TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f6a676d93f47ba4f3cc78ec9b4adc02397ce4df4^! / . / library / ssl_msg.c
commitf6a676d93f47ba4f3cc78ec9b4adc02397ce4df4[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Mon Feb 17 16:10:14 2025 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Mon Feb 17 16:10:14 2025 +0100
tree01495d90cc7d82d51ab0007039721d80414e7710
parent69f8f45e6f561651c1000af78a81ecb374af11bd [diff] [blame]
Rename badmac_seen to badmac_seen_or_in_hsfraglen

Prepare to unify two fields of the `mbedtls_ssl_context` structure:
`badmac_seen` (always present but only used in DTLS) and
`in_hsfraglen` (always present but only used in non-DTLS TLS).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index fb91b94..1ad8f5a 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -5033,8 +5033,8 @@
                 }
 
                 if (ssl->conf->badmac_limit != 0) {
-                    ++ssl->badmac_seen;
-                    if (ssl->badmac_seen >= ssl->conf->badmac_limit) {
+                    ++ssl->badmac_seen_or_in_hsfraglen;
+                    if (ssl->badmac_seen_or_in_hsfraglen >= ssl->conf->badmac_limit) {
                         MBEDTLS_SSL_DEBUG_MSG(1, ("too many records with bad MAC"));
                         return MBEDTLS_ERR_SSL_INVALID_MAC;
                     }