commit dc953e8c41fb1894021377415bfb894aad46e3e1
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Nov 25 17:27:39 2013 +0100
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Nov 26 15:19:57 2013 +0100
tree 58d1347af2449a50dc0de9f0036e15a97ed4fc96
parent 3eaa8e7005c727e73f0104158acc49daa53e643d

Add missing defines/cases for RSA_PSK key exchange

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 3cde375..53ed937 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1988,6 +1988,7 @@
     SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
 
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
     {
@@ -2013,6 +2014,7 @@
     SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
 
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
     {

library/ssl_srv.c

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 12ccb12..33ce2bc 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1777,6 +1777,7 @@
     SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
 
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
     {
@@ -1803,6 +1804,7 @@
     ssl->state++;
 
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
         ssl->authmode == SSL_VERIFY_NONE )
@@ -2689,6 +2691,7 @@
     SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
 
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
     {
@@ -2717,6 +2720,7 @@
     SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
 
     if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
         ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
     {

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a05b21e..c1e3d37 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2315,6 +2315,7 @@
  * Handshake functions
  */
 #if !defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)       && \
+    !defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)   && \
     !defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)   && \
     !defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
     !defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
@@ -2487,7 +2488,8 @@
     }
 
     if( ssl->endpoint == SSL_IS_SERVER &&
-        ssl->authmode == SSL_VERIFY_NONE )
+        ( ssl->authmode == SSL_VERIFY_NONE ||
+          ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) )
     {
         ssl->session_negotiate->verify_result = BADCERT_SKIP_VERIFY;
         SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );