Implement FALLBACK_SCSV client-side
This commit is contained in:
Manuel Pégourié-Gonnard
parent
a6c5ea2c43
commit
1cbd39dbeb
6 changed files with 144 additions and 1 deletions
|
|
@ -811,6 +811,23 @@
|
|||
*/
|
||||
//#define POLARSSL_SSL_DEBUG_ALL
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_FALLBACK_SCSV
|
||||
*
|
||||
* Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
|
||||
*
|
||||
* For servers, it is recommended to always enable this, unless you support
|
||||
* only one version of TLS, or know for sure that none of your clients
|
||||
* implements a fallback strategy.
|
||||
*
|
||||
* For clients, you only need this if you're using a fallback strategy, which
|
||||
* is not recommended in the first place, unless you absolutely need it to
|
||||
* interoperate with buggy (version-intolerant) servers.
|
||||
*
|
||||
* Comment this macro to disable support for FALLBACK_SCSV
|
||||
*/
|
||||
#define POLARSSL_SSL_FALLBACK_SCSV
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_HW_RECORD_ACCEL
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue