openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Don't allow renegotiation for DTLS 1.3 

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22362)
This commit is contained in:
Frederik Wedel-Heinen 2023-10-12 13:55:32 +02:00
parent cb57dc4632
commit ce32f3a539
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/include/s_apps.h
View File

@ -16,7 +16,9 @@
#define PROTOCOL "tcp"
#define SSL_VERSION_ALLOWS_RENEGOTIATION(s) \
(SSL_is_dtls(s) || (SSL_version(s) < TLS1_3_VERSION))
((SSL_is_dtls(s) && (SSL_version(s) > DTLS1_3_VERSION \
|| SSL_version(s) == DTLS1_BAD_VER)) \
|| (!SSL_is_dtls(s) && SSL_version(s) < TLS1_3_VERSION))
typedef int (*do_server_cb)(int s, int stype, int prot, unsigned char *context);
void get_sock_info_address(int asock, char **hostname, char **service);