From cf092b2ccf6fe88ec7b6e075aa89d93cadaa059a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 6 Mar 2018 14:23:38 +0000 Subject: [PATCH] Deprecate support for record compression --- ChangeLog | 4 ++++ include/mbedtls/check_config.h | 8 ++++++++ include/mbedtls/config.h | 3 +++ 3 files changed, 15 insertions(+) diff --git a/ChangeLog b/ChangeLog index 68fb6f5e9..75a8f1186 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,10 @@ Features OpenVPN Inc. Fixes #1339 * Add support for public keys encoded in PKCS#1 format. #1122 +New deprecations + * Deprecate support for record compression (configuration option + MBEDTLS_ZLIB_SUPPORT). + Bugfix * Fix the name of a DHE parameter that was accidentally changed in 2.7.0. Fixes #1358. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index be8033296..655612e20 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -66,6 +66,14 @@ #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense" #endif +#if defined(MBEDTLS_ZLIB_SUPPORT) && defined(MBEDTLS_DEPRECATED_WARNING) +#warning "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and will likely be removed in a future version of the library" +#endif + +#if defined(MBEDTLS_ZLIB_SUPPORT) && defined(MBEDTLS_DEPRECATED_REMOVED) +#error "Record compression support via MBEDTLS_ZLIB_SUPPORT is deprecated and cannot be used if MBEDTLS_DEPRECATED_REMOVED is set" +#endif + #if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM) #error "MBEDTLS_AESNI_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 1c98558eb..05f67fa3c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1541,6 +1541,9 @@ * * \note Currently compression can't be used with DTLS. * + * \deprecated This feature is deprecated and will likely be removed + * in a future version of the library. + * * Used in: library/ssl_tls.c * library/ssl_cli.c * library/ssl_srv.c