commit 44051f6376a86e85d790d5214543a288d704f5be
author Xiaokang Qian <xiaokang.qian@arm.com> Thu Feb 02 06:57:26 2023 +0000
committer Xiaokang Qian <xiaokang.qian@arm.com> Wed Feb 08 05:47:48 2023 +0000
tree c10073349a2a61dbd5c8509c33b081895c9b6766
parent 7892b6caada80328e1588555e22c7f277ab2dca6

Refine the state change after write client hello

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>

library/ssl_client.c

diff --git a/library/ssl_client.c b/library/ssl_client.c
index 2ad69f9..d407520 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -963,17 +963,18 @@
                                                               buf_len,
                                                               msg_len));
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
-        if (mbedtls_ssl_conf_is_tls12_only(ssl->conf)) {
-            mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);
-        } else
-#endif
-        {
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-            mbedtls_ssl_tls13_finalize_write_client_hello(ssl);
-#endif
-        }
+        /*
+         * Set next state. Note that if TLS 1.3 is proposed, this may be
+         * overwritten by mbedtls_ssl_tls13_finalize_write_client_hello().
+         */
+        mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO);
 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+        if (ssl->handshake->min_tls_version <=  MBEDTLS_SSL_VERSION_TLS1_3 &&
+            MBEDTLS_SSL_VERSION_TLS1_3 <= ssl->tls_version) {
+            ret = mbedtls_ssl_tls13_finalize_write_client_hello(ssl);
+        }
+#endif
     }
 
 cleanup: