Make truncated hmac a runtime option server-side
Reading the documentation of ssl_set_truncated_hmac() may give the impression I changed the default for clients but I didn't, the old documentation was wrong.
This commit is contained in:
parent
8e4b3374d7
commit
e117a8fc0d
6 changed files with 72 additions and 13 deletions
|
@ -629,7 +629,8 @@ static int ssl_parse_truncated_hmac_ext( ssl_context *ssl,
|
|||
|
||||
((void) buf);
|
||||
|
||||
ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
|
||||
if( ssl->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
|
||||
ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue