Remove MBEDTLS_SSL_EXPORT_KEYS, making it always on

This option only gated an ability to set a callback, but was deemed unnecessary as it was yet another define to remember when writing tests, or test configurations. Fixes #4653. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2025-08-08 17:42:09 +03:00 · 2021-09-28 10:00:32 -04:00
parent b19be6b5f3
commit 5902cd64e2
10 changed files with 10 additions and 62 deletions
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -278,7 +278,6 @@ int main( void )
 #define USAGE_TICKETS ""
 #endif /* MBEDTLS_SSL_SESSION_TICKETS */

-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
 #define USAGE_EAP_TLS                                       \
    "    eap_tls=%%d          default: 0 (disabled)\n"
 #define USAGE_NSS_KEYLOG                                    \
@@ -299,12 +298,6 @@ int main( void )
 #else /* MBEDTLS_SSL_DTLS_SRTP */
 #define USAGE_SRTP ""
 #endif
-#else /* MBEDTLS_SSL_EXPORT_KEYS */
-#define USAGE_EAP_TLS ""
-#define USAGE_NSS_KEYLOG ""
-#define USAGE_NSS_KEYLOG_FILE ""
-#define USAGE_SRTP ""
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */

 #if defined(MBEDTLS_SSL_CACHE_C)
 #define USAGE_CACHE                                             \
@@ -1365,7 +1358,6 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
    psa_status_t status;
 #endif
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
    unsigned char eap_tls_keymaterial[16];
    unsigned char eap_tls_iv[8];
    const char* eap_tls_label = "client EAP encryption";
@@ -1383,7 +1375,6 @@ int main( int argc, char *argv[] )
         MBEDTLS_TLS_SRTP_UNSET
     };
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */

 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
    mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
@@ -2966,7 +2957,6 @@ int main( int argc, char *argv[] )
        goto exit;
    }

-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
    if( opt.eap_tls != 0 )
    {
        mbedtls_ssl_set_export_keys_cb( &ssl, eap_tls_key_derivation,
@@ -2985,7 +2975,6 @@ int main( int argc, char *argv[] )
                                        &dtls_srtp_keying );
    }
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */

    io_ctx.ssl = &ssl;
    io_ctx.net = &client_fd;
@@ -3251,7 +3240,6 @@ handshake:
 #endif /* MBEDTLS_X509_REMOVE_INFO */
 #endif /* MBEDTLS_X509_CRT_PARSE_C */

-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
    if( opt.eap_tls != 0 )
    {
        size_t j = 0;
@@ -3369,7 +3357,6 @@ handshake:
        }
    }
 #endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */

 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    ret = report_cid_usage( &ssl, "initial handshake" );