Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
authorDr. Stephen Henson <steve@openssl.org>
Wed, 17 Feb 2010 18:38:31 +0000 (18:38 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 17 Feb 2010 18:38:31 +0000 (18:38 +0000)
commitc2c49969e236058090c081e591272ea325ca49b6
tree09c3265bba655b803bb116a30ad64f23e35a3c2c
parent47e0a1c335295d7548ecd1860954ee4f988d9804
Allow renegotiation if SSL_OP_LEGACY_SERVER_CONNECT is set as well as
initial connection to unpatched servers. There are no additional security
concerns in doing this as clients don't see renegotiation during an
attack anyway.
CHANGES
doc/ssl/SSL_CTX_set_options.pod
ssl/t1_lib.c