Make truncated hmac a runtime option server-side

Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-09 12:39:35 +01:00
parent 8e4b3374d7
commit e117a8fc0d
6 changed files with 72 additions and 13 deletions

View file

@ -629,7 +629,8 @@ static int ssl_parse_truncated_hmac_ext( ssl_context *ssl,
((void) buf);
ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
if( ssl->trunc_hmac == SSL_TRUNC_HMAC_ENABLED )
ssl->session_negotiate->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
return( 0 );
}