eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Continue check next psk key when binder mismatch

Browse source 
with matched identity and mismatch binder, should check next psk key.
Exit with error will break multi-psk cases.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-07-30 13:45:24 +08:00
parent 32e1370fbc
commit f0bad2554a
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_tls13_server.c
View file

@ -298,7 +298,7 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
ret = ssl_tls13_offered_psks_check_binder_match( ret = ssl_tls13_offered_psks_check_binder_match(
ssl, binder, binder_len, &alg ); ssl, binder, binder_len, &alg );
if( ret != SSL_TLS1_3_OFFERED_PSK_MATCH ) if( ret < 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 1, MBEDTLS_SSL_DEBUG_RET( 1,
"ssl_tls13_offered_psks_check_binder_match" , ret ); "ssl_tls13_offered_psks_check_binder_match" , ret );
@ -308,6 +308,9 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
return( ret ); return( ret );
} }
if( ret != SSL_TLS1_3_OFFERED_PSK_MATCH )
continue;
matched_identity = identity_id; matched_identity = identity_id;
*psk_alg = alg; *psk_alg = alg;
} }