move client_auth to handshake
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index e411b70..825034a 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -3137,12 +3137,13 @@
}
ssl->state++;
- ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST );
+ ssl->handshake->client_auth =
+ ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request",
- ssl->client_auth ? "a" : "no" ) );
+ ssl->handshake->client_auth ? "a" : "no" ) );
- if( ssl->client_auth == 0 )
+ if( ssl->handshake->client_auth == 0 )
{
/* Current message is probably the ServerHelloDone */
ssl->keep_current_message = 1;
@@ -3794,7 +3795,8 @@
return( 0 );
}
- if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL )
+ if( ssl->handshake->client_auth == 0 ||
+ mbedtls_ssl_own_cert( ssl ) == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
ssl->state++;
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 0c43c79..a8a7119 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -768,6 +768,12 @@
* but can be overwritten by the HRR. */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
+#if defined(MBEDTLS_SSL_CLI_C)
+ int client_auth; /*!< used to check if CertificateRequest is received
+ from server side. If CertificateReqeust is
+ received, Certificate and CertificateVerify
+ should be sent to server */
+#endif /* MBEDTLS_SSL_CLI_C */
/*
* State-local variables used during the processing
* of a specific handshake state.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f261a6a..87fa395 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1701,7 +1701,7 @@
#if defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
- if( ssl->client_auth == 0 )
+ if( ssl->handshake->client_auth == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
ssl->state++;