From 5398c10b897de8f4f29aa897484621b76748bea4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 5 Nov 2021 13:32:38 +0800 Subject: [PATCH] Add return value check for cerificate verify Signed-off-by: Jerry Yu --- library/ssl_tls13_generic.c | 1 + tests/ssl-opt.sh | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 45692d877..75b11c93a 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -503,6 +503,7 @@ int mbedtls_ssl_tls13_process_certificate_verify( mbedtls_ssl_context *ssl ) cleanup: MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_process_certificate_verify", ret ); return( ret ); #else ((void) ssl); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 037dfa518..0e78356bc 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8833,7 +8833,9 @@ run_test "TLS1.3: Test client hello msg work - openssl" \ -c "=> ssl_tls1_3_process_server_hello" \ -c "<= parse encrypted extensions" \ -c "Certificate verification flags clear" \ - -c "<= parse certificate verify" + -c "=> parse certificate verify" \ + -c "<= parse certificate verify" \ + -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" requires_gnutls_tls1_3 requires_gnutls_next_no_ticket @@ -8864,7 +8866,9 @@ run_test "TLS1.3: Test client hello msg work - gnutls" \ -c "=> ssl_tls1_3_process_server_hello" \ -c "<= parse encrypted extensions" \ -c "Certificate verification flags clear" \ - -c "<= parse certificate verify" + -c "=> parse certificate verify" \ + -c "<= parse certificate verify" \ + -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" # Test heap memory usage after handshake requires_config_enabled MBEDTLS_MEMORY_DEBUG