commit a64acd4f840ef993baf17541c74514b658392545
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Jul 23 18:30:45 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Oct 21 16:30:18 2014 +0200
tree b27b8801ccc3657ecf207a13a1674407f0dfa63b
parent 7d38d215b108bbaa23ff1a22c06f1938866c634e

Add separate SSL_COOKIE_C define

include/polarssl/check_config.h

diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h
index 9fa19c8..56d8441 100644
--- a/include/polarssl/check_config.h
+++ b/include/polarssl/check_config.h
@@ -263,6 +263,10 @@
 #error "Illegal protocol selection"
 #endif
 
+#if defined(POLARSSL_SSL_COOKIE_C) && !defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#error "POLARSSL_SSL_COOKIE_C  defined, but not all prerequisites"
+#endif
+
 #if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) &&                              \
     ( !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_SSL_PROTO_DTLS) )
 #error "POLARSSL_SSL_DTLS_HELLO_VERIFY  defined, but not all prerequisites"

include/polarssl/config.h

diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 4988f39..abca55f 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -1931,6 +1931,18 @@
 #define POLARSSL_SSL_CACHE_C
 
 /**
+ * \def POLARSSL_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module:  library/ssl_cookie.c
+ * Caller:
+ *
+ * Requires: POLARSSL_SSL_DTLS_HELLO_VERIFY
+ */
+#define POLARSSL_SSL_COOKIE_C
+
+/**
  * \def POLARSSL_SSL_CLI_C
  *
  * Enable the SSL/TLS client code.

library/ssl_cookie.c

diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index abf9e15..86cdc12 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -33,7 +33,7 @@
 #include POLARSSL_CONFIG_FILE
 #endif
 
-#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#if defined(POLARSSL_SSL_COOKIE_C)
 
 #include "polarssl/ssl_cookie.h"
 

programs/ssl/ssl_server2.c

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 3186acc..62eea28 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -81,7 +81,7 @@
 #include "polarssl/ssl_cache.h"
 #endif
 
-#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#if defined(POLARSSL_SSL_COOKIE_C)
 #include "polarssl/ssl_cookie.h"
 #endif
 
@@ -605,7 +605,7 @@
 #endif
     const char *pers = "ssl_server2";
     unsigned char client_ip[16] = { 0 };
-#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#if defined(POLARSSL_SSL_COOKIE_C)
     ssl_cookie_ctx cookie_ctx;
 #endif
 
@@ -665,7 +665,7 @@
 #if defined(POLARSSL_SSL_ALPN)
     memset( (void *) alpn_list, 0, sizeof( alpn_list ) );
 #endif
-#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#if defined(POLARSSL_SSL_COOKIE_C)
     ssl_cookie_init( &cookie_ctx );
 #endif
 
@@ -1354,7 +1354,7 @@
         ssl_set_session_ticket_lifetime( &ssl, opt.ticket_timeout );
 #endif
 
-#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#if defined(POLARSSL_SSL_COOKIE_C)
     if( opt.transport == SSL_TRANSPORT_DATAGRAM )
     {
         if( ( ret = ssl_cookie_setup( &cookie_ctx,
@@ -1860,7 +1860,7 @@
 #if defined(POLARSSL_SSL_CACHE_C)
     ssl_cache_free( &cache );
 #endif
-#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY)
+#if defined(POLARSSL_SSL_COOKIE_C)
     ssl_cookie_free( &cookie_ctx );
 #endif