TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ddfe5d20d1290d98cb00df7838d997c0e2e67086^! / .
commitddfe5d20d1290d98cb00df7838d997c0e2e67086[log] [tgz]
authorManuel Pégourié-Gonnard <mpg2@elzevir.fr>Wed Sep 09 12:46:16 2015 +0200
committerManuel Pégourié-Gonnard <mpg2@elzevir.fr>Wed Sep 09 12:46:16 2015 +0200
tree952a42108a77f6498f80ae0d352cd2e52fccbbc6
parent2ed05a049ab0b565f5460148c0f7f01f89aed5ab [diff]
Tune dependencies

Don't depend on srv.c in config.h, but add explicit checks. This is more
in line with other options that only make sense server-side, and also it
allows to test full config minus srv.c more easily.

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 2280cab..8dadbe1 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h

@@ -422,7 +422,7 @@
 #endif
 
 #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \
-    ( !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) || !defined(MBEDTLS_SSL_SRV_C) )
+    !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
 #error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE  defined, but not all prerequisites"
 #endif
 

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 381e82b..9fdac60 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -1145,7 +1145,6 @@
  * flag enables that support.
  *
  * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *           MBEDTLS_SSL_SRV_C
  *
  * Comment this to disable support for clients reusing the source port.
  */

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b631e26..66745d5 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3250,7 +3250,7 @@
 }
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
 
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
 /* Forward declaration */
 static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );
 
@@ -3437,7 +3437,7 @@
 
     return( ret );
 }
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
 
 /*
  * ContentType type;
@@ -3533,7 +3533,7 @@
                                         "expected %d, received %d",
                                         ssl->in_epoch, rec_epoch ) );
 
-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
             /*
              * Check for an epoch 0 ClientHello. We can't use in_msg here to
              * access the first byte of record content (handshake type), as we
@@ -3551,7 +3551,7 @@
                 return( ssl_handle_possible_reconnect( ssl ) );
             }
             else
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
                 return( MBEDTLS_ERR_SSL_INVALID_RECORD );
         }