commit e910ac862788c57fe4aff0e8fcccd27a1bd5369c
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Aug 14 12:52:59 2024 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Aug 20 22:03:10 2024 +0200
tree 18956edbeb202eb265c9c3aaa7e55e1f0e7c2ccb
parent 523a7e4aaf45ee13aaf4181b23c8f6b4b2a584c1

Improve a variable's name

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index f883a22..6ea5e01 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -629,7 +629,7 @@
 static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
 {
     int ret = 0;
-    int have_ca_chain = 0;
+    int have_ca_chain_or_callback = 0;
     uint32_t verify_result = 0;
 
     /* Authmode: precedence order is SNI if used else configuration */
@@ -700,7 +700,7 @@
      */
 #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK)
     if (ssl->conf->f_ca_cb != NULL) {
-        have_ca_chain = 1;
+        have_ca_chain_or_callback = 1;
 
         MBEDTLS_SSL_DEBUG_MSG(3, ("use CA callback for X.509 CRT verification"));
         ret = mbedtls_x509_crt_verify_with_ca_cb(
@@ -728,7 +728,7 @@
         }
 
         if (ca_chain != NULL) {
-            have_ca_chain = 1;
+            have_ca_chain_or_callback = 1;
         }
 
         ret = mbedtls_x509_crt_verify_with_profile(
@@ -771,7 +771,7 @@
         ret = 0;
     }
 
-    if (!have_ca_chain && authmode == MBEDTLS_SSL_VERIFY_REQUIRED) {
+    if (!have_ca_chain_or_callback && authmode == MBEDTLS_SSL_VERIFY_REQUIRED) {
         MBEDTLS_SSL_DEBUG_MSG(1, ("got no CA chain"));
         ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED;
     }