Better guarding on TLS 1.3.

anhu · anhu · commit b4112f075ff6 · 2024-07-23T13:49:57.000-04:00
diff --git a/tls/client-tls-posthsauth.c b/tls/client-tls-posthsauth.c
@@ -39,7 +39,7 @@
 #include <wolfssl/wolfio.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
-#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
+#if defined(WOLFSSL_POST_HANDSHAKE_AUTH) && defined(WOLFSSL_TLS13)
 #define DEFAULT_PORT 11111
 
 #define CERT_FILE "../certs/client-cert.pem"
@@ -49,7 +49,6 @@
 int main(int argc, char** argv)
 {
     int ret = 0;
-#ifdef WOLFSSL_TLS13
     int                sockfd = SOCKET_INVALID;
     struct sockaddr_in servAddr;
     char               buff[256];
@@ -210,18 +209,13 @@ int main(int argc, char** argv)
     if (ctx)
         wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
     wolfSSL_Cleanup();          /* Cleanup the wolfSSL environment          */
-#else
-    printf("Example requires TLS v1.3\n");
-#endif
-    (void)argc;
-    (void)argv;
-
     return ret;
 }
 #else
 int main() {
     fprintf(stderr, "Please configure with --enable-postauth or compile with "
-                    "WOLFSSL_POST_HANDSHAKE_AUTH defined.\n");
+                    "WOLFSSL_POST_HANDSHAKE_AUTH defined. Do not disable "
+                    "TLS 1.3.\n");
     return 0;
 }
-#endif /* WOLFSSL_POST_HANDSHAKE_AUTH */
+#endif /* WOLFSSL_POST_HANDSHAKE_AUTH && WOLFSSL_TLS13 */
diff --git a/tls/server-tls-posthsauth.c b/tls/server-tls-posthsauth.c
@@ -44,7 +44,7 @@
 #include <wolfssl/wolfio.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
-#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
+#if defined(WOLFSSL_POST_HANDSHAKE_AUTH) && defined(WOLFSSL_TLS13)
 #define DEFAULT_PORT 11111
 
 #define CERT_FILE "../certs/server-cert.pem"
@@ -76,7 +76,6 @@ static void sig_handler(const int sig)
 int main(int argc, char** argv)
 {
     int ret = 0;
-#ifdef WOLFSSL_TLS13
     struct sockaddr_in servAddr;
     struct sockaddr_in clientAddr;
     socklen_t          size = sizeof(clientAddr);
@@ -289,20 +288,13 @@ int main(int argc, char** argv)
     if (ctx)
         wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
     wolfSSL_Cleanup();          /* Cleanup the wolfSSL environment          */
-
-#else
-    printf("Example requires TLS v1.3\n");
-#endif /* WOLFSSL_TLS13 */
-
-    (void)argc;
-    (void)argv;
-
     return ret;
 }
 #else
 int main() {
     fprintf(stderr, "Please configure with --enable-postauth or compile with "
-                    "WOLFSSL_POST_HANDSHAKE_AUTH defined.\n");
+                    "WOLFSSL_POST_HANDSHAKE_AUTH defined. Do not disable "
+                    "TLS 1.3.\n");
     return 0;
 }
-#endif /* WOLFSSL_POST_HANDSHAKE_AUTH */
+#endif /* WOLFSSL_POST_HANDSHAKE_AUTH && WOLFSSL_TLS13 */
