Add clarifying comment
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
275afe187f
commit
97bb726e2d
1 changed files with 11 additions and 3 deletions
|
@ -304,13 +304,21 @@ typedef enum {
|
|||
#define MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED
|
||||
#endif
|
||||
|
||||
/* Key exchanges allowing client certificate requests */
|
||||
/* Key exchanges allowing client certificate requests.
|
||||
*
|
||||
* Note: that's almost the same as MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED
|
||||
* above, except RSA-PSK uses a server certificate but no client cert.
|
||||
*
|
||||
* Note: this difference is specific to TLS 1.2, as with TLS 1.3, things are
|
||||
* more symmetrical: client certs and server certs are either both allowed
|
||||
* (Ephemeral mode) or both disallowed (PSK and PKS-Ephemeral modes).
|
||||
*/
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
|
||||
#define MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED
|
||||
#endif
|
||||
|
||||
|
|
Loading…
Reference in a new issue