From 8840888fbc0ccb3b29b1e5769a59fe9150c46ce0 Mon Sep 17 00:00:00 2001 From: XiaokangQian Date: Sat, 2 Apr 2022 10:15:03 +0000 Subject: [PATCH] Fix some CI issues Change-Id: I68ee024f29b7b8dd586f2c45e91950657e76bad8 Signed-off-by: XiaokangQian --- library/ssl_tls13_generic.c | 14 +++++++++----- library/ssl_tls13_server.c | 17 ++++++----------- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index bc992c913e..18a66ecb8b 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1515,6 +1515,7 @@ int mbedtls_ssl_reset_transcript_for_hrr( mbedtls_ssl_context *ssl ) #define ECDH_VALIDATE_RET( cond ) \ MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA ) +#if !defined(MBEDTLS_ECDH_LEGACY_CONTEXT) static int ecdh_import_public_raw( mbedtls_ecdh_context_mbed *ctx, const unsigned char *buf, const unsigned char *end ) @@ -1522,6 +1523,7 @@ static int ecdh_import_public_raw( mbedtls_ecdh_context_mbed *ctx, return( mbedtls_ecp_point_read_binary( &ctx->grp, &ctx->Qp, buf, end - buf ) ); } +#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) static int everest_import_public_raw( mbedtls_x25519_context *ctx, @@ -1543,24 +1545,26 @@ int mbedtls_ecdh_import_public_raw( mbedtls_ecdh_context *ctx, ECDH_VALIDATE_RET( ctx != NULL ); ECDH_VALIDATE_RET( buf != NULL ); ECDH_VALIDATE_RET( end != NULL ); - #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - return( ecdh_import_public_raw( ctx, buf, end ) ); + ((void) ctx); + ((void) buf); + ((void) end); + return ( 0 ); #else switch( ctx->var ) { #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) case MBEDTLS_ECDH_VARIANT_EVEREST: - return( everest_import_public_raw( &ctx->ctx.everest_ecdh, + return( everest_import_public_raw( &ctx->ctx.everest_ecdh.ctx, buf, end) ); -#endif +#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ case MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0: return( ecdh_import_public_raw( &ctx->ctx.mbed_ecdh, buf, end ) ); default: return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } -#endif +#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ } #endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 847f12d969..934737a853 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -147,7 +147,7 @@ static int mbedtls_ssl_tls13_parse_supported_groups_ext( * not observe handshake->curves already being allocated. */ if( ssl->handshake->curves != NULL ) { - mbedtls_free( ssl->handshake->curves ); + //mbedtls_free( ssl->handshake->curves ); ssl->handshake->curves = NULL; } @@ -189,7 +189,7 @@ static int mbedtls_ssl_tls13_parse_supported_groups_ext( } #endif /* MBEDTLS_ECDH_C || ( MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if defined(MBEDTLS_ECDH_C) /* * ssl_tls13_parse_key_shares_ext() verifies whether the information in the * extension is correct and stores the provided key shares. Whether this is an @@ -242,7 +242,6 @@ static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl, { uint16_t their_group; mbedtls_ecp_group_id their_curve; - mbedtls_ecp_curve_info const *their_curve_info; unsigned char const *end_of_share; /* @@ -307,8 +306,7 @@ static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl, * - Apply further curve checks */ - their_curve_info = mbedtls_ecp_curve_info_from_grp_id( their_curve ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", their_curve_info->name ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %ud", their_curve ) ); ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx, their_curve ); if( ret != 0 ) @@ -335,7 +333,7 @@ static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl, } return( 0 ); } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C */ #if defined(MBEDTLS_SSL_COOKIE_C) static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl, @@ -345,7 +343,6 @@ static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl, int ret = 0; size_t cookie_len; unsigned char const *p = buf; - mbedtls_ssl_handshake_params *handshake = ssl->handshake; MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse cookie extension" ) ); @@ -364,13 +361,11 @@ static int ssl_tls13_parse_cookie_ext( mbedtls_ssl_context *ssl, ssl->cli_id_len ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) ); - handshake->verify_cookie_len = 1; ret = MBEDTLS_ERR_SSL_HRR_REQUIRED; } else { MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) ); - handshake->verify_cookie_len = 0; } } else @@ -722,7 +717,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context *ssl, break; #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ -#if ( defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) ) +#if defined(MBEDTLS_ECDH_C) case MBEDTLS_TLS_EXT_KEY_SHARE: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key share extension" ) ); @@ -745,7 +740,7 @@ static int ssl_client_hello_parse( mbedtls_ssl_context *ssl, ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_KEY_SHARE; break; -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ +#endif /* MBEDTLS_ECDH_C */ case MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported versions extension" ) );