commit 69a3e417d8e758256b3a0e3f2d492190c8fccbfb
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jul 29 12:28:52 2019 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jul 29 12:32:02 2019 +0200
tree f38a69632f19970631a588832b5923537028e5b8
parent 18332c5c6cdd654e92a11a8d2dc20349c0cf3e71

Improve reability and debugability of large if

Breaking into a series of statements makes things easier when stepping through
the code in a debugger.

Previous comments we stating the opposite or what the code tested for (what we
want vs what we're erroring out on) which was confusing.

Also expand a bit on the reasons for these restrictions.

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index d43912d..9962278 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -10837,28 +10837,40 @@
     int ret = 0;
 
     /*
-     * Enforce current usage restrictions
+     * Enforce usage restrictions, see "return BAD_INPUT_DATA" in
+     * this function's documentation.
+     *
+     * These are due to assumptions/limitations in the implementation. Some of
+     * them are likely to stay (no handshake in progress) some might go away
+     * (only DTLS) but are currently used to simplify the implementation.
      */
-    if( /* The initial handshake is over ... */
-        ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
-        ssl->handshake != NULL ||
-        /* ... and the various sub-structures are indeed ready. */
-        ssl->transform == NULL ||
-        ssl->session == NULL ||
-        /* There is no pending incoming or outgoing data ... */
-        mbedtls_ssl_check_pending( ssl ) != 0 ||
-        ssl->out_left != 0 ||
-        /* We're using DTLS 1.2 ... */
-        MBEDTLS_SSL_TRANSPORT_IS_TLS( ssl->conf->transport ) ||
-        mbedtls_ssl_get_major_ver( ssl ) != MBEDTLS_SSL_MAJOR_VERSION_3 ||
-        mbedtls_ssl_get_minor_ver( ssl ) != MBEDTLS_SSL_MINOR_VERSION_3 ||
-        /* ... with an AEAD ciphersuite. */
-        mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 ||
-        /* Renegotation is disabled. */
-        mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
-    {
+    /* The initial handshake must be over */
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
+    if( ssl->handshake != NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    /* Double-check that sub-structures are indeed ready */
+    if( ssl->transform == NULL || ssl->session == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    /* There must be no pending incoming or outgoing data */
+    if( mbedtls_ssl_check_pending( ssl ) != 0 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    if( ssl->out_left != 0 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    /* Protocol must be DLTS, not TLS */
+    if( MBEDTLS_SSL_TRANSPORT_IS_TLS( ssl->conf->transport ) )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    /* Version must be 1.2 */
+    if( mbedtls_ssl_get_major_ver( ssl ) != MBEDTLS_SSL_MAJOR_VERSION_3 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    if( mbedtls_ssl_get_minor_ver( ssl ) != MBEDTLS_SSL_MINOR_VERSION_3 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    /* We must be using an AEAD ciphersuite */
+    if( mbedtls_ssl_transform_uses_aead( ssl->transform ) != 1 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    /* Renegotiation must not be enabled */
+    if( mbedtls_ssl_conf_is_renegotiation_enabled( ssl->conf ) )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
     /*
      * Version and format identifier