eden-emu/mbedtls
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make truncated hmac a runtime option server-side

Browse source 
Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-09 12:39:35 +01:00
parent 8e4b3374d7
commit e117a8fc0d
6 changed files with 72 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

8
include/polarssl/ssl.h
View file

@ -1487,15 +1487,15 @@ int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code );
#if defined(POLARSSL_SSL_TRUNCATED_HMAC)
/**
* \brief Activate negotiation of truncated HMAC (Client only)
* (Default: SSL_TRUNC_HMAC_ENABLED)
* \brief Activate negotiation of truncated HMAC
* (Default: SSL_TRUNC_HMAC_DISABLED on client,
* SSL_TRUNC_HMAC_ENABLED on server.)
*
* \param ssl SSL context
* \param truncate Enable or disable (SSL_TRUNC_HMAC_ENABLED or
* SSL_TRUNC_HMAC_DISABLED)
*
* \return O if successful,
* POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side
* \return Always 0.
*/
int ssl_set_truncated_hmac( ssl_context *ssl, int truncate );
#endif /* POLARSSL_SSL_TRUNCATED_HMAC */