From 86b29082363a2465cf4dcc121d7482919ee1f267 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Thu, 6 Nov 2014 02:28:34 +0100
Subject: [PATCH] Adapt to "negative" switch for renego

---
 configs/config-ccm-psk-tls1_2.h | 1 +
 configs/config-mini-tls1_1.h    | 1 +
 configs/config-psk-rc4-tls1_0.h | 1 +
 configs/config-suite-b.h        | 1 +
 scripts/config.pl               | 1 +
 5 files changed, 5 insertions(+)

diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h
index 1da9f6a6b..00f92b77d 100644
--- a/configs/config-ccm-psk-tls1_2.h
+++ b/configs/config-ccm-psk-tls1_2.h
@@ -19,6 +19,7 @@
 /* PolarSSL feature support */
 #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
 #define POLARSSL_SSL_PROTO_TLS1_2
+#define POLARSSL_SSL_DISABLE_RENEGOTIATION
 
 /* PolarSSL modules */
 #define POLARSSL_AES_C
diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h
index 338fecf15..47c94c1ba 100644
--- a/configs/config-mini-tls1_1.h
+++ b/configs/config-mini-tls1_1.h
@@ -18,6 +18,7 @@
 #define POLARSSL_PKCS1_V15
 #define POLARSSL_KEY_EXCHANGE_RSA_ENABLED
 #define POLARSSL_SSL_PROTO_TLS1_1
+#define POLARSSL_SSL_DISABLE_RENEGOTIATION
 
 /* PolarSSL modules */
 #define POLARSSL_AES_C
diff --git a/configs/config-psk-rc4-tls1_0.h b/configs/config-psk-rc4-tls1_0.h
index c967b4c4d..7eafb2496 100644
--- a/configs/config-psk-rc4-tls1_0.h
+++ b/configs/config-psk-rc4-tls1_0.h
@@ -19,6 +19,7 @@
 /* PolarSSL feature support */
 #define POLARSSL_KEY_EXCHANGE_PSK_ENABLED
 #define POLARSSL_SSL_PROTO_TLS1
+#define POLARSSL_SSL_DISABLE_RENEGOTIATION
 
 /* PolarSSL modules */
 #define POLARSSL_AES_C
diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h
index cd38f3334..cabc3d1f9 100644
--- a/configs/config-suite-b.h
+++ b/configs/config-suite-b.h
@@ -25,6 +25,7 @@
 #define POLARSSL_ECP_DP_SECP384R1_ENABLED
 #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
 #define POLARSSL_SSL_PROTO_TLS1_2
+#define POLARSSL_SSL_DISABLE_RENEGOTIATION
 
 /* PolarSSL modules */
 #define POLARSSL_AES_C
diff --git a/scripts/config.pl b/scripts/config.pl
index d04be59c8..4279dd284 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -27,6 +27,7 @@ POLARSSL_ECP_DP_M511_ENABLED
 POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
 POLARSSL_NO_PLATFORM_ENTROPY
 POLARSSL_SSL_HW_RECORD_ACCEL
+POLARSSL_SSL_DISABLE_RENEGOTIATION
 POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3
 POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
 POLARSSL_ZLIB_SUPPORT