_SSL_DTLS_BADMAC_LIMIT config.h option removed

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2026-05-09 03:04:24 +02:00 · 2021-05-11 13:13:51 +02:00
parent b7abba28e3
commit 46cccb8f39
8 changed files with 0 additions and 46 deletions
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -700,11 +700,6 @@
 #error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)"
 #endif

-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) &&                              \
-    ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
-#error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT  defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) &&   \
    !defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites"
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1748,17 +1748,6 @@
 */
 #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE

-/**
- * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
- *
- * Enable support for a limit of records with bad MAC.
- *
- * See mbedtls_ssl_conf_dtls_badmac_limit().
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- */
-#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
-
 /**
 * \def MBEDTLS_SSL_SESSION_TICKETS
 *
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1151,9 +1151,7 @@ struct mbedtls_ssl_config
                                         that triggers renegotiation        */
 #endif

-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
    unsigned int badmac_limit;      /*!< limit of records with a bad MAC    */
-#endif

 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
    unsigned int dhm_min_bitlen;    /*!< min. bit length of the DHM prime   */
@@ -1226,10 +1224,7 @@ struct mbedtls_ssl_context

    int major_ver;              /*!< equal to  MBEDTLS_SSL_MAJOR_VERSION_3    */
    int minor_ver;              /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */
-
-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
    unsigned badmac_seen;       /*!< records with a bad MAC received    */
-#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */

 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    /** Callback to customize X.509 certificate chain verification          */
@@ -2261,7 +2256,6 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
 void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */

-#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
 /**
 * \brief          Set a limit on the number of records with a bad MAC
 *                 before terminating the connection.
@@ -2286,7 +2280,6 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
 *                 many bogus packets.
 */
 void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
-#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */

 #if defined(MBEDTLS_SSL_PROTO_DTLS)