Use library default for trunc-hmac in ssl_client2

This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-09 12:43:35 +01:00
parent e117a8fc0d
commit 265fe997ff

View file

@ -90,7 +90,7 @@ int main( int argc, char *argv[] )
#define DFL_MAX_VERSION -1 #define DFL_MAX_VERSION -1
#define DFL_AUTH_MODE SSL_VERIFY_REQUIRED #define DFL_AUTH_MODE SSL_VERIFY_REQUIRED
#define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE #define DFL_MFL_CODE SSL_MAX_FRAG_LEN_NONE
#define DFL_TRUNC_HMAC 0 #define DFL_TRUNC_HMAC -1
#define DFL_RECONNECT 0 #define DFL_RECONNECT 0
#define DFL_RECO_DELAY 0 #define DFL_RECO_DELAY 0
#define DFL_TICKETS SSL_SESSION_TICKETS_ENABLED #define DFL_TICKETS SSL_SESSION_TICKETS_ENABLED
@ -262,7 +262,7 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
#if defined(POLARSSL_SSL_TRUNCATED_HMAC) #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
#define USAGE_TRUNC_HMAC \ #define USAGE_TRUNC_HMAC \
" trunc_hmac=%%d default: 0 (disabled)\n" " trunc_hmac=%%d default: library default\n"
#else #else
#define USAGE_TRUNC_HMAC "" #define USAGE_TRUNC_HMAC ""
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #endif /* POLARSSL_SSL_TRUNCATED_HMAC */
@ -656,9 +656,12 @@ int main( int argc, char *argv[] )
} }
else if( strcmp( p, "trunc_hmac" ) == 0 ) else if( strcmp( p, "trunc_hmac" ) == 0 )
{ {
opt.trunc_hmac = atoi( q ); switch( atoi( q ) )
if( opt.trunc_hmac < 0 || opt.trunc_hmac > 1 ) {
goto usage; case 0: opt.trunc_hmac = SSL_TRUNC_HMAC_DISABLED; break;
case 1: opt.trunc_hmac = SSL_TRUNC_HMAC_ENABLED; break;
default: goto usage;
}
} }
else else
goto usage; goto usage;
@ -934,12 +937,8 @@ int main( int argc, char *argv[] )
#endif #endif
#if defined(POLARSSL_SSL_TRUNCATED_HMAC) #if defined(POLARSSL_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != 0 ) if( opt.trunc_hmac != DFL_TRUNC_HMAC )
if( ( ret = ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED ) ) != 0 ) ssl_set_truncated_hmac( &ssl, opt.trunc_hmac );
{
printf( " failed\n ! ssl_set_truncated_hmac returned %d\n\n", ret );
goto exit;
}
#endif #endif
#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)