commit 394ece6cdd71d06e2186024769170588bb342ac8
author Jerry Yu <jerry.h.yu@arm.com> Tue Sep 14 22:17:21 2021 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Mon Sep 27 16:25:38 2021 +0800
tree 59e7196c3faa14b8bdb63058c1dee1b62508f1e0
parent 33cedca8aa9d6fb8dc0c0107de38911f3cfd21c8

Add function for set pending alert flag

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

include/mbedtls/ssl.h

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 18142a8..822205e 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1527,10 +1527,7 @@
                                      on next call to record layer? */
 
     /* The following three variables indicate if and, if yes,
-     * what kind of alert or warning is pending to be sent.
-     * They should not be set manually but through the macro
-     * MBEDTLS_SSL_PEND_FATAL_ALERT( type, user_return_value )
-     * defined below.
+     * what kind of alert is pending to be sent.
      */
     unsigned char MBEDTLS_PRIVATE(send_alert);   /*!< Determines if a fatal alert
                                                 should be sent. Values:
@@ -1640,14 +1637,6 @@
 #endif
 };
 
-#define MBEDTLS_SSL_PEND_FATAL_ALERT( type, user_return_value )         \
-    do                                                                  \
-    {                                                                   \
-        ssl->send_alert = 1;                                            \
-        ssl->alert_reason = (user_return_value);                        \
-        ssl->alert_type = (type);                                       \
-    } while( 0 )
-
 /**
  * \brief               Return the name of the ciphersuite associated with the
  *                      given ID

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 8b26983..5be5b03 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1343,10 +1343,22 @@
 int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );
 
 /*
- * Send pending fatal alerts or warnings.
+ * Send pending alert
  */
 int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl );
 
+/*
+ * Set pending fatal alert flag.
+ */
+void mbedtls_ssl_pend_fatal_alert( mbedtls_ssl_context *ssl,
+                                   unsigned char alert_type,
+                                   int alert_reason );
+
+/* Alias of mbedtls_ssl_pend_fatal_alert */
+#define MBEDTLS_SSL_PEND_FATAL_ALERT( type, user_return_value )         \
+            mbedtls_ssl_pend_fatal_alert( ssl, type, user_return_value )
+
+
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
 void mbedtls_ssl_dtls_replay_reset( mbedtls_ssl_context *ssl );
 #endif

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 3144d98..9230bcd 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5649,16 +5649,28 @@
     /* Send alert if requested */
     if( ssl->send_alert != 0 )
     {
+        /* Clear send_alert to avoid infinite loop */
+        ssl->send_alert = 0;
+
         ret = mbedtls_ssl_send_alert_message( ssl,
                                  MBEDTLS_SSL_ALERT_LEVEL_FATAL,
                                  ssl->alert_type );
         if( ret != 0 )
             return( ret );
     }
-
-    ssl->send_alert = 0;
-    ssl->alert_type = 0;
     return( 0 );
 }
 
+/*
+ * Set pending fatal alert flag.
+ */
+void mbedtls_ssl_pend_fatal_alert( mbedtls_ssl_context *ssl,
+                                   unsigned char alert_type,
+                                   int alert_reason )
+{
+    ssl->send_alert = 1;
+    ssl->alert_type = alert_type;
+    ssl->alert_reason = alert_reason;
+}
+
 #endif /* MBEDTLS_SSL_TLS_C */