commit 6106fdc085d31935ee28919666db1bbbf5429e69
author Jerry Yu <jerry.h.yu@arm.com> Wed Jan 12 16:36:14 2022 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Tue Jan 25 12:46:17 2022 +0800
tree d2150accbfef1fcf19423c0ebe7ea4ca5575ca2e
parent f017ee4203032ed778744be29a550c95a85b6154

fix build fail without TLS13

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 336e479..9a8fe45 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3187,14 +3187,14 @@
             unsigned char hash = mbedtls_ssl_hash_from_md_alg( *md );
             if( hash == MBEDTLS_SSL_HASH_NONE )
                 continue;
-    #if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_ECDSA_C)
             *p = (( hash << 8 ) | MBEDTLS_SSL_SIG_ECDSA);
             p++;
-    #endif
-    #if defined(MBEDTLS_RSA_C)
+#endif
+#if defined(MBEDTLS_RSA_C)
             *p = (( hash << 8 ) | MBEDTLS_SSL_SIG_RSA);
             p++;
-    #endif
+#endif
         }
         *p = MBEDTLS_TLS1_3_SIG_NONE;
         ssl->handshake->sig_algs_heap_allocated = 1;
@@ -4055,7 +4055,6 @@
                                   const int *hashes )
 {
     conf->sig_hashes = hashes;
-    conf->sig_algs = NULL;
 }
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
@@ -6478,8 +6477,9 @@
 };
 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 static uint16_t ssl_preset_default_sig_algs[] = {
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+
     /* ECDSA algorithms */
 #if defined(MBEDTLS_ECDSA_C)
 #if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
@@ -6498,11 +6498,14 @@
     MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
 #endif
     MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
     MBEDTLS_TLS1_3_SIG_NONE
 };
 
 static uint16_t ssl_preset_suiteb_sig_algs[] = {
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
     /* ECDSA algorithms */
 #if defined(MBEDTLS_ECDSA_C)
 #if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
@@ -6518,10 +6521,10 @@
     MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
 #endif
     MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
     MBEDTLS_TLS1_3_SIG_NONE
 };
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 #endif
 
 static uint16_t ssl_preset_suiteb_groups[] = {
@@ -6936,7 +6939,7 @@
                                 mbedtls_md_type_t md )
 {
 
-    const uint16_t *sig_alg = mbedtls_ssl_conf_get_sig_algs( ssl->conf );
+    const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs( ssl );
     if( sig_alg == NULL )
         return( -1 );
 
@@ -7450,8 +7453,11 @@
      * Write supported_signature_algorithms
      */
     supported_sig_alg = p;
-    for( const uint16_t *sig_alg = mbedtls_ssl_conf_get_sig_algs( ssl->conf );
-         *sig_alg != MBEDTLS_TLS1_3_SIG_NONE; sig_alg++ )
+    const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs( ssl );
+    if( sig_alg == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_CONFIG );
+
+    for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE; sig_alg++ )
     {
         MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
         MBEDTLS_PUT_UINT16_BE( *sig_alg, p, 0 );