yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-07-10 05:57:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Note that disabling SSL_RENEGO doesn't open door for renego attack

Browse source
This commit is contained in:
Hanno Becker 2017-10-12 14:57:48 +01:00
parent 21df7f90d2
commit 6851b10ec7
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
include/mbedtls/config.h
View file

@ -1155,6 +1155,13 @@
* misuse/misunderstand. * misuse/misunderstand.
* *
* Comment this to disable support for renegotiation. * Comment this to disable support for renegotiation.
*
* \note Even if this option is disabled, both client and server are aware
* of the Renegotiation Indication Extension (RFC 5746) used to
* prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
* (See \c mbedtls_ssl_conf_legacy_renegotiation for the
* configuration of this extension).
*
*/ */
#define MBEDTLS_SSL_RENEGOTIATION #define MBEDTLS_SSL_RENEGOTIATION