Add compile-guard for < TLS1.2 path in server-side ssl_pick_cert() Minor code-size optimization along the way.

commit: 828a8c08b60a25a6e7b997dfcd215de0693a0f73 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue Feb 26 16:48:55 2019 +0000
committer: Hanno Becker <hanno.becker@arm.com> Tue Jun 25 09:06:26 2019 +0100
tree: 81e0c9611bad244fc9aec7246b37bcdd07b0a4c5
parent: c69c4465b638963e1aac5e9601d492394d51adaa [diff] [blame]
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f661d11..f00e44b 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -862,6 +862,8 @@
             continue;
         }
 
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
         /*
          * Try to select a SHA-1 certificate for pre-1.2 clients, but still
          * present them a SHA-higher cert rather than failing if it's the only
@@ -890,6 +892,9 @@
                 continue;
             }
         }
+#endif /* MBEDTLS_SSL_PROTO_TLS1   ||
+          MBEDTLS_SSL_PROTO_TLS1_1 ||
+          MBEDTLS_SSL_PROTO_SSL3 */
 
         /* If we get there, we got a winner */
         break;
commit	828a8c08b60a25a6e7b997dfcd215de0693a0f73	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue Feb 26 16:48:55 2019 +0000
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jun 25 09:06:26 2019 +0100
tree	81e0c9611bad244fc9aec7246b37bcdd07b0a4c5
parent	c69c4465b638963e1aac5e9601d492394d51adaa [diff] [blame]