Skip ECJPAKE suite in ClientHello if no pw set up When we don't have a password, we want to skip the costly process of generating the extension. So for consistency don't offer the ciphersuite without the extension.

commit: ddf97a6c92cbfe66264e84addcb60dbd1a1f51d8 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 16 09:58:31 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 16 22:58:29 2015 +0200
tree: 06f92332067fc00851135a4d2fa09e14b38d764b
parent: 538cb7b0b4c4022ca89f982f746de679e4f4af01 [diff] [blame]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index cacab33..e8cb0f1 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -723,6 +723,12 @@
             continue;
 #endif
 
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
+            mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
+            continue;
+#endif
+
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d",
                        ciphersuites[i] ) );
commit	ddf97a6c92cbfe66264e84addcb60dbd1a1f51d8	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 16 09:58:31 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 16 22:58:29 2015 +0200
tree	06f92332067fc00851135a4d2fa09e14b38d764b
parent	538cb7b0b4c4022ca89f982f746de679e4f4af01 [diff] [blame]