MBEDTLS_SSL_ENCRYPT_THEN_MAC macro

\def MBEDTLS_SSL_DEBUG_ALL Enable the debug messages in SSL module for all issues. Debug messages have been disabled in some places to prevent timing attacks due to (unbalanced) debugging function calls. If you need all error reporting you should enable this during debugging, but remove this for production servers that should log as well. Uncomment this macro to report all debug messages on errors introducing a timing side-channel. \def MBEDTLS_SSL_ENCRYPT_THEN_MAC Enable support for Encrypt-then-MAC, RFC 7366. This allows peers that both support it to use a more robust protection for ciphersuites using CBC, providing deep resistance against timing attacks on the padding or underlying cipher. This only affects CBC ciphersuites, and is useless if none is defined. Requires: MBEDTLS_SSL_PROTO_TLS1_2 Comment this macro to disable support for Encrypt-then-MAC