mirror of https://github.com/openssl/openssl
Don't allow renegotiation for DTLS 1.3
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22362)
This commit is contained in:
parent
cb57dc4632
commit
ce32f3a539
|
@ -16,7 +16,9 @@
|
|||
#define PROTOCOL "tcp"
|
||||
|
||||
#define SSL_VERSION_ALLOWS_RENEGOTIATION(s) \
|
||||
(SSL_is_dtls(s) || (SSL_version(s) < TLS1_3_VERSION))
|
||||
((SSL_is_dtls(s) && (SSL_version(s) > DTLS1_3_VERSION \
|
||||
|| SSL_version(s) == DTLS1_BAD_VER)) \
|
||||
|| (!SSL_is_dtls(s) && SSL_version(s) < TLS1_3_VERSION))
|
||||
|
||||
typedef int (*do_server_cb)(int s, int stype, int prot, unsigned char *context);
|
||||
void get_sock_info_address(int asock, char **hostname, char **service);
|
||||
|
|
Loading…
Reference in New Issue