Fix dependencies and related issues
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index b8d798b..b6944f1 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -614,7 +614,9 @@
void *p_vrfy; /*!< context for verification */
#endif
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t);
void *p_psk; /*!< context for PSK retrieval */
#endif
@@ -712,7 +714,9 @@
mpi dhm_G; /*!< generator for DHM */
#endif
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
/*
* PSK values
*/
@@ -1054,7 +1058,9 @@
rsa_key_len_func rsa_key_len );
#endif /* POLARSSL_X509_CRT_PARSE_C */
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
/**
* \brief Set the Pre Shared Key (PSK) and the identity name connected
* to it.
@@ -1094,7 +1100,9 @@
int (*f_psk)(void *, ssl_context *, const unsigned char *,
size_t),
void *p_psk );
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#if defined(POLARSSL_DHM_C)
/**
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index eaa8001..77a18ed 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1973,6 +1973,7 @@
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+ ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
@@ -1997,6 +1998,7 @@
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+ ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f09b924..336add2 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1915,6 +1915,7 @@
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
unsigned char *p = ssl->out_msg + 4;
unsigned char *dig_signed = p;
@@ -2637,6 +2638,7 @@
SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+ ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
@@ -2664,6 +2666,7 @@
SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+ ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e4ae682..2be2016 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -830,7 +830,6 @@
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex )
{
- int ret;
unsigned char *p = ssl->handshake->premaster;
unsigned char *end = p + sizeof( ssl->handshake->premaster );
@@ -856,6 +855,7 @@
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
+ int ret;
size_t len = ssl->handshake->dhm_ctx.len;
if( end - p < 2 + (int) len )
@@ -878,6 +878,7 @@
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if( key_ex == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
{
+ int ret;
size_t zlen;
if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen,
@@ -3659,7 +3660,9 @@
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
const unsigned char *psk_identity, size_t psk_identity_len )
{
@@ -3695,7 +3698,9 @@
ssl->f_psk = f_psk;
ssl->p_psk = p_psk;
}
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#if defined(POLARSSL_DHM_C)
int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G )
@@ -4363,7 +4368,9 @@
}
#endif
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if( ssl->psk != NULL )
{
memset( ssl->psk, 0, ssl->psk_len );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 2093d1a..7b97841 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -166,13 +166,17 @@
#define USAGE_IO ""
#endif /* POLARSSL_X509_CRT_PARSE_C */
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#define USAGE_PSK \
" psk=%%s default: \"\" (in hex, without 0x)\n" \
" psk_identity=%%s default: \"Client_identity\"\n"
#else
#define USAGE_PSK ""
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#if defined(POLARSSL_SSL_SESSION_TICKETS)
#define USAGE_TICKETS \
@@ -240,7 +244,9 @@
{
int ret = 0, len, server_fd, i, written, frags;
unsigned char buf[1024];
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
unsigned char psk[256];
size_t psk_len = 0;
#endif
@@ -494,7 +500,9 @@
opt.min_version = ciphersuite_info->min_minor_ver;
}
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
/*
* Unhexify the pre-shared key if any is given
*/
@@ -542,7 +550,9 @@
psk[ j / 2 ] |= c;
}
}
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
/*
* 0. Initialize the RNG and the session data
@@ -710,7 +720,9 @@
ssl_set_own_cert( &ssl, &clicert, &pkey );
#endif
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) );
#endif
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 43d7d79..0148103 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -144,13 +144,17 @@
#define USAGE_IO ""
#endif /* POLARSSL_X509_CRT_PARSE_C */
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#define USAGE_PSK \
" psk=%%s default: \"\" (in hex, without 0x)\n" \
" psk_identity=%%s default: \"Client_identity\"\n"
#else
#define USAGE_PSK ""
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#if defined(POLARSSL_SSL_SESSION_TICKETS)
#define USAGE_TICKETS \
@@ -209,7 +213,9 @@
int listen_fd;
int client_fd = -1;
unsigned char buf[1024];
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
unsigned char psk[256];
size_t psk_len = 0;
#endif
@@ -467,7 +473,9 @@
opt.min_version = ciphersuite_info->min_minor_ver;
}
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
/*
* Unhexify the pre-shared key if any is given
*/
@@ -515,7 +523,9 @@
psk[ j / 2 ] |= c;
}
}
-#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
/*
* 0. Initialize the RNG and the session data
@@ -729,7 +739,9 @@
ssl_set_own_cert( &ssl, &srvcert2, &pkey2 );
#endif
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity,
strlen( opt.psk_identity ) );
#endif
