Fix some more warnings in reduced configs
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6462ad0..ea34f66 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1075,9 +1075,16 @@
#define MAC_PLAINTEXT 1
#define MAC_CIPHERTEXT 2
+#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
+ ( defined(POLARSSL_CIPHER_MODE_CBC) && \
+ ( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
+#define POLARSSL_SOME_MODES_USE_MAC
+#endif
+
/*
* Is MAC applied on ciphertext, cleartext or not at all?
*/
+#if defined(POLARSSL_SOME_MODES_USE_MAC)
static char ssl_get_mac_order( ssl_context *ssl,
const ssl_session *session,
cipher_mode_t mode )
@@ -1097,19 +1104,21 @@
SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
return( MAC_CIPHERTEXT );
}
+#else
+ ((void) ssl);
+ ((void) session);
#endif
return( MAC_PLAINTEXT );
}
-#endif
-
- /* Unused if AEAD is the only option */
+#else
((void) ssl);
((void) session);
- ((void) mode);
+#endif
return( MAC_NONE );
}
+#endif /* POLARSSL_SOME_MODES_USE_MAC */
/*
* Encryption/decryption functions
@@ -1119,19 +1128,14 @@
size_t i;
const cipher_mode_t mode = cipher_get_cipher_mode(
&ssl->transform_out->cipher_ctx_enc );
- char mac_order;
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
- mac_order = ssl_get_mac_order( ssl, ssl->session_out, mode );
-
/*
* Add MAC before if needed
*/
-#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
- ( defined(POLARSSL_CIPHER_MODE_CBC) && \
- ( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
- if( mac_order == MAC_PLAINTEXT )
+#if defined(POLARSSL_SOME_MODES_USE_MAC)
+ if( ssl_get_mac_order( ssl, ssl->session_out, mode ) == MAC_PLAINTEXT )
{
#if defined(POLARSSL_SSL_PROTO_SSL3)
if( ssl->minor_ver == SSL_MINOR_VERSION_0 )
@@ -1367,7 +1371,7 @@
#endif
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
- if( mac_order == MAC_CIPHERTEXT )
+ if( ssl_get_mac_order( ssl, ssl->session_out, mode ) == MAC_CIPHERTEXT )
{
/*
* MAC(MAC_write_key, seq_num +
@@ -1428,12 +1432,9 @@
size_t i;
const cipher_mode_t mode = cipher_get_cipher_mode(
&ssl->transform_in->cipher_ctx_dec );
-#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
- ( defined(POLARSSL_CIPHER_MODE_CBC) && \
- ( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
+#if defined(POLARSSL_SOME_MODES_USE_MAC)
size_t padlen = 0, correct = 1;
#endif
- char mac_order;
SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
@@ -1444,8 +1445,6 @@
return( POLARSSL_ERR_SSL_INVALID_MAC );
}
- mac_order = ssl_get_mac_order( ssl, ssl->session_in, mode );
-
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
if( mode == POLARSSL_MODE_STREAM )
{
@@ -1584,7 +1583,7 @@
* Authenticate before decrypt if enabled
*/
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
- if( mac_order == MAC_CIPHERTEXT )
+ if( ssl_get_mac_order( ssl, ssl->session_in, mode ) == MAC_CIPHERTEXT )
{
unsigned char computed_mac[POLARSSL_SSL_MAX_MAC_SIZE];
unsigned char pseudo_hdr[13];
@@ -1675,7 +1674,7 @@
padlen = 1 + ssl->in_msg[ssl->in_msglen - 1];
if( ssl->in_msglen < ssl->transform_in->maclen + padlen &&
- mac_order == MAC_PLAINTEXT )
+ ssl_get_mac_order( ssl, ssl->session_in, mode ) == MAC_PLAINTEXT )
{
#if defined(POLARSSL_SSL_DEBUG_ALL)
SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
@@ -1770,7 +1769,7 @@
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) || \
( defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_AES_C) || defined(POLARSSL_CAMELLIA_C) ) )
- if( mac_order == MAC_PLAINTEXT )
+ if( ssl_get_mac_order( ssl, ssl->session_in, mode ) == MAC_PLAINTEXT )
{
unsigned char tmp[POLARSSL_SSL_MAX_MAC_SIZE];