From 232e4ad6b8a983e9d6cb231b81a861ae8d7c087f Mon Sep 17 00:00:00 2001
From: Robert Lubos <robert.lubos@nordicsemi.no>
Date: Thu, 1 Jul 2021 16:42:35 +0200
Subject: [PATCH] modules: mbedtls: Add Kconfig option to enable DTLS
 Connection ID

Add Kconfig option for `config-tls-generic.h` to enable DTLS Connection
ID extension.

Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
---
 modules/mbedtls/Kconfig.tls-generic          | 8 ++++++++
 modules/mbedtls/configs/config-tls-generic.h | 4 ++++
 2 files changed, 12 insertions(+)

diff --git a/modules/mbedtls/Kconfig.tls-generic b/modules/mbedtls/Kconfig.tls-generic
index 680cb24d018..3c0e17c0fe3 100644
--- a/modules/mbedtls/Kconfig.tls-generic
+++ b/modules/mbedtls/Kconfig.tls-generic
@@ -473,4 +473,12 @@ config MBEDTLS_LMS
 	depends on MBEDTLS_PSA_CRYPTO_C
 	depends on MBEDTLS_HASH_SHA256_ENABLED
 
+config MBEDTLS_SSL_DTLS_CONNECTION_ID
+	bool "DTLS Connection ID extension"
+	depends on MBEDTLS_DTLS
+	help
+	  Enable support for the DTLS Connection ID extension
+	  which allows to identify DTLS connections across changes
+	  in the underlying transport.
+
 endmenu
diff --git a/modules/mbedtls/configs/config-tls-generic.h b/modules/mbedtls/configs/config-tls-generic.h
index 9d8ab757843..2268571abe0 100644
--- a/modules/mbedtls/configs/config-tls-generic.h
+++ b/modules/mbedtls/configs/config-tls-generic.h
@@ -475,6 +475,10 @@
 #define MBEDTLS_SSL_ENCRYPT_THEN_MAC
 #endif
 
+#if defined(CONFIG_MBEDTLS_SSL_DTLS_CONNECTION_ID)
+#define MBEDTLS_SSL_DTLS_CONNECTION_ID
+#endif
+
 /* User config file */
 
 #if defined(CONFIG_MBEDTLS_USER_CONFIG_FILE)