From 3643fdbab98a2bd38cc9154e3285b9e23f46b404 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 12 Jan 2023 16:46:28 +0800
Subject: [PATCH] refine the state setting in tls13_handshake_wrapup

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 library/ssl_tls13_server.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 16317c076..aaf2be336 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -2568,21 +2568,20 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl)
 
     mbedtls_ssl_tls13_handshake_wrapup(ssl);
 
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+    defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
 /* TODO: Remove the check of SOME_PSK_ENABLED since SESSION_TICKETS requires
  *       SOME_PSK_ENABLED to be enabled. Here is just to make CI happy. It is
  *       expected to be resolved with issue#6395.
  */
-#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
     /* Sent NewSessionTicket message only when client supports PSK */
-    if (!mbedtls_ssl_tls13_some_psk_enabled(ssl)) {
-        mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER);
+    if (mbedtls_ssl_tls13_some_psk_enabled(ssl)) {
+        mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
     } else
 #endif
-    mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
-#else
-    mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER);
-#endif
+    {
+        mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER);
+    }
     return 0;
 }