Improve getter for renegotiation enabled
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 5786f65..0991926 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -1243,14 +1243,15 @@
#endif
}
-static inline int mbedtls_ssl_conf_get_disable_renego(
+static inline int mbedtls_ssl_conf_is_renegotiation_enabled(
const mbedtls_ssl_config *conf )
{
#if defined(MBEDTLS_SSL_RENEGOTIATION)
- return( conf->disable_renegotiation );
+ return( conf->disable_renegotiation ==
+ MBEDTLS_SSL_RENEGOTIATION_ENABLED );
#else
(void) conf;
- return( MBEDTLS_SSL_RENEGOTIATION_DISABLED );
+ return( 0 );
#endif
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 42ccb78..d43912d 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -10030,7 +10030,7 @@
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
- ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
+ ! mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
{
return( 0 );
}
@@ -10855,8 +10855,7 @@
/* ... with an AEAD ciphersuite. */
mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 ||
/* Renegotation is disabled. */
- mbedtls_ssl_conf_get_disable_renego( ssl->conf )
- != MBEDTLS_SSL_RENEGOTIATION_DISABLED )
+ mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
@@ -11079,8 +11078,7 @@
MBEDTLS_SSL_MINOR_VERSION_3 ||
mbedtls_ssl_conf_get_min_minor_ver( ssl->conf ) >
MBEDTLS_SSL_MINOR_VERSION_3 ||
- mbedtls_ssl_conf_get_disable_renego( ssl->conf )
- != MBEDTLS_SSL_RENEGOTIATION_DISABLED )
+ mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}