fix various issues
- Add comments for ticket test hooks
- improve code style.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index ce53f92..7df30f0 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -1416,35 +1416,43 @@
switch (opt.dummy_ticket % 11) {
case 1:
+ /* Callback function return INVALID_MAC */
return MBEDTLS_ERR_SSL_INVALID_MAC;
case 2:
+ /* Callback function return ticket expired */
return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
case 3:
+ /* Built-in check, the start time is in future. */
session->start = mbedtls_ms_time() + 10 * 1000;
break;
case 4:
+ /* Built-in check, ticket expired due to too old. */
session->start = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000;
break;
case 5:
+ /* Built-in check, age outside tolerance window, too young. */
session->start = mbedtls_ms_time() - 10 * 1000;
break;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 6:
+ /* Built-in check, age outside tolerance window, too old. */
session->start = mbedtls_ms_time();
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
session->ticket_age_add -= 1000;
-#endif
break;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
case 7:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE;
break;
case 8:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
break;
case 9:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
break;
case 10:
+ /* Built-in check, ticket permission check. */
session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
break;
#endif