Symbols ![]()
loading...
Files ![]()
loading...
MBEDTLS_SSL_RENEGOTIATION macro
\def MBEDTLS_SSL_RENEGOTIATION Enable support for TLS renegotiation. The two main uses of renegotiation are (1) refresh keys on long-lived connections and (2) client authentication after the initial handshake. If you don't need renegotiation, it's probably better to disable it, since it has been associated with security issues in the past and is easy to misuse/misunderstand. Requires: MBEDTLS_SSL_PROTO_TLS1_2 Comment this to disable support for renegotiation.
Syntax
#define MBEDTLS_SSL_RENEGOTIATION
Notes
Even if this option is disabled, both client and server are aware of the Renegotiation Indication Extension (RFC 5746) used to prevent the SSL renegotiation attack (see RFC 5746 Sect. 1). (See \c mbedtls_ssl_conf_legacy_renegotiation for the configuration of this extension).
References
Code
Location