mirror of
				https://github.com/yuzu-emu/mbedtls.git
				synced 2025-10-23 07:19:03 +00:00 
			
		
		
		
	Document behaviour of mbedtls_ssl_get_peer_cid() for empty CIDs
This commit is contained in:
		
							parent
							
								
									5a29990367
								
							
						
					
					
						commit
						c5f2422116
					
				|  | @ -1628,6 +1628,13 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, | |||
|  *                     progress, this function will attempt to complete | ||||
|  *                     the handshake first. | ||||
|  * | ||||
|  * \note               If CID extensions have been exchanged but both client | ||||
|  *                     and server chose to use an empty CID, this function | ||||
|  *                     sets `*enabled` to #MBEDTLS_SSL_CID_DISABLED | ||||
|  *                     (the rationale for this is that the resulting | ||||
|  *                     communication is the same as if the CID extensions | ||||
|  *                     hadn't been used). | ||||
|  * | ||||
|  * \return            \c 0 on success. | ||||
|  * \return            A negative error code on failure. | ||||
|  */ | ||||
|  |  | |||
|  | @ -165,11 +165,10 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, | |||
|     if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) | ||||
|         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); | ||||
| 
 | ||||
|     /* What shall we report if we have exchanged if both client
 | ||||
|      * and server have used the CID extension, but negotiated | ||||
|      * empty CIDs? This is indistinguishable from not using the | ||||
|      * CID extension in the first place, and we're reporting | ||||
|      * MBEDTLS_SSL_CID_DISABLED in this case. */ | ||||
|     /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions
 | ||||
|      * were used, but client and server requested the empty CID. | ||||
|      * This is indistinguishable from not using the CID extension | ||||
|      * in the first place. */ | ||||
|     if( ssl->transform_in->in_cid_len  == 0 && | ||||
|         ssl->transform_in->out_cid_len == 0 ) | ||||
|     { | ||||
|  |  | |||
		Loading…
	
		Reference in a new issue