Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit e90cb49

Browse filesBrowse files
nornagonBethGriggs
nornagon
authored and
BethGriggs
committed
tls: enable renegotiation when using BoringSSL
PR-URL: #34832 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Rich Trott <rtrott@gmail.com>
1 parent cc72584 commit e90cb49
Copy full SHA for e90cb49

File tree

Expand file treeCollapse file tree

1 file changed

+6
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

1 file changed

+6
-0
lines changed
Open diff view settings
Collapse file

‎src/tls_wrap.cc‎

Copy file name to clipboardExpand all lines: src/tls_wrap.cc
+6Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -131,6 +131,12 @@ void TLSWrap::InitSSL() {
131131
// - https://wiki.openssl.org/index.php/TLS1.3#Non-application_data_records
132132
SSL_set_mode(ssl_.get(), SSL_MODE_AUTO_RETRY);
133133

134+
#ifdef OPENSSL_IS_BORINGSSL
135+
// OpenSSL allows renegotiation by default, but BoringSSL disables it.
136+
// Configure BoringSSL to match OpenSSL's behavior.
137+
SSL_set_renegotiate_mode(ssl_.get(), ssl_renegotiate_freely);
138+
#endif
139+
134140
SSL_set_app_data(ssl_.get(), this);
135141
// Using InfoCallback isn't how we are supposed to check handshake progress:
136142
// https://github.com/openssl/openssl/issues/7199#issuecomment-420915993

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.