Allow compile-time configuration of DTLS anti replay Introduce MBEDTLS_SSL_CONF_ANTI_REPLAY to allow configuring the use/nonuse of DTLS anti replay protection at compile-time. Impact on code-size, measured with > ./scripts/baremetal.sh --rom --gcc --armc5 --armc6 | | GCC | ARMC5 | ARMC6 | | --- | --- | --- | --- | | `libmbedtls.a` before | 23559 | 24089 | 27921 | | `libmbedtls.a` after | 23511 | 24049 | 27903 | | gain in Bytes | 48 | 40 | 18 |

commit: 7f376f4ece7a3e71a51c91f094fe99981ca6f46f [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Wed Jun 12 16:20:48 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Tue Jun 25 08:43:31 2019 +0100
tree: c98a972eedc0169732f9c79ae67979aaaee588b8
parent: af5ab918d92313c938a5628aa6e24fd3a288353c [diff] [blame]
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 2116521..1ff34dc 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -3450,6 +3450,9 @@
  * \{
  */
 
+/* DTLS Anti replay */
+//#define MBEDTLS_SSL_CONF_ANTI_REPLAY MBEDTLS_SSL_ANTI_REPLAY_ENABLED
+
 /* ExtendedMasterSecret extension
  * The following two options must be set/unset simultaneously. */
 //#define MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET MBEDTLS_SSL_EXTENDED_MS_ENABLED
commit	7f376f4ece7a3e71a51c91f094fe99981ca6f46f	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Wed Jun 12 16:20:48 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jun 25 08:43:31 2019 +0100
tree	c98a972eedc0169732f9c79ae67979aaaee588b8
parent	af5ab918d92313c938a5628aa6e24fd3a288353c [diff] [blame]