Document behaviour of mbedtls_ssl_get_peer_cid() for empty CIDs

commit: c5f2422116e384e0df35b6872d14ce559199f815 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Fri May 03 12:54:52 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon Jun 03 14:43:16 2019 +0100
tree: 07426c8e4fdeaeebc0965000fb05bdba3f5f5401
parent: 5a29990367a863c0879efbfdf63ab9e286cef8fe [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a0f9584..5cb15f5 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -165,11 +165,10 @@
     if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
-    /* What shall we report if we have exchanged if both client
-     * and server have used the CID extension, but negotiated
-     * empty CIDs? This is indistinguishable from not using the
-     * CID extension in the first place, and we're reporting
-     * MBEDTLS_SSL_CID_DISABLED in this case. */
+    /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions
+     * were used, but client and server requested the empty CID.
+     * This is indistinguishable from not using the CID extension
+     * in the first place. */
     if( ssl->transform_in->in_cid_len  == 0 &&
         ssl->transform_in->out_cid_len == 0 )
     {
commit	c5f2422116e384e0df35b6872d14ce559199f815	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Fri May 03 12:54:52 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon Jun 03 14:43:16 2019 +0100
tree	07426c8e4fdeaeebc0965000fb05bdba3f5f5401
parent	5a29990367a863c0879efbfdf63ab9e286cef8fe [diff] [blame]