Add error condition for bad user configurations

This commit adds an error condition for bad user configurations and updates the number of SSL module errors in error.h. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-11-23 00:25:39 +01:00 · 2017-04-12 14:54:42 +01:00 · 2017-04-12 14:54:42 +01:00 · d8562b5e46
commit d8562b5e46
parent 0e8dc48cff
3 changed files with 4 additions and 0 deletions
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@ -94,6 +94,7 @@
 * RSA       4   11
 * ECP       4   9 (Started from top)
 * MD        5   5
+ * SSL       5   1 (Started from 0x5E80)
 * CIPHER    6   8
 * SSL       6   17 (Started from top)
 * SSL       7   31
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -110,6 +110,7 @@
 #define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD                 -0x6700  /**< Record header looks valid but is not expected. */
 #define MBEDTLS_ERR_SSL_NON_FATAL                         -0x6680  /**< The alert message received indicates a non-fatal error. */
 #define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH               -0x6600  /**< Couldn't set the hash for verifying CertificateVerify */
+#define MBEDTLS_ERR_SSL_BAD_CONFIG                        -0x5E80  /**< Invalid value in SSL config */

 /*
 * Various constants
--- a/library/error.c
+++ b/library/error.c
@ -495,6 +495,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
            mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" );
        if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) )
            mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_CONFIG) )
+            mbedtls_snprintf( buf, buflen, "SSL - Invalid value in SSL config" );
 #endif /* MBEDTLS_SSL_TLS_C */

 #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)