tls13: Send dummy CCS only once Fix cases where the client was sending two CCS, no harm but better to send only one. Prevent to send even more CCS when early data are involved without having to add conditional state transitions. Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: fe59ff794d2e198665ca9456c097eae0b30fab66 [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Wed Jan 24 14:31:50 2024 +0100
committer: Ronald Cron <ronald.cron@arm.com> Tue Feb 06 16:43:33 2024 +0100
tree: 5996368033b2b207d22959b4c22085a6e8dda597
parent: bfcdc069efb1d52a98e3578aa0ec62a4bec7e9e4 [diff] [blame]
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 2666067..386a754 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c

@@ -1390,6 +1390,8 @@
     /* Dispatch message */
     MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl, 0));
 
+    ssl->handshake->ccs_count++;
+
 cleanup:
 
     MBEDTLS_SSL_DEBUG_MSG(2, ("<= write change cipher spec"));
commit	fe59ff794d2e198665ca9456c097eae0b30fab66	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Wed Jan 24 14:31:50 2024 +0100
committer	Ronald Cron <ronald.cron@arm.com>	Tue Feb 06 16:43:33 2024 +0100
tree	5996368033b2b207d22959b4c22085a6e8dda597
parent	bfcdc069efb1d52a98e3578aa0ec62a4bec7e9e4 [diff] [blame]