replace MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED with MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
After the ECDH keyexchange removal the two became synonyms so the former can
be removed.
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index d3519f1..dfd3694 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -184,11 +184,6 @@
#define MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED
#endif
-/* Key exchanges that don't involve ephemeral keys */
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
-#define MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED
-#endif
-
/* Key exchanges that involve ephemeral keys */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
@@ -198,7 +193,7 @@
#endif
/* Key exchanges using a PSK */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) || \
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#define MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
#endif
diff --git a/library/ssl_ciphersuites_internal.h b/library/ssl_ciphersuites_internal.h
index 2e9f077..524e419 100644
--- a/library/ssl_ciphersuites_internal.h
+++ b/library/ssl_ciphersuites_internal.h
@@ -41,7 +41,7 @@
}
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
{
switch (info->MBEDTLS_PRIVATE(key_exchange)) {
@@ -52,7 +52,7 @@
return 0;
}
}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
{
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 755b837..1f498e0 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -2902,14 +2902,14 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t signature_len = 0;
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
ssl->handshake->ciphersuite_info;
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write server key exchange"));
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
/* Extract static ECDH parameters and abort if ServerKeyExchange
* is not needed. */
if (mbedtls_ssl_ciphersuite_no_pfs(ciphersuite_info)) {
@@ -2919,7 +2919,7 @@
mbedtls_ssl_handshake_increment_state(ssl);
return 0;
}
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) && \
defined(MBEDTLS_SSL_ASYNC_PRIVATE)