Introduce helper macro indicating if use of ExtendedMS is enforced

commit: 3010d55a3b7f656dcbbc6f55178a75a92cfedab0 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue Jun 11 14:46:16 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Tue Jun 25 08:42:20 2019 +0100
tree: 70ec924a59c2af324b72e24782fc4aec7499f258
parent: 03b64fa6c12140793aaad7a25df906ad70182bda [diff]
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 3eb37b8..e188c97 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -321,6 +321,18 @@
 #define MBEDTLS_SSL_TRANSPORT_ELSE                  /* empty: no other branch */
 #endif /* TLS and/or DTLS */
 
+/* Check if the use of the ExtendedMasterSecret extension
+ * is enforced at compile-time. If so, we don't need to
+ * track its status in the handshake parameters. */
+#if defined(MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET)         && \
+    defined(MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET) && \
+    MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET ==                  \
+      MBEDTLS_SSL_EXTENDED_MS_ENABLED                        && \
+    MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET ==          \
+      MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED
+#define MBEDTLS_SSL_EXTENDED_MS_ENFORCED
+#endif
+
 #ifdef __cplusplus
 extern "C" {
 #endif
commit	3010d55a3b7f656dcbbc6f55178a75a92cfedab0	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue Jun 11 14:46:16 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jun 25 08:42:20 2019 +0100
tree	70ec924a59c2af324b72e24782fc4aec7499f258
parent	03b64fa6c12140793aaad7a25df906ad70182bda [diff]