Fix #2400 Add NO_RENEGOTIATE option Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3432)

commit: db0f35dda18403accabe98e7780f3dfc516f49de [log] [tgz]
author: Todd Short <tshort@akamai.com> Wed May 10 16:46:14 2017 -0400
committer: Matt Caswell <matt@openssl.org> Tue Jun 06 22:39:41 2017 +0100
tree: 68a7b32f8f99c5624e2d0bb1089f6bf34047f01f
parent: 270d65fa34caa974fb27c9b161b0c9b6cd806c76 [diff] [blame]
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 95bacdf..fe181ab 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c

@@ -817,6 +817,7 @@
     if (!s->s3->send_connection_binding)
         return EXT_RETURN_NOT_SENT;
 
+    /* Still add this even if SSL_OP_NO_RENEGOTIATION is set */
     if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)
             || !WPACKET_start_sub_packet_u16(pkt)
             || !WPACKET_start_sub_packet_u8(pkt)
commit	db0f35dda18403accabe98e7780f3dfc516f49de	[log] [tgz]
author	Todd Short <tshort@akamai.com>	Wed May 10 16:46:14 2017 -0400
committer	Matt Caswell <matt@openssl.org>	Tue Jun 06 22:39:41 2017 +0100
tree	68a7b32f8f99c5624e2d0bb1089f6bf34047f01f
parent	270d65fa34caa974fb27c9b161b0c9b6cd806c76 [diff] [blame]