Make DTLS_ANTI_REPLAY depends on PROTO_DTLS

include/polarssl/check_config.h

@@ -272,6 +272,11 @@
 #error "POLARSSL_SSL_DTLS_HELLO_VERIFY  defined, but not all prerequisites"
 #endif
 
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY) &&                              \
+    ( !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_PROTO_DTLS) )
+#error "POLARSSL_SSL_DTLS_ANTI_REPLAY  defined, but not all prerequisites"
+#endif
+
 #if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
     ( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) ||            \
       !defined(POLARSSL_CIPHER_MODE_CBC) )

include/polarssl/config.h

@@ -913,15 +913,6 @@
  */
 #define POLARSSL_SSL_PROTO_DTLS
 
-/**
- * \def POLARSSL_SSL_DTLS_ANTI_REPLAY
- *
- * Enable support for the anti-replay mechanism in DTLS.
- *
- * Comment this to disable anti-replay in DTLS.
- */
-#define POLARSSL_SSL_DTLS_ANTI_REPLAY
-
 /**
  * \def POLARSSL_SSL_ALPN
  *
@@ -932,6 +923,18 @@
  */
 #define POLARSSL_SSL_ALPN
 
+/**
+ * \def POLARSSL_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: POLARSSL_SSL_TLS_C
+ *           POLARSSL_POLARSSL_PROTO_DTLS
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define POLARSSL_SSL_DTLS_ANTI_REPLAY
+
 /**
  * \def POLARSSL_SSL_DTLS_HELLO_VERIFY
  *

library/ssl_tls.c

@@ -2970,8 +2970,7 @@ static int ssl_prepare_record_content( ssl_context *ssl )
     }
 #endif /* POLARSSL_ZLIB_SUPPORT */
 
-#if defined(POLARSSL_SSL_PROTO_DTLS) && \
-    defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
+#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY)
     if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
     {
         ssl_dtls_replay_update( ssl );