Changed prototype for ssl_set_truncated_hmac() to allow disabling
This commit is contained in:
parent
277f7f23e2
commit
8c1ede655f
3 changed files with 7 additions and 4 deletions
|
@ -986,13 +986,16 @@ int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code );
|
|||
|
||||
/**
|
||||
* \brief Activate negotiation of truncated HMAC (Client only)
|
||||
* (Default: SSL_TRUNC_HMAC_ENABLED)
|
||||
*
|
||||
* \param ssl SSL context
|
||||
* \param truncate Enable or disable (SSL_TRUNC_HMAC_ENABLED or
|
||||
* SSL_TRUNC_HMAC_DISABLED)
|
||||
*
|
||||
* \return O if successful,
|
||||
* POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side
|
||||
*/
|
||||
int ssl_set_truncated_hmac( ssl_context *ssl );
|
||||
int ssl_set_truncated_hmac( ssl_context *ssl, int truncate );
|
||||
|
||||
/**
|
||||
* \brief Enable / Disable renegotiation support for connection when
|
||||
|
|
|
@ -3149,12 +3149,12 @@ int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code )
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
int ssl_set_truncated_hmac( ssl_context *ssl )
|
||||
int ssl_set_truncated_hmac( ssl_context *ssl, int truncate )
|
||||
{
|
||||
if( ssl->endpoint != SSL_IS_CLIENT )
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
ssl->trunc_hmac = SSL_TRUNC_HMAC_ENABLED;
|
||||
ssl->trunc_hmac = truncate;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
|
|
@ -634,7 +634,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_max_frag_len( &ssl, opt.mfl_code );
|
||||
|
||||
if( opt.trunc_hmac != 0 )
|
||||
ssl_set_truncated_hmac( &ssl );
|
||||
ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED );
|
||||
|
||||
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
|
|
Loading…
Reference in a new issue