From 2bc2a911d724c81e06653b384a3a0780aaba6d9d Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 16 Apr 2021 19:27:39 +0200
Subject: [PATCH] Change default DTLS future packet behaviour

This is a better default for most users. Most users who make use of DTLS, allow messages from "too far into the future". It makes sense that DTLS may lose connection for a period of time and will lose all messages from this period. Losing connection effectively stalls the wolfSSL DTLS connection.
---
 src/internal.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index 9ae87fd59..c17854590 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -13546,7 +13546,7 @@ static WC_INLINE int DtlsCheckWindow(WOLFSSL* ssl)
         WOLFSSL_MSG("Current record sequence number from the past.");
         return 0;
     }
-#ifndef WOLFSSL_DTLS_ALLOW_FUTURE
+#ifdef WOLFSSL_DTLS_DISALLOW_FUTURE
     else if (!curLT && (diff > DTLS_SEQ_BITS)) {
         WOLFSSL_MSG("Rejecting message too far into the future.");
         return 0;