From 623e7b44228da70fde459b9552f67ea7504877ee Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 5 Mar 2019 16:02:15 +0000 Subject: [PATCH] ssl_client2: Skip CA setup if `ca_path` or `ca_file` argument "none" This allows to test PSK-based ciphersuites via ssl_client2 in builds which have MBEDTLS_X509_CRT_PARSE_C enabled but both MBEDTLS_FS_IO and MBEDTLS_CERTS_C disabled. A similar change is applied to the `crt_file` and `key_file` arguments. --- programs/ssl/ssl_client2.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index dcf94f894..55e8b9b8d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1497,17 +1497,17 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Loading the CA root certificate ..." ); fflush( stdout ); + if( strcmp( opt.ca_path, "none" ) == 0 || + strcmp( opt.ca_file, "none" ) == 0 ) + { + ret = 0; + } + else #if defined(MBEDTLS_FS_IO) if( strlen( opt.ca_path ) ) - if( strcmp( opt.ca_path, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); + ret = mbedtls_x509_crt_parse_path( &cacert, opt.ca_path ); else if( strlen( opt.ca_file ) ) - if( strcmp( opt.ca_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); + ret = mbedtls_x509_crt_parse_file( &cacert, opt.ca_file ); else #endif #if defined(MBEDTLS_CERTS_C) @@ -1555,12 +1555,12 @@ int main( int argc, char *argv[] ) mbedtls_printf( " . Loading the client cert. and key..." ); fflush( stdout ); + if( strcmp( opt.crt_file, "none" ) == 0 ) + ret = 0; + else #if defined(MBEDTLS_FS_IO) if( strlen( opt.crt_file ) ) - if( strcmp( opt.crt_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); + ret = mbedtls_x509_crt_parse_file( &clicert, opt.crt_file ); else #endif #if defined(MBEDTLS_CERTS_C) @@ -1580,12 +1580,12 @@ int main( int argc, char *argv[] ) goto exit; } + if( strcmp( opt.key_file, "none" ) == 0 ) + ret = 0; + else #if defined(MBEDTLS_FS_IO) if( strlen( opt.key_file ) ) - if( strcmp( opt.key_file, "none" ) == 0 ) - ret = 0; - else - ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); + ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" ); else #endif #if defined(MBEDTLS_CERTS_C)