Adds new option to enable secure-renegotiation by default (used by IIS for client authentication). WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT.

2017-11-20 16:15:06 -08:00 · 2017-11-20 16:15:06 -08:00 · 60a6da1c14
commit 60a6da1c14
parent 935f33ab54
1 changed files with 9 additions and 0 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -4444,6 +4444,15 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
    }
 #endif

+#ifdef HAVE_SECURE_RENEGOTIATION
+    /* use secure renegotiation by default (not recommend) */
+    #ifdef WOLFSSL_SECURE_RENEGOTIATION_ON_BY_DEFAULT
+        ret = wolfSSL_UseSecureRenegotiation(ssl);
+        if (ret != WOLFSSL_SUCCESS)
+            return ret;
+    #endif
+#endif
+
    return 0;
 }