TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b82350b25f124baef80a28804d8c72fbab438386^! / .
commitb82350b25f124baef80a28804d8c72fbab438386[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Fri Jul 26 07:24:05 2019 +0100
committerHanno Becker <hanno.becker@arm.com>Fri Jul 26 07:25:02 2019 +0100
tree427d9f7472cde52040cec6929d23097553318743
parent50d53212efa100ff52a56dab8ebc4428b592ab85 [diff]
Introduce helper function to send pending fatal alerts

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index a86ec12..c8d6d10 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -1733,11 +1733,12 @@
 /* This internal function can be used to pend a fatal alert for
  * later delivery.
  *
- * The check for pending alerts must be done manually. Currently,
- * it happens only during the handshake loop.
+ * The check for pending alerts must be done by calling
+ * the (static internal) function ssl_send_pending_fatal_alert().
+ * Currently, it happens only during the handshake loop.
  *
  * This function must not be called multiple times without
- * manually inspecting and clearing ssl->pending_fatal_alert_msg in between.
+ * sending the pending fatal alerts in between.
  */
 MBEDTLS_ALWAYS_INLINE static inline void mbedtls_ssl_pend_fatal_alert(
     mbedtls_ssl_context *ssl,

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2927974..601f81f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -75,6 +75,17 @@
 #endif
 }
 
+static void ssl_send_pending_fatal_alert( mbedtls_ssl_context *ssl )
+{
+    if( ssl->pending_fatal_alert_msg == MBEDTLS_SSL_ALERT_MSG_NONE )
+        return;
+
+    mbedtls_ssl_send_alert_message( ssl,
+                                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                    ssl->pending_fatal_alert_msg );
+    ssl->pending_fatal_alert_msg = MBEDTLS_SSL_ALERT_MSG_NONE;
+}
+
 /*
  * Start a timer.
  * Passing millisecs = 0 cancels a running timer.
@@ -9828,13 +9839,7 @@
         ret = mbedtls_ssl_handshake_server_step( ssl );
 #endif
 
-    if( ssl->pending_fatal_alert_msg != MBEDTLS_SSL_ALERT_MSG_NONE )
-    {
-        mbedtls_ssl_send_alert_message( ssl,
-                                        MBEDTLS_SSL_ALERT_LEVEL_FATAL,
-                                        ssl->pending_fatal_alert_msg );
-        ssl->pending_fatal_alert_msg   = MBEDTLS_SSL_ALERT_MSG_NONE;
-    }
+    ssl_send_pending_fatal_alert( ssl );
     return( ret );
 }