yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2026-04-04 14:08:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow config'n of incl of CertificateReq CA list Y/N at compile-time

Browse source 
Introduces MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST which allows to configure
at compile-time whether a CA list should be included in the
CertificateRequest message sent by the server.

Impact on code-size:

|  | GCC 8.2.1 | ARMC5 5.06 | ARMC6 6.12 |
| --- | --- | --- | --- |
| `libmbedtls.a` before  | 23131 | 23805 | 26673 |
| `libmbedtls.a` after | 23099 | 23781 | 26639 |
| gain in Bytes | 32 | 24 | 34 |
This commit is contained in:
Hanno Becker 2019-06-13 12:33:03 +01:00
parent 2d9623f7d5
commit c2cfdaa693
8 changed files with 53 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

13
programs/ssl/ssl_server2.c
View file

@ -422,6 +422,14 @@ int main( void )
#define USAGE_READ_TIMEOUT ""
#endif
#if !defined(MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST)
#define USAGE_CERT_REQ_CA_LIST \
" cert_req_ca_list=%%d default: 1 (send ca list)\n" \
" options: 1 (send ca list), 0 (don't send)\n"
#else
#define USAGE_CERT_REQ_CA_LIST ""
#endif
#define USAGE \
"\n usage: ssl_server2 param=<>...\n" \
"\n acceptable parameters:\n" \
@ -445,8 +453,7 @@ int main( void )
USAGE_BADMAC_LIMIT \
"\n" \
USAGE_AUTH_MODE \
" cert_req_ca_list=%%d default: 1 (send ca list)\n" \
" options: 1 (send ca list), 0 (don't send)\n" \
USAGE_CERT_REQ_CA_LIST \
USAGE_IO \
USAGE_SSL_ASYNC \
USAGE_SNI \
@ -2479,8 +2486,10 @@ int main( int argc, char *argv[] )
mbedtls_ssl_conf_authmode( &conf, opt.auth_mode );
#endif /* !MBEDTLS_SSL_CONF_AUTHMODE */
#if !defined(MBEDTLS_SSL_CONF_CERT_REQ_CA_LIST)
if( opt.cert_req_ca_list != DFL_CERT_REQ_CA_LIST )
mbedtls_ssl_conf_cert_req_ca_list( &conf, opt.cert_req_ca_list );
#endif
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( opt.hs_to_min != DFL_HS_TO_MIN || opt.hs_to_max != DFL_HS_TO_MAX )