tls13: client: Improve CCS handling Call unconditionally the CCS writing function when sending a CCS may be necessary in the course of an handshake. Enforce in the writing function and only in the writing function that only one CCS is sent. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: e273f7203dfa7d6533ed868a02a4a8ae73138a66 [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Tue Feb 13 18:22:26 2024 +0100
committer: Ronald Cron <ronald.cron@arm.com> Wed Feb 14 10:24:00 2024 +0100
tree: 90291dc347f1e97fb61182868285cc89504900c1
parent: b3d42fddaee3a2a0051c177ec39494ce24fd028d [diff] [blame]
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 386a754..c6bb770 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c

@@ -1379,6 +1379,12 @@
 
     MBEDTLS_SSL_DEBUG_MSG(2, ("=> write change cipher spec"));
 
+    /* Only one CCS to send. */
+    if (ssl->handshake->ccs_count > 0) {
+        ret = 0;
+        goto cleanup;
+    }
+
     /* Write CCS message */
     MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_change_cipher_spec_body(
                              ssl, ssl->out_msg,
commit	e273f7203dfa7d6533ed868a02a4a8ae73138a66	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Tue Feb 13 18:22:26 2024 +0100
committer	Ronald Cron <ronald.cron@arm.com>	Wed Feb 14 10:24:00 2024 +0100
tree	90291dc347f1e97fb61182868285cc89504900c1
parent	b3d42fddaee3a2a0051c177ec39494ce24fd028d [diff] [blame]