Merge commit 'd7e2483' into dtls

* commit 'd7e2483': (57 commits) Skip signature_algorithms ext if PSK only Fix bug in ssl_client2 reconnect option Cosmetics in ssl_server2 Improve debugging message. Fix net_usleep for durations greater than 1 second Use pk_load_file() in X509 Create ticket keys only if enabled Fix typo in #ifdef Clarify documentation a bit Fix comment on resumption Update comment from draft to RFC Use more #ifdef's on CLI_C and SRV_C in ssl_tls.c Add recursion.pl to all.sh Allow x509_crt_verify_child() in recursion.pl Set a compile-time limit to X.509 chain length Fix 3DES -> DES in all.sh (+ time estimates) Add curves.pl to all.sh Rework all.sh to use MSan instead of valgrind Fix depends on individual curves in tests Add script to test depends on individual curves ... Conflicts: CMakeLists.txt programs/ssl/ssl_client2.c
2015-01-20 16:45:20 +00:00 · 2015-01-20 16:45:20 +00:00 · edb7ed3a43
commit edb7ed3a43
parent f9c8a606b5 d7e2483bfc
56 changed files with 1279 additions and 365 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -495,7 +495,8 @@ static int ssl_parse_renegotiation_info( ssl_context *ssl,
    return( 0 );
 }

-#if defined(POLARSSL_SSL_PROTO_TLS1_2)
+#if defined(POLARSSL_SSL_PROTO_TLS1_2) && \
+    defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED)
 static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
                                               const unsigned char *buf,
                                               size_t len )
@ -539,7 +540,8 @@ have_sig_alg:

    return( 0 );
 }
-#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
+#endif /* POLARSSL_SSL_PROTO_TLS1_2 &&
+          POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */

 #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
 static int ssl_parse_supported_elliptic_curves( ssl_context *ssl,
@ -1703,7 +1705,8 @@ read_record_header:
                return( ret );
            break;

-#if defined(POLARSSL_SSL_PROTO_TLS1_2)
+#if defined(POLARSSL_SSL_PROTO_TLS1_2) && \
+    defined(POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED)
        case TLS_EXT_SIG_ALG:
            SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
            if( ssl->renegotiation == SSL_RENEGOTIATION )
@ -1713,7 +1716,8 @@ read_record_header:
            if( ret != 0 )
                return( ret );
            break;
-#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
+#endif /* POLARSSL_SSL_PROTO_TLS1_2 &&
+          POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED */

 #if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
        case TLS_EXT_SUPPORTED_ELLIPTIC_CURVES: