mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-25 11:28:56 +00:00
Allow ssl_renegotiate() to be called in a loop
Previously broken if waiting for network I/O in the middle of a re-handshake initiated by the client.
This commit is contained in:
parent
e5e1bb972c
commit
caed0541a0
2 changed files with 17 additions and 7 deletions
|
@ -200,7 +200,8 @@
|
||||||
#define SSL_VERIFY_REQUIRED 2
|
#define SSL_VERIFY_REQUIRED 2
|
||||||
|
|
||||||
#define SSL_INITIAL_HANDSHAKE 0
|
#define SSL_INITIAL_HANDSHAKE 0
|
||||||
#define SSL_RENEGOTIATION 1
|
#define SSL_RENEGOTIATION 1 /* In progress */
|
||||||
|
#define SSL_RENEGOTIATION_DONE 2 /* Done */
|
||||||
|
|
||||||
#define SSL_LEGACY_RENEGOTIATION 0
|
#define SSL_LEGACY_RENEGOTIATION 0
|
||||||
#define SSL_SECURE_RENEGOTIATION 1
|
#define SSL_SECURE_RENEGOTIATION 1
|
||||||
|
|
|
@ -3023,6 +3023,9 @@ void ssl_handshake_wrapup( ssl_context *ssl )
|
||||||
polarssl_free( ssl->handshake );
|
polarssl_free( ssl->handshake );
|
||||||
ssl->handshake = NULL;
|
ssl->handshake = NULL;
|
||||||
|
|
||||||
|
if( ssl->renegotiation == SSL_RENEGOTIATION )
|
||||||
|
ssl->renegotiation = SSL_RENEGOTIATION_DONE;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Switch in our now active transform context
|
* Switch in our now active transform context
|
||||||
*/
|
*/
|
||||||
|
@ -3977,14 +3980,20 @@ int ssl_renegotiate( ssl_context *ssl )
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) );
|
SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) );
|
||||||
|
|
||||||
if( ssl->state != SSL_HANDSHAKE_OVER )
|
/*
|
||||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
* If renegotiation is already in progress, skip checks/init
|
||||||
|
*/
|
||||||
|
if( ssl->renegotiation != SSL_RENEGOTIATION )
|
||||||
|
{
|
||||||
|
if( ssl->state != SSL_HANDSHAKE_OVER )
|
||||||
|
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||||
|
|
||||||
ssl->state = SSL_HELLO_REQUEST;
|
if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
|
||||||
ssl->renegotiation = SSL_RENEGOTIATION;
|
return( ret );
|
||||||
|
|
||||||
if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
|
ssl->state = SSL_HELLO_REQUEST;
|
||||||
return( ret );
|
ssl->renegotiation = SSL_RENEGOTIATION;
|
||||||
|
}
|
||||||
|
|
||||||
if( ( ret = ssl_handshake( ssl ) ) != 0 )
|
if( ( ret = ssl_handshake( ssl ) ) != 0 )
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue