Merge pull request #23 from deemru/1.x

deemru · web-flow · commit 52d77be90d86 · 2025-12-12T14:01:15.000+03:00
1.0.3
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## 1.0.3
+
+- Fixed broken logic regression in [`msspi_get_peerchain()`](MSSPI.md#msspi_get_peerchain)
+- Safer definition of shared TLS/DTLS version constants
+
+---
+
 ## 1.0.2
 
 - Fixed regression in [`msspi_set_mycert()`](MSSPI.md#msspi_set_mycert) where SHA1/KeyID/Subject certificate lookup failed
diff --git a/MSSPI.md b/MSSPI.md
@@ -140,11 +140,25 @@ Checks if a TLS/DTLS version is supported by the system.
 ### Protocol Version Constants
 
 ```c
-#define TLS1_VERSION    0x0301
-#define TLS1_1_VERSION  0x0302
-#define TLS1_2_VERSION  0x0303
-#define TLS1_3_VERSION  0x0304
+#ifndef TLS1_VERSION
+#define TLS1_VERSION 0x0301
+#endif
+
+#ifndef TLS1_1_VERSION
+#define TLS1_1_VERSION 0x0302
+#endif
+
+#ifndef TLS1_2_VERSION
+#define TLS1_2_VERSION 0x0303
+#endif
+
+#ifndef TLS1_3_VERSION
+#define TLS1_3_VERSION 0x0304
+#endif
+
+#ifndef DTLS1_2_VERSION
 #define DTLS1_2_VERSION 0xFEFD
+#endif
 ```
 
 ---
diff --git a/src/msspi.cpp b/src/msspi.cpp
@@ -2873,7 +2873,8 @@ int msspi_get_peerchain( MSSPI_HANDLE h, const uint8_t ** bufs, size_t * lens, s
 
     if( !h->peerchain.size() )
     {
-        if( !msspi_verify_internal( h, false, true ) )
+        uint32_t just_chain_result = msspi_verify_internal( h, false, true );
+        if( just_chain_result != ERROR_SUCCESS )
             return 0; // last error included
     }
 
diff --git a/src/msspi.h b/src/msspi.h
@@ -6,7 +6,7 @@
 
 #define MSSPI_VERSION_MAJOR 1
 #define MSSPI_VERSION_MINOR 0
-#define MSSPI_VERSION_PATCH 2
+#define MSSPI_VERSION_PATCH 3
 
 #define MSSPI_VERSION \
     ( ( MSSPI_VERSION_MAJOR << 16 ) | ( MSSPI_VERSION_MINOR << 8 ) | MSSPI_VERSION_PATCH )
@@ -20,12 +20,25 @@ extern "C" {
 
 uint32_t msspi_version( void );
 
-#define TLS1_VERSION    0x0301
-#define TLS1_1_VERSION  0x0302
-#define TLS1_2_VERSION  0x0303
-#define TLS1_3_VERSION  0x0304
+#ifndef TLS1_VERSION
+#define TLS1_VERSION 0x0301
+#endif
+
+#ifndef TLS1_1_VERSION
+#define TLS1_1_VERSION 0x0302
+#endif
+
+#ifndef TLS1_2_VERSION
+#define TLS1_2_VERSION 0x0303
+#endif
+
+#ifndef TLS1_3_VERSION
+#define TLS1_3_VERSION 0x0304
+#endif
 
+#ifndef DTLS1_2_VERSION
 #define DTLS1_2_VERSION 0xFEFD
+#endif
 
 int msspi_is_version_supported( int version );
 int msspi_is_cipher_supported( int cipher, int dtls );

Original file line number	Diff line number	Diff line change
`@@ -2873,7 +2873,8 @@ int msspi_get_peerchain( MSSPI_HANDLE h, const uint8_t ** bufs, size_t * lens, s`
`2873`	`2873`
`2874`	`2874`	`if( !h->peerchain.size() )`
`2875`	`2875`	`{`
`2876`		`- if( !msspi_verify_internal( h, false, true ) )`
	`2876`	`+ uint32_t just_chain_result = msspi_verify_internal( h, false, true );`
	`2877`	`+ if( just_chain_result != ERROR_SUCCESS )`
`2877`	`2878`	`return 0; // last error included`
`2878`	`2879`	`}`
`2879`	`2880`