commit b541da6ef394d1da303a7408821c100a56a27bc2
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Jun 17 11:43:30 2015 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Jun 17 14:27:38 2015 +0200
tree ac8b003472bc161167adf1da3b7e081ecc6fb2e0
parent 6e3ee3ad43e2a194bdf462fb9ef9a46edad6484c

Fix define for ssl_conf_curves()

This is a security feature, it shouldn't be optional.

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 72ce76f..3d3f3d1 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -255,7 +255,7 @@
     unsigned char *elliptic_curve_list = p + 6;
     size_t elliptic_curve_len = 0;
     const mbedtls_ecp_curve_info *info;
-#if defined(MBEDTLS_SSL_SET_CURVES)
+#if defined(MBEDTLS_ECP_C)
     const mbedtls_ecp_group_id *grp_id;
 #else
     ((void) ssl);
@@ -265,7 +265,7 @@
 
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
 
-#if defined(MBEDTLS_SSL_SET_CURVES)
+#if defined(MBEDTLS_ECP_C)
     for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ )
     {
         info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
@@ -1683,7 +1683,7 @@
 
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
 
-#if defined(MBEDTLS_SSL_SET_CURVES)
+#if defined(MBEDTLS_ECP_C)
     if( ! mbedtls_ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
 #else
     if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||