Re-added support for parsing and handling SSLv2 Client Hello messages If the define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is enabled, the SSL Server module can handle the old SSLv2 Client Hello messages. It has been updated to deny SSLv2 Client Hello messages during renegotiation.

commit: 78a8c71993c0c32b14946b8171b15beb3e250303 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Wed Mar 06 17:01:52 2013 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Mar 06 18:01:03 2013 +0100
tree: 8c2de5c68067b0fe7ada9a992367638244c213d5
parent: 37286a573bd36b7d80fd101b54bd25bb04979b4e [diff] [blame]
diff --git a/include/polarssl/config.h b/include/polarssl/config.h
index c9752d2..b69bd8c 100644
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h

@@ -279,6 +279,16 @@
  */
 
 /**
+ * \def POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (POLARSSL_SSL_SRV_C)
+ *
+ * Comment this macro to disable support for SSLv2 Client Hello messages.
+ */
+#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
  * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
  *
  * If set, the X509 parser will not break-off when parsing an X509 certificate
commit	78a8c71993c0c32b14946b8171b15beb3e250303	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Wed Mar 06 17:01:52 2013 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Mar 06 18:01:03 2013 +0100
tree	8c2de5c68067b0fe7ada9a992367638244c213d5
parent	37286a573bd36b7d80fd101b54bd25bb04979b4e [diff] [blame]