eden-emu/mbedtls
20
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Check that the peer_authenticated flag

Browse source 
Check that the peer has been authenticated in the end
of the handshake.
This commit is contained in:
Jarno Lamsa 2019-12-19 08:58:56 +02:00
parent ba4730fe4c
commit e1621d4700
4 changed files with 55 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_srv.c
View file

@ -4450,6 +4450,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
return( 0 );
}
@ -4478,6 +4479,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
if( !mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
return( 0 );
}
@ -4506,6 +4508,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
if( peer_pk == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
return( 0 );
}
@ -4851,7 +4854,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl )
break;
case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
mbedtls_ssl_handshake_wrapup( ssl );
ret = mbedtls_ssl_handshake_wrapup( ssl );
break;
case MBEDTLS_SSL_INVALID: