Make DTLS_ANTI_REPLAY depends on PROTO_DTLS
diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h
index 56d8441..4f65e17 100644
--- a/include/polarssl/check_config.h
+++ b/include/polarssl/check_config.h
@@ -272,6 +272,11 @@
#error "POLARSSL_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites"
#endif
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY) && \
+ ( !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_PROTO_DTLS) )
+#error "POLARSSL_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites"
+#endif
+
#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_CIPHER_MODE_CBC) )
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index 20f104d..5591e44 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@@ -914,15 +914,6 @@
#define POLARSSL_SSL_PROTO_DTLS
/**
- * \def POLARSSL_SSL_DTLS_ANTI_REPLAY
- *
- * Enable support for the anti-replay mechanism in DTLS.
- *
- * Comment this to disable anti-replay in DTLS.
- */
-#define POLARSSL_SSL_DTLS_ANTI_REPLAY
-
-/**
* \def POLARSSL_SSL_ALPN
*
* Enable support for Application Layer Protocol Negotiation.
@@ -933,6 +924,18 @@
#define POLARSSL_SSL_ALPN
/**
+ * \def POLARSSL_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: POLARSSL_SSL_TLS_C
+ * POLARSSL_POLARSSL_PROTO_DTLS
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define POLARSSL_SSL_DTLS_ANTI_REPLAY
+
+/**
* \def POLARSSL_SSL_DTLS_HELLO_VERIFY
*
* Enable support for HelloVerifyRequest on DTLS servers.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bd830e5..1a5cb01 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2970,8 +2970,7 @@
}
#endif /* POLARSSL_ZLIB_SUPPORT */
-#if defined(POLARSSL_SSL_PROTO_DTLS) && \
- defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
{
ssl_dtls_replay_update( ssl );