Increase hamming distance for session resume flag This is to prevent glitching a single bit for the resume flag.

commit: 8d09e5744c9641e53f2e0bfec12e3b204676bbf5 [log] [tgz]
author: Jarno Lamsa <jarno.lamsa@arm.com> Thu Dec 19 15:20:19 2019 +0200
committer: Jarno Lamsa <jarno.lamsa@arm.com> Thu Dec 19 17:07:35 2019 +0200
tree: d59279d2b0c5b30e1bb8089b2362a1b144d4622f
parent: 489dccd15863b5bccdc5c8517fa1a91e737c80f4 [diff] [blame]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 08d4fd3..11c6f46 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -868,7 +868,7 @@
      * appropriate length. Otherwise make the length 0 (for now, see next code
      * block for behaviour with tickets).
      */
-    if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == 0 ||
+    if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == MBEDTLS_SSL_FI_FLAG_UNSET ||
         mbedtls_ssl_get_renego_status( ssl ) != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
         ssl->session_negotiate->id_len < 16 ||
         ssl->session_negotiate->id_len > 32 )
@@ -1832,11 +1832,11 @@
         ssl->session_negotiate->id_len != n ||
         mbedtls_platform_memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 )
     {
-        ssl->handshake->resume = 0;
+        ssl->handshake->resume = MBEDTLS_SSL_FI_FLAG_UNSET;
     }
 #endif /* !MBEDTLS_SSL_NO_SESSION_RESUMPTION */
 
-    if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == 1 )
+    if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == MBEDTLS_SSL_FI_FLAG_SET )
     {
         /* Resume a session */
         ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
commit	8d09e5744c9641e53f2e0bfec12e3b204676bbf5	[log] [tgz]
author	Jarno Lamsa <jarno.lamsa@arm.com>	Thu Dec 19 15:20:19 2019 +0200
committer	Jarno Lamsa <jarno.lamsa@arm.com>	Thu Dec 19 17:07:35 2019 +0200
tree	d59279d2b0c5b30e1bb8089b2362a1b144d4622f
parent	489dccd15863b5bccdc5c8517fa1a91e737c80f4 [diff] [blame]