| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 |
- /**
- * \file mbedtls/config_adjust_ssl.h
- * \brief Adjust TLS configuration
- *
- * This is an internal header. Do not include it directly.
- *
- * Automatically enable certain dependencies. Generally, MBEDTLS_xxx
- * configurations need to be explicitly enabled by the user: enabling
- * MBEDTLS_xxx_A but not MBEDTLS_xxx_B when A requires B results in a
- * compilation error. However, we do automatically enable certain options
- * in some circumstances. One case is if MBEDTLS_xxx_B is an internal option
- * used to identify parts of a module that are used by other module, and we
- * don't want to make the symbol MBEDTLS_xxx_B part of the public API.
- * Another case is if A didn't depend on B in earlier versions, and we
- * want to use B in A but we need to preserve backward compatibility with
- * configurations that explicitly activate MBEDTLS_xxx_A but not
- * MBEDTLS_xxx_B.
- */
- /*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
- #ifndef MBEDTLS_CONFIG_ADJUST_SSL_H
- #define MBEDTLS_CONFIG_ADJUST_SSL_H
- #if !defined(MBEDTLS_CONFIG_FILES_READ)
- #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
- "up to and including runtime errors such as buffer overflows. " \
- "If you're trying to fix a complaint from check_config.h, just remove " \
- "it from your configuration file: since Mbed TLS 3.0, it is included " \
- "automatically at the right point."
- #endif /* */
- /* The following blocks make it easier to disable all of TLS,
- * or of TLS 1.2 or 1.3 or DTLS, without having to manually disable all
- * key exchanges, options and extensions related to them. */
- #if !defined(MBEDTLS_SSL_TLS_C)
- #undef MBEDTLS_SSL_CLI_C
- #undef MBEDTLS_SSL_SRV_C
- #undef MBEDTLS_SSL_PROTO_TLS1_3
- #undef MBEDTLS_SSL_PROTO_TLS1_2
- #undef MBEDTLS_SSL_PROTO_DTLS
- #endif
- #if !(defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_SESSION_TICKETS))
- #undef MBEDTLS_SSL_TICKET_C
- #endif
- #if !defined(MBEDTLS_SSL_PROTO_DTLS)
- #undef MBEDTLS_SSL_DTLS_ANTI_REPLAY
- #undef MBEDTLS_SSL_DTLS_CONNECTION_ID
- #undef MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT
- #undef MBEDTLS_SSL_DTLS_HELLO_VERIFY
- #undef MBEDTLS_SSL_DTLS_SRTP
- #undef MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
- #endif
- #if !defined(MBEDTLS_SSL_PROTO_TLS1_2)
- #undef MBEDTLS_SSL_ENCRYPT_THEN_MAC
- #undef MBEDTLS_SSL_EXTENDED_MASTER_SECRET
- #undef MBEDTLS_SSL_RENEGOTIATION
- #undef MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
- #undef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
- #endif
- #if !defined(MBEDTLS_SSL_PROTO_TLS1_3)
- #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED
- #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
- #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
- #undef MBEDTLS_SSL_EARLY_DATA
- #undef MBEDTLS_SSL_RECORD_SIZE_LIMIT
- #endif
- #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
- (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
- defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED))
- #define MBEDTLS_SSL_TLS1_2_SOME_ECC
- #endif
- #endif /* MBEDTLS_CONFIG_ADJUST_SSL_H */
|
