From 189465306db2f33170b1184cfe267c20f81f37ec Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 12 Jan 2023 12:28:09 +0800 Subject: [PATCH] remove MBEDTLS_ERR_SSL_TICKET_INVALID_KEX_MODE error Return MBEDTLS_ERR_ERROR_GENERIC_ERROR when ticket_flags are not compatible with advertised key exchange mode. Signed-off-by: Pengyu Lv --- include/mbedtls/ssl.h | 3 +-- library/ssl_tls13_server.c | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index db2e758c2..661b23ce7 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,8 +96,7 @@ /* Error space gap */ /** Processing of the Certificate handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 -/** No suitable key exchange mode for ticket */ -#define MBEDTLS_ERR_SSL_TICKET_INVALID_KEX_MODE -0x7A80 +/* Error space gap */ /** * Received NewSessionTicket Post Handshake Message. * This error code is experimental and may be changed or removed without notice. diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 654a7da31..16317c076 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -169,7 +169,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * * We regard the ticket with incompatible key exchange modes as not match. */ - ret = MBEDTLS_ERR_SSL_TICKET_INVALID_KEX_MODE; + ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags); if (mbedtls_ssl_tls13_check_kex_modes(ssl,