wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

wolfsentry integration: avoid redundant and frivolous dispatches (ssl.c wolfSSL_connect(), wolfSSL_negotiate(), wolfSSL_accept(); tls13.c wolfSSL_connect_TLSv13(), wolfSSL_accept_TLSv13()).

Browse Source
This commit is contained in:
Daniel Pouzzner
2022-07-27 13:24:52 -05:00
parent feb911c612
commit ed449d5b20
2 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/ssl.c
View File

@ -11853,7 +11853,8 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif #endif
#ifdef WOLFSSL_WOLFSENTRY_HOOKS #ifdef WOLFSSL_WOLFSENTRY_HOOKS
if (ssl->ConnectFilter) { if ((ssl->ConnectFilter != NULL) &&
(ssl->options.connectState == CONNECT_BEGIN)) {
wolfSSL_netfilter_decision_t res; wolfSSL_netfilter_decision_t res;
if ((ssl->ConnectFilter(ssl, ssl->ConnectFilter_arg, &res) == if ((ssl->ConnectFilter(ssl, ssl->ConnectFilter_arg, &res) ==
WOLFSSL_SUCCESS) && WOLFSSL_SUCCESS) &&
@ -12324,7 +12325,13 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_ENTER("SSL_accept()"); WOLFSSL_ENTER("SSL_accept()");
#ifdef WOLFSSL_WOLFSENTRY_HOOKS #ifdef WOLFSSL_WOLFSENTRY_HOOKS
if (ssl->AcceptFilter) { if ((ssl->AcceptFilter != NULL) &&
((ssl->options.acceptState == ACCEPT_BEGIN)
#ifdef HAVE_SECURE_RENEGOTIATION
|| (ssl->options.acceptState == ACCEPT_BEGIN_RENEG)
#endif
))
{
wolfSSL_netfilter_decision_t res; wolfSSL_netfilter_decision_t res;
if ((ssl->AcceptFilter(ssl, ssl->AcceptFilter_arg, &res) == if ((ssl->AcceptFilter(ssl, ssl->AcceptFilter_arg, &res) ==
WOLFSSL_SUCCESS) && WOLFSSL_SUCCESS) &&

12
src/tls13.c
View File

@ -9746,7 +9746,9 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
} }
#ifdef WOLFSSL_WOLFSENTRY_HOOKS #ifdef WOLFSSL_WOLFSENTRY_HOOKS
if (ssl->ConnectFilter) { if ((ssl->ConnectFilter != NULL) &&
(ssl->options.connectState == CONNECT_BEGIN))
{
wolfSSL_netfilter_decision_t res; wolfSSL_netfilter_decision_t res;
if ((ssl->ConnectFilter(ssl, ssl->ConnectFilter_arg, &res) == if ((ssl->ConnectFilter(ssl, ssl->ConnectFilter_arg, &res) ==
WOLFSSL_SUCCESS) && WOLFSSL_SUCCESS) &&
@ -10781,7 +10783,13 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
} }
#ifdef WOLFSSL_WOLFSENTRY_HOOKS #ifdef WOLFSSL_WOLFSENTRY_HOOKS
if (ssl->AcceptFilter) { if ((ssl->AcceptFilter != NULL) &&
((ssl->options.acceptState == TLS13_ACCEPT_BEGIN)
#ifdef HAVE_SECURE_RENEGOTIATION
|| (ssl->options.acceptState == TLS13_ACCEPT_BEGIN_RENEG)
#endif
))
{
wolfSSL_netfilter_decision_t res; wolfSSL_netfilter_decision_t res;
if ((ssl->AcceptFilter(ssl, ssl->AcceptFilter_arg, &res) == if ((ssl->AcceptFilter(ssl, ssl->AcceptFilter_arg, &res) ==
WOLFSSL_SUCCESS) && WOLFSSL_SUCCESS) &&