Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-22 05:46:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Don't select a PSK ciphersuite if no key available

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-10-27 14:47:25 +01:00 committed by Paul Bakker
parent 18dc0e2746
commit 21ef42f257
3 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
library/ssl_srv.c
View file

@ -1394,6 +1394,16 @@ static int ssl_parse_client_hello( ssl_context *ssl )
continue;
#endif
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
/* If the ciphersuite requires a pre-shared key and we don't
* have one, skip it now rather than failing later */
if( ssl_ciphersuite_uses_psk( ciphersuite_info ) &&
ssl->f_psk == NULL &&
( ssl->psk == NULL || ssl->psk_identity == NULL ||
ssl->psk_identity_len == 0 || ssl->psk_len == 0 ) )
continue;
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
/*
* Final check: if ciphersuite requires us to have a