eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update doc for ssl_conf_renegotiation

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-05-28 15:13:30 +02:00
parent 6ad5d35ba9
commit 398b206ff0
1 changed files with 7 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
include/mbedtls/ssl.h
View file

@ -1778,9 +1778,13 @@ void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets
* initiated by peer * initiated by peer
* (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED) * (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED)
* *
* Note: A server with support enabled is more vulnerable for a * \warning It is recommended to always disable renegotation unless you
* resource DoS by a malicious client. You should enable this on * know you need it and you know what you're doing. In the
* a client to enable server-initiated renegotiation. * past, there has been several issues associated with
* renegotiation or a poor understanding of its properties.
*
* \note Server-side, enabling renegotiation also makes the server
* susceptible to a resource DoS by a malicious client.
* *
* \param conf SSL configuration * \param conf SSL configuration
* \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or * \param renegotiation Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or