Merge branch 'session-hash' into dtls

* session-hash: Update Changelog for session-hash Make session-hash depend on TLS versions Forbid extended master secret with SSLv3 compat.sh: allow git version of gnutls compat.sh: make options a bit more robust Implement extended master secret Add negotiation of Extended Master Secret Conflicts: include/polarssl/check_config.h programs/ssl/ssl_server2.c
2025-12-23 15:55:10 +01:00 · 2014-11-06 01:25:09 +01:00 · 2014-11-06 01:25:09 +01:00 · 56d985d0a6
commit 56d985d0a6
parent fedba98ede b3c6a97b31
11 changed files with 366 additions and 14 deletions
--- a/include/polarssl/config.h
+++ b/include/polarssl/config.h
@ -811,6 +811,24 @@
 */
 //#define POLARSSL_SSL_DEBUG_ALL

+/** \def POLARSSL_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: POLARSSL_SSL_PROTO_TLS1    or
+ *           POLARSSL_SSL_PROTO_TLS1_1  or
+ *           POLARSSL_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define POLARSSL_SSL_EXTENDED_MASTER_SECRET
+
 /**
 * \def POLARSSL_SSL_FALLBACK_SCSV
 *