( mbedtls_ssl_hs_get_extended_ms( handshake )
+          == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
     {
         unsigned char session_hash[48];
         size_t hash_len;