Revision d40ec4ab8e7c0ff39bf4f9918fbb9dfdca4c5221 authored by Matt Caswell on 10 November 2015, 15:17:42 UTC, committed by Matt Caswell on 10 November 2015, 19:24:20 UTC
If a DTLS client that does not support secure renegotiation connects to an OpenSSL DTLS server then, by default, renegotiation is disabled. If a server application attempts to initiate a renegotiation then OpenSSL is supposed to prevent this. However due to a discrepancy between the TLS and DTLS code, the server sends a HelloRequest anyway in DTLS. This is not a security concern because the handshake will still fail later in the process when the client responds with a ClientHello. Reviewed-by: Tim Hudson <tjh@openssl.org>
1 parent 15a7164
mkbuildinf.pl
#!/usr/local/bin/perl
my ($cflags, $platform) = @ARGV;
$cflags = "compiler: $cflags";
$date = localtime();
print <<"END_OUTPUT";
#ifndef MK1MF_BUILD
/* auto-generated by util/mkbuildinf.pl for crypto/cversion.c */
#define CFLAGS cflags
/*
* Generate CFLAGS as an array of individual characters. This is a
* workaround for the situation where CFLAGS gets too long for a C90 string
* literal
*/
static const char cflags[] = {
END_OUTPUT
my $ctr = 0;
foreach my $c (split //, $cflags) {
# Max 18 characters per line
if (($ctr++ % 18) == 0) {
if ($ctr != 1) {
print "\n";
}
print " ";
}
print "'$c',";
}
print <<"END_OUTPUT";
'\\0'
};
#define PLATFORM "platform: $platform"
#define DATE "built on: $date"
#endif
END_OUTPUT
Computing file changes ...
