eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Rename ssl.renegotiation to ssl.renego_status

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-03-19 16:15:20 +00:00
parent 240b092a6c
commit 852a6d3d8f
4 changed files with 42 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

2
include/mbedtls/ssl.h
View file

@ -795,7 +795,7 @@ struct _ssl_context
int state; /*!< SSL handshake: current state */ int state; /*!< SSL handshake: current state */
int transport; /*!< Transport: stream or datagram */ int transport; /*!< Transport: stream or datagram */
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
int renegotiation; /*!< Initial or renegotiation */ int renego_status; /*!< Initial, in progress, pending? */
int renego_records_seen; /*!< Records since renego request, or with DTLS, int renego_records_seen; /*!< Records since renego request, or with DTLS,
number of retransmissions of request if number of retransmissions of request if
renego_max_records is < 0 */ renego_max_records is < 0 */

22
library/ssl_cli.c
View file

@ -120,7 +120,7 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl,
*olen = 0; *olen = 0;
if( ssl->renegotiation != SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status != SSL_RENEGOTIATION_IN_PROGRESS )
return; return;
SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) ); SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) );
@ -562,7 +562,7 @@ static int ssl_write_client_hello( ssl_context *ssl )
} }
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status == SSL_INITIAL_HANDSHAKE )
#endif #endif
{ {
ssl->major_ver = ssl->min_major_ver; ssl->major_ver = ssl->min_major_ver;
@ -618,7 +618,7 @@ static int ssl_write_client_hello( ssl_context *ssl )
if( n < 16 || n > 32 || if( n < 16 || n > 32 ||
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
ssl->renegotiation != SSL_INITIAL_HANDSHAKE || ssl->renego_status != SSL_INITIAL_HANDSHAKE ||
#endif #endif
ssl->handshake->resume == 0 ) ssl->handshake->resume == 0 )
{ {
@ -631,7 +631,7 @@ static int ssl_write_client_hello( ssl_context *ssl )
* generate and include a Session ID in the TLS ClientHello." * generate and include a Session ID in the TLS ClientHello."
*/ */
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status == SSL_INITIAL_HANDSHAKE )
#endif #endif
{ {
if( ssl->session_negotiate->ticket != NULL && if( ssl->session_negotiate->ticket != NULL &&
@ -723,7 +723,7 @@ static int ssl_write_client_hello( ssl_context *ssl )
* Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
*/ */
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status == SSL_INITIAL_HANDSHAKE )
#endif #endif
{ {
*p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
@ -882,7 +882,7 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
int ret; int ret;
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != SSL_INITIAL_HANDSHAKE )
{ {
/* Check verify-data in constant-time. The length OTOH is no secret */ /* Check verify-data in constant-time. The length OTOH is no secret */
if( len != 1 + ssl->verify_data_len * 2 || if( len != 1 + ssl->verify_data_len * 2 ||
@ -1195,7 +1195,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) if( ssl->in_msgtype != SSL_MSG_HANDSHAKE )
{ {
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
ssl->renego_records_seen++; ssl->renego_records_seen++;
@ -1366,7 +1366,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
*/ */
if( ssl->handshake->resume == 0 || n == 0 || if( ssl->handshake->resume == 0 || n == 0 ||
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
ssl->renegotiation != SSL_INITIAL_HANDSHAKE || ssl->renego_status != SSL_INITIAL_HANDSHAKE ||
#endif #endif
ssl->session_negotiate->ciphersuite != i || ssl->session_negotiate->ciphersuite != i ||
ssl->session_negotiate->compression != comp || ssl->session_negotiate->compression != comp ||
@ -1581,21 +1581,21 @@ static int ssl_parse_server_hello( ssl_context *ssl )
handshake_failure = 1; handshake_failure = 1;
} }
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && else if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION &&
renegotiation_info_seen == 0 ) renegotiation_info_seen == 0 )
{ {
SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && else if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION )
{ {
SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && else if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
renegotiation_info_seen == 1 ) renegotiation_info_seen == 1 )
{ {

32
library/ssl_srv.c
View file

@ -460,7 +460,7 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
int ret; int ret;
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != SSL_INITIAL_HANDSHAKE )
{ {
/* Check verify-data in constant-time. The length OTOH is no secret */ /* Check verify-data in constant-time. The length OTOH is no secret */
if( len != 1 + ssl->verify_data_len || if( len != 1 + ssl->verify_data_len ||
@ -733,7 +733,7 @@ static int ssl_parse_session_ticket_ext( ssl_context *ssl,
return( 0 ); return( 0 );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != SSL_INITIAL_HANDSHAKE )
{ {
SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) ); SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) );
return( 0 ); return( 0 );
@ -1042,7 +1042,7 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != SSL_INITIAL_HANDSHAKE )
{ {
SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) );
@ -1189,7 +1189,7 @@ static int ssl_parse_client_hello_v2( ssl_context *ssl )
{ {
SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV " SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV "
"during renegotiation" ) ); "during renegotiation" ) );
@ -1329,7 +1329,7 @@ read_record_header:
* ClientHello, which doesn't use the same record layer format. * ClientHello, which doesn't use the same record layer format.
*/ */
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status == SSL_INITIAL_HANDSHAKE )
#endif #endif
{ {
if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 ) if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 )
@ -1392,7 +1392,7 @@ read_record_header:
#if defined(POLARSSL_SSL_PROTO_DTLS) #if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM if( ssl->transport == SSL_TRANSPORT_DATAGRAM
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
&& ssl->renegotiation == SSL_INITIAL_HANDSHAKE && ssl->renego_status == SSL_INITIAL_HANDSHAKE
#endif #endif
) )
{ {
@ -1423,7 +1423,7 @@ read_record_header:
msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1]; msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != SSL_INITIAL_HANDSHAKE )
{ {
/* Set by ssl_read_record() */ /* Set by ssl_read_record() */
msg_len = ssl->in_hslen; msg_len = ssl->in_hslen;
@ -1499,7 +1499,7 @@ read_record_header:
* check sequence number on renego. * check sequence number on renego.
*/ */
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
/* This couldn't be done in ssl_prepare_handshake_record() */ /* This couldn't be done in ssl_prepare_handshake_record() */
unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) | unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
@ -1648,7 +1648,7 @@ read_record_header:
#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) #if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
if( ssl->f_cookie_check != NULL if( ssl->f_cookie_check != NULL
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
&& ssl->renegotiation == SSL_INITIAL_HANDSHAKE && ssl->renego_status == SSL_INITIAL_HANDSHAKE
#endif #endif
) )
{ {
@ -1808,7 +1808,7 @@ read_record_header:
case TLS_EXT_SIG_ALG: case TLS_EXT_SIG_ALG:
SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
break; break;
#endif #endif
@ -1945,7 +1945,7 @@ read_record_header:
{ {
SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) ); SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) );
@ -1970,21 +1970,21 @@ read_record_header:
handshake_failure = 1; handshake_failure = 1;
} }
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && else if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION &&
renegotiation_info_seen == 0 ) renegotiation_info_seen == 0 )
{ {
SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && else if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION )
{ {
SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
handshake_failure = 1; handshake_failure = 1;
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && else if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION &&
renegotiation_info_seen == 1 ) renegotiation_info_seen == 1 )
{ {
@ -2205,7 +2205,7 @@ static void ssl_write_renegotiation_ext( ssl_context *ssl,
*p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO ) & 0xFF );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) if( ssl->renego_status != SSL_INITIAL_HANDSHAKE )
{ {
*p++ = 0x00; *p++ = 0x00;
*p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF;
@ -2461,7 +2461,7 @@ static int ssl_write_server_hello( ssl_context *ssl )
*/ */
if( ssl->handshake->resume == 0 && if( ssl->handshake->resume == 0 &&
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
ssl->renegotiation == SSL_INITIAL_HANDSHAKE && ssl->renego_status == SSL_INITIAL_HANDSHAKE &&
#endif #endif
ssl->session_negotiate->length != 0 && ssl->session_negotiate->length != 0 &&
ssl->f_get_cache != NULL && ssl->f_get_cache != NULL &&

28
library/ssl_tls.c
View file

@ -2258,7 +2258,7 @@ int ssl_fetch_input( ssl_context *ssl, size_t nb_want )
} }
#if defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_SSL_RENEGOTIATION)
else if( ssl->endpoint == SSL_IS_SERVER && else if( ssl->endpoint == SSL_IS_SERVER &&
ssl->renegotiation == SSL_RENEGOTIATION_PENDING ) ssl->renego_status == SSL_RENEGOTIATION_PENDING )
{ {
if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 )
{ {
@ -3207,7 +3207,7 @@ static int ssl_parse_record_header( ssl_context *ssl )
if( ssl->in_msgtype == SSL_MSG_APPLICATION_DATA && if( ssl->in_msgtype == SSL_MSG_APPLICATION_DATA &&
ssl->state != SSL_HANDSHAKE_OVER ssl->state != SSL_HANDSHAKE_OVER
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
&& ! ( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS && && ! ( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS &&
ssl->state == SSL_SERVER_HELLO ) ssl->state == SSL_SERVER_HELLO )
#endif #endif
) )
@ -3945,7 +3945,7 @@ int ssl_parse_certificate( ssl_context *ssl )
*/ */
#if defined(POLARSSL_SSL_RENEGOTIATION) && defined(POLARSSL_SSL_CLI_C) #if defined(POLARSSL_SSL_RENEGOTIATION) && defined(POLARSSL_SSL_CLI_C)
if( ssl->endpoint == SSL_IS_CLIENT && if( ssl->endpoint == SSL_IS_CLIENT &&
ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
if( ssl->session->peer_cert == NULL ) if( ssl->session->peer_cert == NULL )
{ {
@ -4490,9 +4490,9 @@ void ssl_handshake_wrapup( ssl_context *ssl )
SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->renegotiation == SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status == SSL_RENEGOTIATION_IN_PROGRESS )
{ {
ssl->renegotiation = SSL_RENEGOTIATION_DONE; ssl->renego_status = SSL_RENEGOTIATION_DONE;
ssl->renego_records_seen = 0; ssl->renego_records_seen = 0;
} }
#endif #endif
@ -4990,7 +4990,7 @@ int ssl_session_reset( ssl_context *ssl )
ssl->state = SSL_HELLO_REQUEST; ssl->state = SSL_HELLO_REQUEST;
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
ssl->renegotiation = SSL_INITIAL_HANDSHAKE; ssl->renego_status = SSL_INITIAL_HANDSHAKE;
ssl->renego_records_seen = 0; ssl->renego_records_seen = 0;
ssl->verify_data_len = 0; ssl->verify_data_len = 0;
@ -5972,7 +5972,7 @@ static int ssl_start_renegotiation( ssl_context *ssl )
* the ServerHello will have message_seq = 1" */ * the ServerHello will have message_seq = 1" */
#if defined(POLARSSL_SSL_PROTO_DTLS) #if defined(POLARSSL_SSL_PROTO_DTLS)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM && if( ssl->transport == SSL_TRANSPORT_DATAGRAM &&
ssl->renegotiation == SSL_RENEGOTIATION_PENDING ) ssl->renego_status == SSL_RENEGOTIATION_PENDING )
{ {
if( ssl->endpoint == SSL_IS_SERVER ) if( ssl->endpoint == SSL_IS_SERVER )
ssl->handshake->out_msg_seq = 1; ssl->handshake->out_msg_seq = 1;
@ -5982,7 +5982,7 @@ static int ssl_start_renegotiation( ssl_context *ssl )
#endif #endif
ssl->state = SSL_HELLO_REQUEST; ssl->state = SSL_HELLO_REQUEST;
ssl->renegotiation = SSL_RENEGOTIATION_IN_PROGRESS; ssl->renego_status = SSL_RENEGOTIATION_IN_PROGRESS;
if( ( ret = ssl_handshake( ssl ) ) != 0 ) if( ( ret = ssl_handshake( ssl ) ) != 0 )
{ {
@ -6010,7 +6010,7 @@ int ssl_renegotiate( ssl_context *ssl )
if( ssl->state != SSL_HANDSHAKE_OVER ) if( ssl->state != SSL_HANDSHAKE_OVER )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
ssl->renegotiation = SSL_RENEGOTIATION_PENDING; ssl->renego_status = SSL_RENEGOTIATION_PENDING;
/* Did we already try/start sending HelloRequest? */ /* Did we already try/start sending HelloRequest? */
if( ssl->out_left != 0 ) if( ssl->out_left != 0 )
@ -6025,7 +6025,7 @@ int ssl_renegotiate( ssl_context *ssl )
* On client, either start the renegotiation process or, * On client, either start the renegotiation process or,
* if already in progress, continue the handshake * if already in progress, continue the handshake
*/ */
if( ssl->renegotiation != SSL_RENEGOTIATION_IN_PROGRESS ) if( ssl->renego_status != SSL_RENEGOTIATION_IN_PROGRESS )
{ {
if( ssl->state != SSL_HANDSHAKE_OVER ) if( ssl->state != SSL_HANDSHAKE_OVER )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
@ -6055,7 +6055,7 @@ int ssl_renegotiate( ssl_context *ssl )
static int ssl_check_ctr_renegotiate( ssl_context *ssl ) static int ssl_check_ctr_renegotiate( ssl_context *ssl )
{ {
if( ssl->state != SSL_HANDSHAKE_OVER || if( ssl->state != SSL_HANDSHAKE_OVER ||
ssl->renegotiation == SSL_RENEGOTIATION_PENDING || ssl->renego_status == SSL_RENEGOTIATION_PENDING ||
ssl->disable_renegotiation == SSL_RENEGOTIATION_DISABLED ) ssl->disable_renegotiation == SSL_RENEGOTIATION_DISABLED )
{ {
return( 0 ); return( 0 );
@ -6234,7 +6234,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
if( ssl->transport == SSL_TRANSPORT_DATAGRAM && if( ssl->transport == SSL_TRANSPORT_DATAGRAM &&
ssl->endpoint == SSL_IS_CLIENT ) ssl->endpoint == SSL_IS_CLIENT )
{ {
ssl->renegotiation = SSL_RENEGOTIATION_PENDING; ssl->renego_status = SSL_RENEGOTIATION_PENDING;
} }
#endif #endif
ret = ssl_start_renegotiation( ssl ); ret = ssl_start_renegotiation( ssl );
@ -6254,7 +6254,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
if( ! record_read ) if( ! record_read )
return( POLARSSL_ERR_NET_WANT_READ ); return( POLARSSL_ERR_NET_WANT_READ );
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING ) else if( ssl->renego_status == SSL_RENEGOTIATION_PENDING )
{ {
if( ssl->renego_max_records >= 0 ) if( ssl->renego_max_records >= 0 )
@ -6295,7 +6295,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
* again if ssl_write_hello_request() returns WANT_WRITE */ * again if ssl_write_hello_request() returns WANT_WRITE */
#if defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_SRV_C) && defined(POLARSSL_SSL_RENEGOTIATION)
if( ssl->endpoint == SSL_IS_SERVER && if( ssl->endpoint == SSL_IS_SERVER &&
ssl->renegotiation == SSL_RENEGOTIATION_PENDING ) ssl->renego_status == SSL_RENEGOTIATION_PENDING )
{ {
if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 ) if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 )
{ {