Making sure that keep peer certificate option is set when server cert verification is used.

commit: c7f6d7f75cec386d0147909c7522ee57d587eae2 [log] [tgz]
author: Hannes Tschofenig <hannes.tschofenig@arm.com> Thu Dec 03 15:47:31 2020 +0100
committer: Hannes Tschofenig <hannes.tschofenig@arm.com> Thu Dec 03 15:47:31 2020 +0100
tree: df4b44f7a32febb72a8b3fd12540d5cb133214c4
parent: b0b1cdc059ab5d43539e147d10d6dba9b976c630 [diff] [blame]
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 6e7c270..13bd50c 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -910,6 +910,10 @@
 #undef MBEDTLS_HASHES_ENABLED
 #endif /* MBEDTLS_MD_SINGLE_HASH */
 
+#if defined(MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION) && !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+#error "MBEDTLS_DELAYED_SERVER_CERT_VERIFICATION can only be used with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE"
+#endif
+
 /*
  * Note: the dependency on TinyCrypt is reflected in several ways in the code:
  *
commit	c7f6d7f75cec386d0147909c7522ee57d587eae2	[log] [tgz]
author	Hannes Tschofenig <hannes.tschofenig@arm.com>	Thu Dec 03 15:47:31 2020 +0100
committer	Hannes Tschofenig <hannes.tschofenig@arm.com>	Thu Dec 03 15:47:31 2020 +0100
tree	df4b44f7a32febb72a8b3fd12540d5cb133214c4
parent	b0b1cdc059ab5d43539e147d10d6dba9b976c630 [diff] [blame]