More granular define selections within code to allow for smaller code
sizes
diff --git a/library/asn1write.c b/library/asn1write.c
index 4ea8a46..b1d6839 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -72,6 +72,7 @@
return( 1 );
}
+#if defined(POLARSSL_BIGNUM_C)
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X )
{
int ret;
@@ -104,7 +105,8 @@
return( len );
}
-
+#endif /* POLARSSL_BIGNUM_C */
+
int asn1_write_null( unsigned char **p, unsigned char *start )
{
int ret;
diff --git a/library/debug.c b/library/debug.c
index b898eb8..23b9019 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -150,6 +150,7 @@
}
#endif /* POLARSSL_ECP_C */
+#if defined(POLARSSL_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mpi *X )
@@ -221,7 +222,9 @@
ssl->f_dbg( ssl->p_dbg, level, "\n" );
}
+#endif /* POLARSSL_BIGNUM_C */
+#if defined(POLARSSL_X509_PARSE_C)
void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_cert *crt )
@@ -256,5 +259,6 @@
crt = crt->next;
}
}
+#endif /* POLARSSL_X509_PARSE_C */
#endif
diff --git a/library/oid.c b/library/oid.c
index 53c2e5d..51851ba 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -33,6 +33,8 @@
#include "polarssl/md.h"
#include "polarssl/rsa.h"
+#include <stdio.h>
+
/*
* For X520 attribute types
*/
@@ -77,6 +79,7 @@
}
};
+#if defined(POLARSSL_X509_PARSE_C) || defined(POLARSSL_X509_WRITE_C)
/*
* For X509 extensions
*/
@@ -123,6 +126,7 @@
{ OID_OCSP_SIGNING, "id-kp-OCSPSigning", "OCSP Signing" },
{ NULL, NULL, NULL },
};
+#endif /* POLARSSL_X509_PARSE_C || POLARSSL_X509_WRITE_C */
/*
* For SignatureAlgorithmIdentifier
@@ -378,6 +382,7 @@
oid->p, oid->len );
}
+#if defined(POLARSSL_X509_PARSE_C) || defined(POLARSSL_X509_WRITE_C)
int oid_get_extended_key_usage( const asn1_buf *oid, const char **desc )
{
const oid_descriptor_t *data = oid_descriptor_from_asn1(
@@ -401,6 +406,20 @@
oid );
}
+int oid_get_x509_ext_type( const asn1_buf *oid, int *ext_type )
+{
+ const oid_x509_ext_t *data = oid_x509_ext_from_asn1( oid );
+
+ if( data == NULL )
+ return( POLARSSL_ERR_OID_NOT_FOUND );
+
+ *ext_type = data->ext_type;
+
+ return( 0 );
+}
+
+#endif /* POLARSSL_X509_PARSE_C || POLARSSL_X509_WRITE_C */
+
static const oid_x520_attr_t *oid_x520_attr_from_asn1( const asn1_buf *oid )
{
return (const oid_x520_attr_t *) oid_descriptor_from_asn1(
@@ -433,18 +452,6 @@
oid );
}
-int oid_get_x509_ext_type( const asn1_buf *oid, int *ext_type )
-{
- const oid_x509_ext_t *data = oid_x509_ext_from_asn1( oid );
-
- if( data == NULL )
- return( POLARSSL_ERR_OID_NOT_FOUND );
-
- *ext_type = data->ext_type;
-
- return( 0 );
-}
-
int oid_get_attr_short_name( const asn1_buf *oid, const char **short_name )
{
const oid_x520_attr_t *data = oid_x520_attr_from_asn1( oid );
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index f5686be..93d5d8b 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -72,6 +72,7 @@
memcpy( session->master, entry->session.master, 48 );
+#if defined(POLARSSL_X509_PARSE_C)
/*
* Restore peer certificate (without rest of the original chain)
*/
@@ -90,6 +91,7 @@
return( 1 );
}
}
+#endif /* POLARSSL_X509_PARSE_C */
return( 0 );
}
@@ -140,11 +142,13 @@
{
cur = old;
memset( &cur->session, 0, sizeof(ssl_session) );
+#if defined(POLARSSL_X509_PARSE_C)
if( cur->peer_cert.p != NULL )
{
free( cur->peer_cert.p );
memset( &cur->peer_cert, 0, sizeof(x509_buf) );
}
+#endif /* POLARSSL_X509_PARSE_C */
}
else
{
@@ -164,7 +168,8 @@
}
memcpy( &cur->session, session, sizeof( ssl_session ) );
-
+
+#if defined(POLARSSL_X509_PARSE_C)
/*
* Store peer certificate
*/
@@ -180,6 +185,7 @@
cur->session.peer_cert = NULL;
}
+#endif /* POLARSSL_X509_PARSE_C */
return( 0 );
}
@@ -211,8 +217,10 @@
ssl_session_free( &prv->session );
+#if defined(POLARSSL_X509_PARSE_C)
if( prv->peer_cert.p != NULL )
free( prv->peer_cert.p );
+#endif /* POLARSSL_X509_PARSE_C */
free( prv );
}
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 9962965..38d873f 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -128,6 +128,7 @@
static const ssl_ciphersuite_t ciphersuite_definitions[] =
{
+#if defined(POLARSSL_X509_PARSE_C) && defined(POLARSSL_RSA_C)
#if defined(POLARSSL_ECDH_C)
#if defined(POLARSSL_AES_C)
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
@@ -201,7 +202,7 @@
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC },
-#endif
+#endif /* POLARSSL_ARC4_C */
#if defined(POLARSSL_CIPHER_NULL_CIPHER)
{ TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
@@ -209,8 +210,8 @@
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_EC | POLARSSL_CIPHERSUITE_WEAK },
-#endif
-#endif
+#endif /* POLARSSL_CIPHER_NULL_CIPHER */
+#endif /* POLARSSL_ECDH_C */
#if defined(POLARSSL_ARC4_C)
{ TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
@@ -387,6 +388,7 @@
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_DES_C */
+#endif /* POLARSSL_X509_PARSE_C && POLARSSL_RSA_C */
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
#if defined(POLARSSL_AES_C)
@@ -451,6 +453,7 @@
#endif /* POLARSSL_ARC4_C */
#endif /* POLARSSL_DHM_C */
+#if defined(POLARSSL_X509_PARSE_C) && defined(POLARSSL_RSA_C)
#if defined(POLARSSL_AES_C)
{ TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
@@ -480,9 +483,11 @@
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
0 },
#endif /* POLARSSL_ARC4_C */
+#endif /* POLARSSL_X509_PARSE_C && POLARSSL_RSA_C */
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
+#if defined(POLARSSL_X509_PARSE_C) && defined(POLARSSL_RSA_C)
#if defined(POLARSSL_CIPHER_NULL_CIPHER)
{ TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
@@ -518,6 +523,7 @@
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
POLARSSL_CIPHERSUITE_WEAK },
#endif /* POLARSSL_DES_C */
+#endif /* POLARSSL_X509_PARSE_C && POLARSSL_RSA_C */
#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 86d720b..a4cc3d7 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -742,7 +742,11 @@
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
-#if defined(POLARSSL_DHM_C)
+#if !defined(POLARSSL_DHM_C)
+ ((void) ssl);
+ ((void) p);
+ ((void) end);
+#else
/*
* Ephemeral DH parameters:
*
@@ -779,7 +783,11 @@
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
-#if defined(POLARSSL_ECDH_C)
+#if !defined(POLARSSL_ECDH_C)
+ ((void) ssl);
+ ((void) p);
+ ((void) end);
+#else
/*
* Ephemeral ECDH parameters:
*
@@ -816,7 +824,11 @@
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if !defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+ ((void) ssl);
+ ((void) p);
+ ((void) end);
+#else
size_t len;
/*
@@ -840,6 +852,7 @@
return( ret );
}
+#if defined(POLARSSL_RSA_C)
static int ssl_parse_signature_algorithm( ssl_context *ssl,
unsigned char **p,
unsigned char *end,
@@ -895,15 +908,18 @@
return( 0 );
}
+#endif /* POLARSSL_RSA_C */
static int ssl_parse_server_key_exchange( ssl_context *ssl )
{
int ret;
- size_t n;
unsigned char *p, *end;
+#if defined(POLARSSL_RSA_C)
+ size_t n;
unsigned char hash[64];
md_type_t md_alg = POLARSSL_MD_NONE;
unsigned int hashlen = 0;
+#endif
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
@@ -966,6 +982,7 @@
}
}
+#if defined(POLARSSL_RSA_C)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
{
@@ -1065,6 +1082,7 @@
return( ret );
}
}
+#endif /* POLARSSL_RSA_C */
exit:
ssl->state++;
@@ -1234,9 +1252,7 @@
{
int ret;
size_t i, n;
-#if defined(POLARSSL_DHM_C) || defined(POLARSSL_ECDH_C)
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
-#endif
SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
@@ -1349,6 +1365,8 @@
}
else
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(POLARSSL_X509_PARSE_C)
+ if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA )
{
/*
* RSA key exchange -- send rsa_public(pkcs1 v1.5(premaster))
@@ -1384,6 +1402,12 @@
return( ret );
}
}
+ else
+#endif /* POLARSSL_X509_PARSE_C */
+ {
+ ((void) ciphersuite_info);
+ return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
+ }
if( ( ret = ssl_derive_keys( ssl ) ) != 0 )
{
@@ -1410,17 +1434,26 @@
static int ssl_write_certificate_verify( ssl_context *ssl )
{
- int ret = 0;
+ int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
+ const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+#if defined(POLARSSL_X509_PARSE_C)
size_t n = 0, offset = 0;
unsigned char hash[48];
md_type_t md_alg = POLARSSL_MD_NONE;
unsigned int hashlen = 0;
- const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+#endif
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
- if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
- ssl->client_auth == 0 || ssl->own_cert == NULL )
+ if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
+ {
+ SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
+ ssl->state++;
+ return( 0 );
+ }
+
+#if defined(POLARSSL_X509_PARSE_C)
+ if( ssl->client_auth == 0 || ssl->own_cert == NULL )
{
SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
ssl->state++;
@@ -1519,10 +1552,11 @@
SSL_DEBUG_RET( 1, "ssl_write_record", ret );
return( ret );
}
+#endif /* POLARSSL_X509_PARSE_C */
SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) );
- return( 0 );
+ return( ret );
}
/*
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 27d7a7e..07c5e37 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1022,11 +1022,13 @@
static int ssl_write_certificate_request( ssl_context *ssl )
{
- int ret;
+ int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
+ const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+#if defined(POLARSSL_X509_PARSE_C)
size_t n = 0, dn_size, total_dn_size;
unsigned char *buf, *p;
const x509_cert *crt;
- const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+#endif /* POLARSSL_X509_PARSE_C */
SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
@@ -1039,6 +1041,7 @@
return( 0 );
}
+#if defined(POLARSSL_X509_PARSE_C)
/*
* 0 . 0 handshake type
* 1 . 3 handshake length
@@ -1114,13 +1117,15 @@
ssl->out_msg[7 + n] = (unsigned char)( total_dn_size );
ret = ssl_write_record( ssl );
+#endif /* POLARSSL_X509_PARSE_C */
SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) );
return( ret );
}
-#if !defined(POLARSSL_DHM_C) && !defined(POLARSSL_ECDH_C)
+#if ( !defined(POLARSSL_DHM_C) && !defined(POLARSSL_ECDH_C) ) || \
+ !defined(POLARSSL_RSA_C)
static int ssl_write_server_key_exchange( ssl_context *ssl )
{
SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
@@ -1388,7 +1393,9 @@
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
-#if defined(POLARSSL_DHM_C)
+#if !defined(POLARSSL_DHM_C)
+ ((void) ssl);
+#else
size_t n;
/*
@@ -1432,7 +1439,9 @@
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
-#if defined(POLARSSL_ECDH_C)
+#if !defined(POLARSSL_ECDH_C)
+ ((void) ssl);
+#else
size_t n;
/*
@@ -1474,6 +1483,10 @@
static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
+
+#if !defined(POLARSSL_RSA_C)
+ ((void) ssl);
+#else
size_t i, n = 0;
if( ssl->rsa_key == NULL )
@@ -1534,6 +1547,7 @@
if( ret != 0 )
return( ret );
}
+#endif /* POLARSSL_RSA_C */
return( ret );
}
@@ -1542,7 +1556,9 @@
{
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
-#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+#if !defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
+ ((void) ssl);
+#else
size_t n;
unsigned char *p = ssl->handshake->premaster;
@@ -1664,17 +1680,26 @@
static int ssl_parse_certificate_verify( ssl_context *ssl )
{
- int ret;
+ int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
+#if defined(POLARSSL_X509_PARSE_C)
size_t n = 0, n1, n2;
unsigned char hash[48];
md_type_t md_alg = POLARSSL_MD_NONE;
unsigned int hashlen = 0;
+#endif /* POLARSSL_X509_PARSE_C */
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
- if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
- ssl->session_negotiate->peer_cert == NULL )
+ if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
+ {
+ SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
+ ssl->state++;
+ return( 0 );
+ }
+
+#if defined(POLARSSL_X509_PARSE_C)
+ if( ssl->session_negotiate->peer_cert == NULL )
{
SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
ssl->state++;
@@ -1745,10 +1770,11 @@
SSL_DEBUG_RET( 1, "rsa_pkcs1_verify", ret );
return( ret );
}
+#endif /* POLARSSL_X509_PARSE_C */
SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) );
- return( 0 );
+ return( ret );
}
/*
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6b47838..3c25415 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -69,6 +69,7 @@
int (*ssl_hw_record_finish)(ssl_context *ssl) = NULL;
#endif
+#if defined(POLARSSL_RSA_C)
static int ssl_rsa_decrypt( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len )
@@ -90,6 +91,7 @@
{
return ( (rsa_context *) ctx )->len;
}
+#endif /* POLARSSL_RSA_C */
/*
* Key material generation
@@ -1845,9 +1847,11 @@
*/
int ssl_write_certificate( ssl_context *ssl )
{
- int ret;
+ int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
+#if defined(POLARSSL_X509_PARSE_C)
size_t i, n;
const x509_cert *crt;
+#endif
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
@@ -1859,6 +1863,7 @@
return( 0 );
}
+#if defined(POLARSSL_X509_PARSE_C)
if( ssl->endpoint == SSL_IS_CLIENT )
{
if( ssl->client_auth == 0 )
@@ -1942,16 +1947,19 @@
SSL_DEBUG_RET( 1, "ssl_write_record", ret );
return( ret );
}
+#endif /* POLARSSL_X509_PARSE_C */
SSL_DEBUG_MSG( 2, ( "<= write certificate" ) );
- return( 0 );
+ return( ret );
}
int ssl_parse_certificate( ssl_context *ssl )
{
- int ret;
+ int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
+#if defined(POLARSSL_X509_PARSE_C)
size_t i, n;
+#endif
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
@@ -1963,6 +1971,7 @@
return( 0 );
}
+#if defined(POLARSSL_X509_PARSE_C)
if( ssl->endpoint == SSL_IS_SERVER &&
ssl->authmode == SSL_VERIFY_NONE )
{
@@ -2104,6 +2113,7 @@
if( ssl->authmode != SSL_VERIFY_REQUIRED )
ret = 0;
}
+#endif /* POLARSSL_X509_PARSE_C */
SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
@@ -2686,9 +2696,11 @@
/*
* Sane defaults
*/
+#if defined(POLARSSL_RSA_C)
ssl->rsa_decrypt = ssl_rsa_decrypt;
ssl->rsa_sign = ssl_rsa_sign;
ssl->rsa_key_len = ssl_rsa_key_len;
+#endif
ssl->min_major_ver = SSL_MAJOR_VERSION_3;
ssl->min_minor_ver = SSL_MINOR_VERSION_0;
@@ -2827,6 +2839,7 @@
ssl->authmode = authmode;
}
+#if defined(POLARSSL_X509_PARSE_C)
void ssl_set_verify( ssl_context *ssl,
int (*f_vrfy)(void *, x509_cert *, int, int *),
void *p_vrfy )
@@ -2834,6 +2847,7 @@
ssl->f_vrfy = f_vrfy;
ssl->p_vrfy = p_vrfy;
}
+#endif /* POLARSSL_X509_PARSE_C */
void ssl_set_rng( ssl_context *ssl,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -2897,6 +2911,7 @@
ssl->ciphersuite_list[minor] = ciphersuites;
}
+#if defined(POLARSSL_X509_PARSE_C)
void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
x509_crl *ca_crl, const char *peer_cn )
{
@@ -2924,6 +2939,7 @@
ssl->rsa_sign = rsa_sign;
ssl->rsa_key_len = rsa_key_len;
}
+#endif /* POLARSSL_X509_PARSE_C */
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
void ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
@@ -3069,6 +3085,7 @@
return( "unknown" );
}
+#if defined(POLARSSL_X509_PARSE_C)
const x509_cert *ssl_get_peer_cert( const ssl_context *ssl )
{
if( ssl == NULL || ssl->session == NULL )
@@ -3076,6 +3093,7 @@
return ssl->session->peer_cert;
}
+#endif /* POLARSSL_X509_PARSE_C */
/*
* Perform a single step of the SSL handshake
@@ -3366,11 +3384,13 @@
void ssl_session_free( ssl_session *session )
{
+#if defined(POLARSSL_X509_PARSE_C)
if( session->peer_cert != NULL )
{
x509_free( session->peer_cert );
free( session->peer_cert );
}
+#endif
memset( session, 0, sizeof( ssl_session ) );
}