if (ret) {
return TLS_INVALID_DEVKEY;
}
- mbedtls_ssl_conf_own_cert(ctx->conf, ctx->crt->next, ctx->pkey);
+ ret = mbedtls_ssl_conf_own_cert(ctx->conf, ctx->crt->next, ctx->pkey);
+ if (ret) {
+ return TLS_INVALID_DEVCERT;
+ }
}
return ret;
if (opt->force_ciphersuites[0] > 0) {
mbedtls_ssl_conf_ciphersuites(ctx->conf, opt->force_ciphersuites);
}
- mbedtls_ssl_setup(session->ssl, ctx->conf);
+
+ if ((ret = mbedtls_ssl_setup(session->ssl, ctx->conf) != 0)) {
+ ret = TLS_SET_DEFAULT_FAIL;
+ goto errout;
+ }
return TLS_SUCCESS;
tls_context_release(ctx);
tls_context_free(ctx);
- TLS_FREE(ctx);
-
EASY_TLS_DEBUG("TLSCtx free\n");
return TLS_SUCCESS;
}
mbedtls_net_context listen_ctx;
tls_session *session = NULL;
- if (ctx == NULL || opt == NULL) {
+ if (fd < 0 || ctx == NULL || opt == NULL) {
EASY_TLS_DEBUG("TLSSession input error\n");
return NULL;
}
return session;
errout:
TLSSession_free(session);
+ TLS_FREE(session);
return NULL;
}
mbedtls_ssl_free(session->ssl);
mbedtls_net_free(&session->net);
TLS_FREE(session->ssl);
- TLS_FREE(session);
EASY_TLS_DEBUG("TLSSession free\n");
return 0;
goto cleanup;
}
- mbedtls_mpi_read_binary(&r, ecc_sign.r, ecc_sign.r_byte_len);
- mbedtls_mpi_read_binary(&s, ecc_sign.s, ecc_sign.s_byte_len);
+ if ((ret = mbedtls_mpi_read_binary(&r, ecc_sign.r, ecc_sign.r_byte_len)) != 0) {
+ goto cleanup;
+ }
+ if ((ret = mbedtls_mpi_read_binary(&s, ecc_sign.s, ecc_sign.s_byte_len)) != 0) {
+ goto cleanup;
+ }
MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, sig_len));
goto cleanup;
}
- if ((ret = see_setup_key_internal(der_buf + der_buflen - len, len, SECURE_STORAGE_TYPE_KEY_ECC, key_buf)) != 0) {
+ if (see_setup_key_internal(der_buf + der_buflen - len, len, SECURE_STORAGE_TYPE_KEY_ECC, key_buf) != 0) {
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}