curl - cURL mirror with patches applied

diff options

author	Jérémy Rocher <rocher.jeremy@gmail.com>	2018-11-09 14:05:26 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2018-11-09 22:32:47 +0100
commit	27cb384679154b050f1008c0382e8345b7abbc41 (patch)
tree	062971458545dcdc31d9bc7a4d847eed738a870a /lib/hostcheck.c
parent	a1aabed817c2d4e2226382eca5f211a8a2364277 (diff)

openssl: support BoringSSL TLS renegotiation

As per BoringSSL porting documentation [1], BoringSSL rejects peer renegotiations by default. curl fails when trying to authenticate to server through client certificate if it is requested by server after the initial TLS handshake. Enable renegotiation by default with BoringSSL to get same behavior as with OpenSSL. This is done by calling SSL_set_renegotiate_mode [2] which was introduced in commit 1d5ef3bb1eb9 [3]. 1 - https://boringssl.googlesource.com/boringssl/+/HEAD/PORTING.md#tls-renegotiation 2 - https://boringssl.googlesource.com/boringssl/+/master/include/openssl/ssl.h#3482 3 - https://boringssl.googlesource.com/boringssl/+/1d5ef3bb1eb97848617db5e7d633d735a401df86 Signed-off-by: Jérémy Rocher <rocher.jeremy@gmail.com> Fixes #3258 Closes #3259

Diffstat (limited to 'lib/hostcheck.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: