Skip to content

server: add SSL_OP_NO_RENEGOTIATION fallback path

orbea requested to merge orbea/spice:libressl into master

This MR is the second attempt at !208 (closed).

With LibreSSL SSL_OP_NO_CLIENT_RENEGOTIATION is opaque which is not compatible with the OpenSSL 1.0.2 and earlier code path in red-stream.cpp while SSL_OP_NO_RENEGOTIATION is not yet defined for the newer OpenSSL code path in reds.cpp.

So with OpenSSL 1.1.0 and later if SSL_OP_NO_RENEGOTIATION is undefined and SSL_OP_NO_CLIENT_RENEGOTIATION is defined then define the former as the latter. This will allow the build to succeed with LibreSSL 3.7.2 and in the future when newer LibreSSL versions add SSL_OP_NO_RENEGOTIATION that code path will then be used automatically.

Edited by orbea

Merge request reports

Loading