Merge branch 'development' into iotssl-461-ecjpake-finalization
* development: (73 commits) Bump yotta dependencies version Fix typo in documentation Corrected misleading fn description in ssl_cache.h Corrected URL/reference to MPI library Fix yotta dependencies Fix minor spelling mistake in programs/pkey/gen_key.c Bump version to 2.1.2 Fix CVE number in ChangeLog Add 'inline' workaround where needed Fix references to non-standard SIZE_T_MAX Fix yotta version dependencies again Upgrade yotta dependency versions Fix compile error in net.c with musl libc Add missing warning in doc Remove inline workaround when not useful Fix macroization of inline in C++ Changed attribution for Guido Vranken Merge of IOTSSL-476 - Random malloc in pem_read() Fix for IOTSSL-473 Double free error Fix potential overflow in CertificateRequest ... Conflicts: include/mbedtls/ssl_internal.h library/ssl_cli.c
This commit is contained in:
commit
fadacb9d0b
52 changed files with 789 additions and 127 deletions
|
@ -1153,6 +1153,22 @@
|
|||
*/
|
||||
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
*
|
||||
* Enable server-side support for clients that reconnect from the same port.
|
||||
*
|
||||
* Some clients unexpectedly close the connection and try to reconnect using the
|
||||
* same source port. This needs special support from the server to handle the
|
||||
* new connection securely, as described in section 4.2.8 of RFC 6347. This
|
||||
* flag enables that support.
|
||||
*
|
||||
* Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
|
||||
*
|
||||
* Comment this to disable support for clients reusing the source port.
|
||||
*/
|
||||
#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
|
||||
*
|
||||
|
@ -1259,6 +1275,8 @@
|
|||
* If set, the X509 parser will not break-off when parsing an X509 certificate
|
||||
* and encountering an unknown critical extension.
|
||||
*
|
||||
* \warning Depending on your PKI use, enabling this can be a security risk!
|
||||
*
|
||||
* Uncomment to prevent an error.
|
||||
*/
|
||||
//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue