eden-emu/mbedtls
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add compile-guard for < TLS1.2 path in server-side ssl_pick_cert()

Browse source 
Minor code-size optimization along the way.
This commit is contained in:
Hanno Becker 2019-02-26 16:48:55 +00:00
parent c69c4465b6
commit 828a8c08b6
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_srv.c
View file

@ -862,6 +862,8 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
continue; continue;
} }
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
/* /*
* Try to select a SHA-1 certificate for pre-1.2 clients, but still * Try to select a SHA-1 certificate for pre-1.2 clients, but still
* present them a SHA-higher cert rather than failing if it's the only * present them a SHA-higher cert rather than failing if it's the only
@ -890,6 +892,9 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
continue; continue;
} }
} }
#endif /* MBEDTLS_SSL_PROTO_TLS1 ||
MBEDTLS_SSL_PROTO_TLS1_1 ||
MBEDTLS_SSL_PROTO_SSL3 */
/* If we get there, we got a winner */ /* If we get there, we got a winner */
break; break;