F-4144: propagate SendAlert result in DoHelloRequest no-reneg trace

In the WOLFSSL_OP_NO_RENEGOTIATION refusal path, WOLFSSL_LEAVE logged a
hard-coded 0 while the function actually returned SendAlert()'s result.
Capture the return value first so the trace reflects reality (e.g. when
SendAlert fails due to write backpressure) and return it.
This commit is contained in:
Juliusz Sosinowicz
2026-06-08 19:22:42 +00:00
parent 1f4afe9ccc
commit 1a2fcb8607
+4 -2
View File
@@ -18055,10 +18055,12 @@ static int DoHelloRequest(WOLFSSL* ssl, word32 size)
* peer-initiated renegotiation. Respond with a no_renegotiation
* warning alert instead of starting a secure renegotiation. */
if (ssl->options.mask & WOLFSSL_OP_NO_RENEGOTIATION) {
int ret;
WOLFSSL_MSG("Rejecting HelloRequest: WOLFSSL_OP_NO_RENEGOTIATION");
WOLFSSL_LEAVE("DoHelloRequest", 0);
ret = SendAlert(ssl, alert_warning, no_renegotiation);
WOLFSSL_LEAVE("DoHelloRequest", ret);
WOLFSSL_END(WC_FUNC_HELLO_REQUEST_DO);
return SendAlert(ssl, alert_warning, no_renegotiation);
return ret;
}
ssl->secure_renegotiation->startScr = 1;
WOLFSSL_LEAVE("DoHelloRequest", 0);