Add definitions for enforce flag values
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 6a6d8ae..38546ac 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -158,6 +158,9 @@
#define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0
#define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1
+#define MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED 0
+#define MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED 1
+
#define MBEDTLS_SSL_CID_DISABLED 0
#define MBEDTLS_SSL_CID_ENABLED 1
@@ -2834,10 +2837,10 @@
*
* \param conf SSL configuration
* \param ems_enf MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED or
- * MBEDTLS_SSL_EXTENDED_MS_DISABLED
+ * MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED
*/
void mbedtls_ssl_conf_extended_master_secret_enforce( mbedtls_ssl_config *conf,
- char ems_enf);
+ char ems_enf );
#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
#if defined(MBEDTLS_ARC4_C)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8cf9a49..ca9131a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8343,7 +8343,7 @@
}
void mbedtls_ssl_conf_extended_master_secret_enforce( mbedtls_ssl_config *conf,
- char ems_enf);
+ char ems_enf );
{
conf->enforce_extended_master_secret = ems_enf;
}
@@ -10301,6 +10301,8 @@
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+ conf->enforce_extended_master_secret =
+ MBEDTLS_SSL_EXTENDED_MS_ENFORCE_ENABLED;
#endif
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)