wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address code review

Browse Source
This commit is contained in:
Juliusz Sosinowicz
2023-09-07 16:26:42 +02:00
parent 8da863184c
commit ada785e115
3 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/dtls.c
View File

@ -28,7 +28,7 @@
* clientHello messages will consume resources on the server. * clientHello messages will consume resources on the server.
* WOLFSSL_DTLS_CH_FRAG * WOLFSSL_DTLS_CH_FRAG
* Allow a server to process a fragmented second/verified (one containing a * Allow a server to process a fragmented second/verified (one containing a
* valid cookie response) ClientHello message. The first/unverifies (one * valid cookie response) ClientHello message. The first/unverified (one
* without a cookie extension) ClientHello MUST be unfragmented so that the * without a cookie extension) ClientHello MUST be unfragmented so that the
* DTLS server can process it statelessly. This is only implemented for * DTLS server can process it statelessly. This is only implemented for
* DTLS 1.3. The user MUST call wolfSSL_dtls13_allow_ch_frag() on the server * DTLS 1.3. The user MUST call wolfSSL_dtls13_allow_ch_frag() on the server
@ -895,6 +895,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input, word32 helloSz,
#else #else
WOLFSSL_MSG("\tProcessing fragmented ClientHello but " WOLFSSL_MSG("\tProcessing fragmented ClientHello but "
"WOLFSSL_DTLS_CH_FRAG is not defined. This should not happen."); "WOLFSSL_DTLS_CH_FRAG is not defined. This should not happen.");
return BAD_STATE_E;
#endif #endif
} }
if (tls13 != NULL) if (tls13 != NULL)
@ -945,7 +946,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input, word32 helloSz,
#ifdef WOLFSSL_DTLS_CH_FRAG #ifdef WOLFSSL_DTLS_CH_FRAG
/* Don't send anything here when processing fragment */ /* Don't send anything here when processing fragment */
if (isFirstCHFrag) if (isFirstCHFrag)
ret = BUFFER_ERROR; ret = COOKIE_ERROR;
else else
#endif #endif
ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13); ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13);
@ -966,7 +967,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input, word32 helloSz,
#ifdef WOLFSSL_DTLS_CH_FRAG #ifdef WOLFSSL_DTLS_CH_FRAG
/* Don't send anything here when processing fragment */ /* Don't send anything here when processing fragment */
if (isFirstCHFrag) if (isFirstCHFrag)
ret = BUFFER_ERROR; ret = COOKIE_ERROR;
else else
#endif #endif
ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13); ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13);

2
src/dtls13.c
View File

@ -1668,7 +1668,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
DoClientHelloStateless(ssl, input + idx, fragLength, 1, &tls13) DoClientHelloStateless(ssl, input + idx, fragLength, 1, &tls13)
== 0 && tls13) { == 0 && tls13) {
/* We can save this message and continue as stateful. */ /* We can save this message and continue as stateful. */
if (ssl->chGoodCb != NULL && !IsSCR(ssl)) { if (ssl->chGoodCb != NULL) {
int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx); int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
if (cbret < 0) { if (cbret < 0) {
ssl->error = cbret; ssl->error = cbret;

2
src/tls13.c
View File

@ -6658,7 +6658,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
*inOutIdx += helloSz; *inOutIdx += helloSz;
goto exit_dch; goto exit_dch;
} }
if (ssl->chGoodCb != NULL && !IsSCR(ssl)) { if (ssl->chGoodCb != NULL) {
int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx); int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
if (cbret < 0) { if (cbret < 0) {
ssl->error = cbret; ssl->error = cbret;