dnsdist: Disable client-initiated renegotiation with LibreSSL

diff --git a/pdns/libssl.cc b/pdns/libssl.cc
index 0e0dd0a73effe80eba4fb43e58829836652f617d..a01eda0d6c5462f259181612cfb74cd96a9a77a3 100644 (file)
--- a/pdns/libssl.cc
+++ b/pdns/libssl.cc
@@ -681,6 +681,8 @@ std::unique_ptr<SSL_CTX, void(*)(SSL_CTX*)> libssl_init_server_context(const TLS
   if (!config.d_enableRenegotiation) {
 #ifdef SSL_OP_NO_RENEGOTIATION
     sslOptions |= SSL_OP_NO_RENEGOTIATION;
+#elif defined(SSL_OP_NO_CLIENT_RENEGOTIATION)
+    sslOptions |= SSL_OP_NO_CLIENT_RENEGOTIATION;
 #endif
   }