Made support for the truncated_hmac extension configurable

commit: 1f2bc6238b1074a4d0efcabea582a3ec369b3536 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Thu Aug 15 13:45:55 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Aug 15 13:45:55 2013 +0200
tree: 7c2f42f6db12cadcb3885d3e95667eee56e5781d
parent: 05decb24c3a97867edb92dd3d7108730e0cbf698 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1281bc8..039b536 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -516,6 +516,7 @@
 
             transform->maclen = md_get_size( md_info );
 
+#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
             /*
              * If HMAC is to be truncated, we shall keep the leftmost bytes,
              * (rfc 6066 page 13 or rfc 2104 section 4),
@@ -523,6 +524,7 @@
              */
             if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
                 transform->maclen = SSL_TRUNCATED_HMAC_LEN;
+#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
         }
 
         transform->keylen = cipher_info->key_length;
@@ -3255,6 +3257,7 @@
 }
 #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
 
+#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
 int ssl_set_truncated_hmac( ssl_context *ssl, int truncate )
 {
     if( ssl->endpoint != SSL_IS_CLIENT )
@@ -3264,6 +3267,7 @@
 
     return( 0 );
 }
+#endif /* POLARSSL_SSL_TRUNCATED_HMAC */
 
 void ssl_set_renegotiation( ssl_context *ssl, int renegotiation )
 {
commit	1f2bc6238b1074a4d0efcabea582a3ec369b3536	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Thu Aug 15 13:45:55 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Aug 15 13:45:55 2013 +0200
tree	7c2f42f6db12cadcb3885d3e95667eee56e5781d
parent	05decb24c3a97867edb92dd3d7108730e0cbf698 [diff] [blame]