From bc5308cb9a54fe0ed74aebbc023e32e9a16234bb Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 9 Sep 2019 11:38:51 +0100
Subject: [PATCH] ssl_cli/srv2: Indicate nss_keylog and eap_tls are mut.
 exclusive

---
 programs/ssl/ssl_client2.c | 9 ++++++++-
 programs/ssl/ssl_server2.c | 9 ++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index c29768a65..5e9ad3df8 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -234,7 +234,8 @@ int main( void )
 #define USAGE_EAP_TLS                                       \
     "    eap_tls=%%d          default: 0 (disabled)\n"
 #define USAGE_NSS_KEYLOG                                    \
-    "    nss_keylog=%%d          default: 0 (disabled)\n"
+    "    nss_keylog=%%d          default: 0 (disabled)\n"               \
+    "                             This cannot be used with eap_tls=1\n"
 #define USAGE_NSS_KEYLOG_FILE                               \
     "    nss_keylog_file=%%s\n"
 #else
@@ -1707,6 +1708,12 @@ int main( int argc, char *argv[] )
             goto usage;
     }
 
+    if( opt.nss_keylog != 0 && opt.eap_tls != 0 )
+    {
+        mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" );
+        goto usage;
+    }
+
     /* Event-driven IO is incompatible with the above custom
      * receive and send functions, as the polling builds on
      * refers to the underlying net_context. */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f77026297..3683f3cf6 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -311,7 +311,8 @@ int main( void )
 #define USAGE_EAP_TLS                                       \
     "    eap_tls=%%d          default: 0 (disabled)\n"
 #define USAGE_NSS_KEYLOG                                    \
-    "    nss_keylog=%%d          default: 0 (disabled)\n"
+    "    nss_keylog=%%d          default: 0 (disabled)\n"   \
+    "                             This cannot be used with eap_tls=1\n"
 #define USAGE_NSS_KEYLOG_FILE                               \
     "    nss_keylog_file=%%s\n"
 #else
@@ -2424,6 +2425,12 @@ int main( int argc, char *argv[] )
             goto usage;
     }
 
+    if( opt.nss_keylog != 0 && opt.eap_tls != 0 )
+    {
+        mbedtls_printf( "Error: eap_tls and nss_keylog options cannot be used together.\n" );
+        goto usage;
+    }
+
     /* Event-driven IO is incompatible with the above custom
      * receive and send functions, as the polling builds on
      * refers to the underlying net_context. */