commit 558da9c3feee5d4376fcb9f481af18152165a467
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Jun 13 12:02:12 2018 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Jun 13 12:02:12 2018 +0200
tree 68c15cb5cdd9ba05ce44bdadc29affdce63be1e5
parent b5d668a7a7eef6ca5b1b2e3d152cf0ecf5cf8ca0

Make SSL error code more generic

It's undesirable to have users of the SSL layer check for an error code
specific to a lower-level layer, both out of general layering principles, and
also because if we later make another crypto module gain resume capabilities,
we would need to change the contract again (checking for a new module-specific
error code).

programs/ssl/ssl_client2.c

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index b11bedd..0e3e1ed 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1516,7 +1516,7 @@
     {
         if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
             ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-            ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+            ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n",
                             -ret );
@@ -1533,7 +1533,7 @@
         }
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
                 continue;
 #endif
 
@@ -1630,7 +1630,7 @@
         {
             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
                 ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
             {
                 mbedtls_printf( " failed\n  ! mbedtls_ssl_renegotiate returned %d\n\n",
                                 ret );
@@ -1695,7 +1695,7 @@
             {
                 if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
                     ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                    ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+                    ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
                 {
                     mbedtls_printf( " failed\n  ! mbedtls_ssl_write returned -0x%x\n\n",
                                     -ret );
@@ -1721,7 +1721,7 @@
             ret = mbedtls_ssl_write( &ssl, buf, len );
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
                 continue;
 #endif
 
@@ -1779,7 +1779,7 @@
             ret = mbedtls_ssl_read( &ssl, buf, len );
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
                 continue;
 #endif
 
@@ -1844,7 +1844,7 @@
             ret = mbedtls_ssl_read( &ssl, buf, len );
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
-            if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+            if( ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
                 continue;
 #endif
 
@@ -1911,7 +1911,7 @@
         {
             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
                 ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
             {
                 mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
                                 -ret );
@@ -2010,7 +2010,7 @@
         {
             if( ret != MBEDTLS_ERR_SSL_WANT_READ &&
                 ret != MBEDTLS_ERR_SSL_WANT_WRITE &&
-                ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
+                ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS )
             {
                 mbedtls_printf( " failed\n  ! mbedtls_ssl_handshake returned -0x%x\n\n",
                                 -ret );