commit 66dc5555f0fba15fb3fa262ebb742279d2eeaa77
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu May 14 12:28:21 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu May 14 12:31:10 2015 +0200
tree f88eb2b4bbe905ef0e5535d8e28fcd0f52469040
parent 22404866af2e12eeb23d3140d8785571f9587cf5

mbedtls_ssl_conf_arc4_support() depends on ARC4_C

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index c16b6e7..f344907 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -711,9 +711,11 @@
             continue;
 #endif
 
+#if defined(MBEDTLS_ARC4_C)
         if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
             ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
             continue;
+#endif
 
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d",
                        ciphersuites[i] ) );
@@ -1405,15 +1407,17 @@
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[37 + n] ) );
 
     suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite );
-    if( suite_info == NULL ||
-        ( ssl->conf->arc4_disabled &&
-          suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) )
+    if( suite_info == NULL
+#if defined(MBEDTLS_ARC4_C)
+            || ( ssl->conf->arc4_disabled &&
+                suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
+#endif
+        )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
         return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
     }
 
-
     i = 0;
     while( 1 )
     {

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 5d04497..62c520d 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -969,12 +969,14 @@
         return( 0 );
 #endif
 
+#if defined(MBEDTLS_ARC4_C)
     if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
             suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) );
         return( 0 );
     }
+#endif
 
 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
     if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) &&

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bd010a4..39796f8 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5627,10 +5627,12 @@
 }
 #endif
 
+#if defined(MBEDTLS_ARC4_C)
 void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 )
 {
     conf->arc4_disabled = arc4;
 }
+#endif
 
 #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
 int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
@@ -6679,7 +6681,9 @@
     conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
                            mbedtls_ssl_list_ciphersuites();
 
+#if defined(MBEDTLS_ARC4_C)
     conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED;
+#endif
 
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
     conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;