Depend on ECJPAKE key exchange, not module This is more consistent, as it doesn't make any sense for a user to be able to set up an EC J-PAKE password with TLS if the corresponding key exchange is disabled. Arguably this is what we should de for other key exchanges as well instead of depending on ECDH_C etc, but this is an independent issue, so let's just do the right thing with the new key exchange and fix the other ones later. (This is a marginal issue anyway, since people who disable all ECDH key exchange are likely to also disable ECDH_C in order to minimize footprint.)

commit: eef142d7538e3b8211cafbdc1c1ab4aeac44dd21 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 16 10:05:04 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 16 22:58:29 2015 +0200
tree: 6627250d9c775aaf7fe1e30e27d3681e520008e2
parent: ddf97a6c92cbfe66264e84addcb60dbd1a1f51d8 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 04c3098..3d73da9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -1676,7 +1676,7 @@
                   void *p_sni );
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
 
-#if defined(MBEDTLS_ECJPAKE_C)
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
 /**
  * \brief          Set the EC J-PAKE password for current handshake.
  *
@@ -1697,7 +1697,7 @@
 int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
                                          const unsigned char *pw,
                                          size_t pw_len );
-#endif /*MBEDTLS_ECJPAKE_C */
+#endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
 
 #if defined(MBEDTLS_SSL_ALPN)
 /**
commit	eef142d7538e3b8211cafbdc1c1ab4aeac44dd21	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 16 10:05:04 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 16 22:58:29 2015 +0200
tree	6627250d9c775aaf7fe1e30e27d3681e520008e2
parent	ddf97a6c92cbfe66264e84addcb60dbd1a1f51d8 [diff] [blame]