From b614e3202e21699c4da942a1c480d0d8b19f4841 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 25 Mar 2021 19:17:24 +0100
Subject: [PATCH] dnsdist: Disable client-initiated renegotiation with LibreSSL

---
 pdns/libssl.cc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pdns/libssl.cc b/pdns/libssl.cc
index 0e0dd0a73e..a01eda0d6c 100644
--- a/pdns/libssl.cc
+++ b/pdns/libssl.cc
@@ -681,6 +681,8 @@ std::unique_ptr<SSL_CTX, void(*)(SSL_CTX*)> libssl_init_server_context(const TLS
   if (!config.d_enableRenegotiation) {
 #ifdef SSL_OP_NO_RENEGOTIATION
     sslOptions |= SSL_OP_NO_RENEGOTIATION;
+#elif defined(SSL_OP_NO_CLIENT_RENEGOTIATION)
+    sslOptions |= SSL_OP_NO_CLIENT_RENEGOTIATION;
 #endif
   }
 
-- 
2.47.2