Tune dependencies

Don't depend on srv.c in config.h, but add explicit checks. This is more in line with other options that only make sense server-side, and also it allows to test full config minus srv.c more easily.
2015-09-09 12:46:16 +02:00 · 2015-09-09 12:46:16 +02:00 · ddfe5d20d1
commit ddfe5d20d1
parent 2ed05a049a
3 changed files with 5 additions and 6 deletions
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@ -422,7 +422,7 @@
 #endif

 #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \
-    ( !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) || !defined(MBEDTLS_SSL_SRV_C) )
+    !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
 #error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE  defined, but not all prerequisites"
 #endif

--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -1145,7 +1145,6 @@
 * flag enables that support.
 *
 * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *           MBEDTLS_SSL_SRV_C
 *
 * Comment this to disable support for clients reusing the source port.
 */
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -3250,7 +3250,7 @@ void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl )
 }
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */

-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
 /* Forward declaration */
 static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );

@ -3437,7 +3437,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )

    return( ret );
 }
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */

 /*
 * ContentType type;
@ -3533,7 +3533,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
                                        "expected %d, received %d",
                                        ssl->in_epoch, rec_epoch ) );

-#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
            /*
             * Check for an epoch 0 ClientHello. We can't use in_msg here to
             * access the first byte of record content (handshake type), as we
@ -3551,7 +3551,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
                return( ssl_handle_possible_reconnect( ssl ) );
            }
            else
-#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
                return( MBEDTLS_ERR_SSL_INVALID_RECORD );
        }