From 409248a73ac5cf0a46f52e0d3138ef1e0a738d8a Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Mon, 24 Oct 2022 10:33:21 -0400 Subject: [PATCH] mbedtls_ssl_get_handshake_transcript is unusable without hashes Mark unused variables when compiling without SHA256 and SHA384. In future a proper dependency will be added to TLS 1.2 to enforce either of these hashes to be on. Signed-off-by: Andrzej Kurek --- library/ssl_tls.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c8904f288..c3bb9f92c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5261,6 +5261,13 @@ int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA*/ default: +#if !defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \ + !defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) + (void) ssl; + (void) dst; + (void) dst_len; + (void) olen; +#endif break; } return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );