fix various issues
- Add comments for ticket test hooks
- improve code style.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 8bcb0e4..7b8cc6e 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -195,8 +195,9 @@
if (now < session->start) {
MBEDTLS_SSL_DEBUG_MSG(
- 3, ("Invalid ticket start time ( now=%" MBEDTLS_PRINTF_MS_TIME
- ", start=%" MBEDTLS_PRINTF_MS_TIME " )", now, session->start));
+ 3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME
+ ", start = %" MBEDTLS_PRINTF_MS_TIME " )",
+ now, session->start));
goto exit;
}
@@ -213,7 +214,7 @@
*
* For time being, the age MUST be less than 604800 seconds (7 days).
*/
- if (server_age > 604800*1000) {
+ if (server_age > 604800 * 1000) {
MBEDTLS_SSL_DEBUG_MSG(
3, ("Ticket age exceeds limitation ticket_age=%" MBEDTLS_PRINTF_MS_TIME,
server_age));
@@ -238,7 +239,8 @@
if (age_diff < -1000 ||
age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) {
MBEDTLS_SSL_DEBUG_MSG(
- 3, ("Ticket age outside tolerance window ( diff=%" MBEDTLS_PRINTF_MS_TIME ")",
+ 3, ("Ticket age outside tolerance window ( diff = %"
+ MBEDTLS_PRINTF_MS_TIME ")",
age_diff));
goto exit;
}
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index ce53f92..7df30f0 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1416,35 +1416,43 @@
switch (opt.dummy_ticket % 11) {
case 1:
+ /* Callback function return INVALID_MAC */
return MBEDTLS_ERR_SSL_INVALID_MAC;
case 2:
+ /* Callback function return ticket expired */
return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
case 3:
+ /* Built-in check, the start time is in future. */
session->start = mbedtls_ms_time() + 10 * 1000;
break;
case 4:
+ /* Built-in check, ticket expired due to too old. */
session->start = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000;
break;
case 5:
+ /* Built-in check, age outside tolerance window, too young. */
session->start = mbedtls_ms_time() - 10 * 1000;
break;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 6:
+ /* Built-in check, age outside tolerance window, too old. */
session->start = mbedtls_ms_time();
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
session->ticket_age_add -= 1000;
-#endif
break;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 7:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE;
break;
case 8:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
break;
case 9:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
break;
case 10:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
break;
#endif