lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-12-08 02:02:16 +03:00
Code Activity

Merge commit 'b2eaac1' into dtls

Browse Source 
* commit 'b2eaac1':
  Stop assuming chars are signed
  Add tests for CBC record splitting
  Fix tests that were failing with record splitting
  Allow disabling record splitting at runtime
  Add 1/n-1 record splitting
  Enhance doc on ssl_write()

Conflicts:
	include/polarssl/ssl.h
	programs/ssl/ssl_client2.c
	programs/ssl/ssl_server2.c
This commit is contained in:
Manuel Pégourié-Gonnard
2015-01-21 13:37:08 +00:00
parent b89c4f35a1 b2eaac154b
commit 8fbb01ec84
8 changed files with 190 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
include/polarssl/config.h
View File

@@ -886,6 +886,18 @@
*/
//#define POLARSSL_SSL_HW_RECORD_ACCEL
/**
* \def POLARSSL_SSL_CBC_RECORD_SPLITTING
*
* Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
*
* This is a countermeasure to the BEAST attack, which also minimizes the risk
* of interoperability issues compared to sending 0-length records.
*
* Comment this macro to disable 1/n-1 record splitting.
*/
#define POLARSSL_SSL_CBC_RECORD_SPLITTING
/**
* \def POLARSSL_SSL_DISABLE_RENEGOTIATION
*