From f3f5b0f53bbf5000892c841a908d37c212baaf19 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 17 Jan 2022 15:52:40 -0800 Subject: [PATCH] Peer review fixes. Improve profile not found handling or errors. Improve inline function. --- src/internal.c | 2 +- src/tls.c | 11 ++++++++--- wolfssl/internal.h | 1 - 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/src/internal.c b/src/internal.c index 363c76d1a..adb25c7f8 100644 --- a/src/internal.c +++ b/src/internal.c @@ -501,7 +501,7 @@ int IsDtlsNotSctpMode(WOLFSSL* ssl) /* Secure Real-time Transport Protocol */ /* If SRTP is not enabled returns the state of the dtls option. * If SRTP is enabled returns dtls && !dtlsSrtpProfiles. */ -int IsDtlsNotSrtpMode(WOLFSSL* ssl) +static WC_INLINE int IsDtlsNotSrtpMode(WOLFSSL* ssl) { #ifdef WOLFSSL_SRTP return ssl->options.dtls && !ssl->dtlsSrtpProfiles; diff --git a/src/tls.c b/src/tls.c index cfa1fa6d6..e52e38a27 100644 --- a/src/tls.c +++ b/src/tls.c @@ -5430,7 +5430,10 @@ static int TLSX_UseSRTP_Parse(WOLFSSL* ssl, const byte* input, word16 length, /* total length, not include itself */ ato16(input, &profile_len); offset += OPAQUE16_LEN; + /* parse remainder one profile at a time, looking for match in CTX */ + ret = 0; + ssl->dtlsSrtpId = 0; for (i=offset; idtlsSrtpId == 0) { WOLFSSL_MSG("SRP Profile not found!"); - ssl->dtlsSrtpId = 0; - TLSX_UseSRTP_Free(srtp, ssl->heap); /* not fatal, so return 0 */ ret = 0; } + else if (ret != 0) { + ssl->dtlsSrtpId = 0; + TLSX_UseSRTP_Free(srtp, ssl->heap); + } #endif return ret; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 6189a06f5..a149bf722 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -4949,7 +4949,6 @@ WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength); #endif WOLFSSL_LOCAL int IsSCR(WOLFSSL* ssl); WOLFSSL_LOCAL int IsDtlsNotSctpMode(WOLFSSL* ssl); - WOLFSSL_LOCAL int IsDtlsNotSrtpMode(WOLFSSL* ssl); WOLFSSL_LOCAL void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out);