Improve code readability
+micro optimization
+style
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index bae5348..a6b8f1b 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -873,6 +873,7 @@
#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
#define MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH 255
+#define MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH 4
/*
* For code readability use a typedef for DTLS-SRTP profiles
* The supported profiles are defines as macro above:
@@ -3185,7 +3186,7 @@
#if defined(MBEDTLS_SSL_DTLS_SRTP)
#if defined(MBEDTLS_DEBUG_C)
-static inline const char *mbedtls_ssl_get_srtp_profile_as_string ( mbedtls_ssl_srtp_profile profile )
+static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile )
{
switch( profile )
{
@@ -3229,6 +3230,8 @@
* for later reference as required, so the lifetime
* of the table must be at least as long as the lifetime
* of the SSL configuration structure.
+ * The list must not hold more than
+ * MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH elements
*
* \return 0 on success
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 0eaeefa..b3cfc97 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -800,8 +800,14 @@
*p++ = (unsigned char)( ext_len & 0xFF );
/* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
- *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
- >> 8 ) & 0xFF );
+ /* micro-optimization:
+ * the list size is limited to MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH
+ * which is lower than 127, so the upper byte of the length is always 0
+ * For the documentation, the more generic code is left in comments
+ * *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
+ * >> 8 ) & 0xFF );
+ */
+ *p++ = 0;
*p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
& 0xFF );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7c06c3b..18a149f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4723,7 +4723,7 @@
/* check the profiles list: all entry must be valid,
* its size cannot be more than the total number of supported profiles, currently 4 */
- for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && list_size < 5; p++ )
+ for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH; p++ )
{
switch( *p )
{
@@ -4734,11 +4734,11 @@
list_size++;
break;
default: /* unsupported value, stop parsing and set the size to an error value */
- list_size = 5;
+ list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH+1;
}
}
- if ( list_size > 4 ) {
+ if ( list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH ) {
conf->dtls_srtp_profile_list = NULL;
conf->dtls_srtp_profile_list_len = 0;
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );