Allow compile-time configuration of legacy renegotiation Introduces MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION allowing to configure enforcing secure renegotiation at compile-time. Impact on code-size: | | GCC | ARMC5 | ARMC6 | | --- | --- | --- | --- | | `libmbedtls.a` after | 23379 | 23929 | 27727 | | `libmbedtls.a` before | 23307 | 23865 | 27615 | | gain in Bytes | 72 | 64 | 112 |

commit: b0b2b675681d94d70d0afe2ebb030df74be92c90 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Wed Jun 12 16:58:10 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Tue Jul 02 16:41:34 2019 +0100
tree: 9c0057d62e35e03ec3dad14b744917069b75a9be
parent: acd4fc0ac941db79a9ba6e50f8f6f58d02865d4c [diff] [blame]
diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c
index 2557675..2871fd7 100644
--- a/programs/ssl/query_config.c
+++ b/programs/ssl/query_config.c

@@ -2578,6 +2578,14 @@
     }
 #endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */
 
+#if defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION)
+    if( strcmp( "MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION", config ) == 0 )
+    {
+        MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION */
+
 #if defined(MBEDTLS_SSL_CONF_AUTHMODE)
     if( strcmp( "MBEDTLS_SSL_CONF_AUTHMODE", config ) == 0 )
     {
commit	b0b2b675681d94d70d0afe2ebb030df74be92c90	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Wed Jun 12 16:58:10 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Tue Jul 02 16:41:34 2019 +0100
tree	9c0057d62e35e03ec3dad14b744917069b75a9be
parent	acd4fc0ac941db79a9ba6e50f8f6f58d02865d4c [diff] [blame]