commit 2d59dbc0323d30570a51d2ab36c067f9b3be6759
author Andrzej Kurek <andrzej.kurek@arm.com> Thu Oct 13 08:34:38 2022 -0400
committer Andrzej Kurek <andrzej.kurek@arm.com> Wed Oct 19 08:35:08 2022 -0400
tree c7dec322fda640ff08e494a6d32fd1f62403f305
parent 894edde9915bc34c814f5571d1b246f30a6337f7

Use TLS prf only if TLS 1.2 is compiled in

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 50a233d..7792957 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4046,7 +4046,9 @@
     const unsigned char * const end = buf + len;
     size_t session_len;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
     tls_prf_fn prf_func = NULL;
+#endif
 
     /*
      * The context should have been freshly setup or reset.
@@ -4132,6 +4134,7 @@
     ssl->transform_out = ssl->transform;
     ssl->transform_negotiate = NULL;
 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
     prf_func = ssl_tls12prf_from_cs( ssl->session->ciphersuite );
     if( prf_func == NULL )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -4139,7 +4142,7 @@
     /* Read random bytes and populate structure */
     if( (size_t)( end - p ) < sizeof( ssl->transform->randbytes ) )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+
     ret = ssl_tls12_populate_transform( ssl->transform,
                   ssl->session->ciphersuite,
                   ssl->session->master,