mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-02 13:04:26 +01:00
Add specific SSL error code for unexpected CIDs
Currently, the stack silently ignores DTLS frames with an unexpected CID. However, in a system which performs CID-based demultiplexing before passing datagrams to the Mbed TLS stack, unexpected CIDs are a sign of something not working properly, and users might want to know about it. This commit introduces an SSL error code MBEDTLS_ERR_SSL_UNEXPECTED_CID which the stack can return in response to an unexpected CID. It will conditionally be put to use in subsequent commits.
This commit is contained in:
parent
7842609e3b
commit
7c3cdb62de
@ -100,8 +100,8 @@
|
|||||||
* ECP 4 10 (Started from top)
|
* ECP 4 10 (Started from top)
|
||||||
* MD 5 5
|
* MD 5 5
|
||||||
* HKDF 5 1 (Started from top)
|
* HKDF 5 1 (Started from top)
|
||||||
* CIPHER 6 8
|
* CIPHER 6 8 (Started from 0x6080)
|
||||||
* SSL 6 23 (Started from top)
|
* SSL 6 24 (Started from top, plus 0x6000)
|
||||||
* SSL 7 32
|
* SSL 7 32
|
||||||
*
|
*
|
||||||
* Module dependent error code (5 bits 0x.00.-0x.F8.)
|
* Module dependent error code (5 bits 0x.00.-0x.F8.)
|
||||||
|
@ -122,6 +122,7 @@
|
|||||||
#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */
|
#define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */
|
||||||
#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */
|
#define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */
|
||||||
#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */
|
#define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */
|
||||||
|
#define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 /**< An encrypted DTLS-frame with an unexpected CID was received. */
|
||||||
#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */
|
#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -523,6 +523,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
|
|||||||
mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" );
|
mbedtls_snprintf( buf, buflen, "SSL - The asynchronous operation is not completed yet" );
|
||||||
if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) )
|
if( use_ret == -(MBEDTLS_ERR_SSL_EARLY_MESSAGE) )
|
||||||
mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" );
|
mbedtls_snprintf( buf, buflen, "SSL - Internal-only message signaling that a message arrived early" );
|
||||||
|
if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_CID) )
|
||||||
|
mbedtls_snprintf( buf, buflen, "SSL - An encrypted DTLS-frame with an unexpected CID was received" );
|
||||||
if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) )
|
if( use_ret == -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) )
|
||||||
mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" );
|
mbedtls_snprintf( buf, buflen, "SSL - A cryptographic operation is in progress. Try again later" );
|
||||||
#endif /* MBEDTLS_SSL_TLS_C */
|
#endif /* MBEDTLS_SSL_TLS_C */
|
||||||
|
Loading…
Reference in New Issue
Block a user