| /** |
| * \file mbedtls/config_adjust_ssl.h |
| * \brief Adjust TLS configuration |
| * |
| * Automatically enable certain dependencies. Generally, MBEDLTS_xxx |
| * configurations need to be explicitly enabled by the user: enabling |
| * MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a |
| * compilation error. However, we do automatically enable certain options |
| * in some circumstances. One case is if MBEDTLS_xxx_B is an internal option |
| * used to identify parts of a module that are used by other module, and we |
| * don't want to make the symbol MBEDTLS_xxx_B part of the public API. |
| * Another case is if A didn't depend on B in earlier versions, and we |
| * want to use B in A but we need to preserve backward compatibility with |
| * configurations that explicitly activate MBEDTLS_xxx_A but not |
| * MBEDTLS_xxx_B. |
| */ |
| /* |
| * Copyright The Mbed TLS Contributors |
| * SPDX-License-Identifier: Apache-2.0 |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| * not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #ifndef MBEDTLS_CONFIG_ADJUST_SSL_H |
| #define MBEDTLS_CONFIG_ADJUST_SSL_H |
| |
| /* The following blocks make it easier to disable all of TLS, |
| * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all |
| * key exchanges, options and extensions related to them. */ |
| |
| #if !defined(MBEDTLS_SSL_TLS_C) |
| #undef MBEDTLS_SSL_CLI_C |
| #undef MBEDTLS_SSL_SRV_C |
| #undef MBEDTLS_SSL_PROTO_TLS1_3 |
| #undef MBEDTLS_SSL_PROTO_TLS1_2 |
| #undef MBEDTLS_SSL_PROTO_DTLS |
| #endif |
| |
| #if !defined(MBEDTLS_SSL_PROTO_DTLS) |
| #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY |
| #undef MBEDTLS_SSL_DTLS_CONNECTION_ID |
| #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT |
| #undef MBEDTLS_SSL_DTLS_HELLO_VERIFY |
| #undef MBEDTLS_SSL_DTLS_SRTP |
| #undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE |
| #endif |
| |
| #if !defined(MBEDTLS_SSL_PROTO_TLS1_2) |
| #undef MBEDTLS_SSL_ENCRYPT_THEN_MAC |
| #undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET |
| #undef MBEDTLS_SSL_RENEGOTIATION |
| #undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED |
| #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED |
| #endif |
| |
| #if !defined(MBEDTLS_SSL_PROTO_TLS1_3) |
| #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED |
| #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED |
| #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED |
| #undef MBEDTLS_SSL_EARLY_DATA |
| #endif |
| |
| #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ |
| (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ |
| defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)) |
| #define MBEDTLS_SSL_TLS1_2_SOME_ECC |
| #endif |
| |
| #endif /* MBEDTLS_CONFIG_ADJUST_SSL_H */ |