Remove dependency from SSL on PK internals
So far, with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled, the SSL module relied
on a undocumented feature of the PK module: that you can distinguish between
contexts that have been setup and context that haven't. This feature is going
to go away in the case of PK_SINGLE_TYPE, as we'll soon (as in: the next
commit does that) no longer be storing the (now two-valued) pk_info member.
Note even with this change, we could still distinguish if the context has been
set up by look if pk_ctx is NULL or not, but this is also going away in the
near future (a few more commits down the road), so not a good option either.
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index a98a458..826581a 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -382,9 +382,9 @@
*/
struct mbedtls_ssl_handshake_params
{
- /*
- * Handshake specific crypto variables
- */
+#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+ uint8_t got_peer_pubkey; /*!< Did we store the peer's public key from its certificate? */
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
unsigned char verify_cookie_len; /*!< Cli: cookie length
Srv: flag for sending a cookie */