Merge remote-tracking branch 'upstream-public/pr/1423' into development-proposed
diff --git a/ChangeLog b/ChangeLog
index 1b5659a..ec8cc99 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,10 @@
OpenVPN Inc. Fixes #1339
* Add support for public keys encoded in PKCS#1 format. #1122
+New deprecations
+ * Deprecate support for record compression (configuration option
+ MBEDTLS_ZLIB_SUPPORT).
+
Bugfix
* Fix the name of a DHE parameter that was accidentally changed in 2.7.0.
Fixes #1358.
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index c7ba174..b5905ef 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1542,6 +1542,9 @@
*
* \note Currently compression can't be used with DTLS.
*
+ * \deprecated This feature is deprecated and will be removed
+ * in the next major revision of the library.
+ *
* Used in: library/ssl_tls.c
* library/ssl_cli.c
* library/ssl_srv.c
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5ee9e9d..dffc162 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -49,6 +49,15 @@
#endif
#if defined(MBEDTLS_ZLIB_SUPPORT)
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will be removed in the next major revision of the library"
+#endif
+
+#if defined(MBEDTLS_DEPRECATED_REMOVED)
+#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set"
+#endif
+
#include "zlib.h"
#endif