Do not allow configuring zero-length PSK
fix error when calloc is called with size 0
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 558fa28..cbda4d1 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -194,7 +194,8 @@
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
#define USAGE_PSK_RAW \
- " psk=%%s default: \"\" (in hex, without 0x)\n" \
+ " psk=%%s default: \"\" (disabled)\n" \
+ " The PSK values are in hex, without 0x.\n" \
" psk_identity=%%s default: \"Client_identity\"\n"
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#define USAGE_PSK_SLOT \
@@ -2374,13 +2375,16 @@
}
else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
- if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
- (const unsigned char *) opt.psk_identity,
- strlen( opt.psk_identity ) ) ) != 0 )
+ if( psk_len > 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n",
- ret );
- goto exit;
+ ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
+ (const unsigned char *) opt.psk_identity,
+ strlen( opt.psk_identity ) );
+ if( ret != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_psk returned %d\n\n", ret );
+ goto exit;
+ }
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
