From fb1c252d87ae7f5d62d95e5ad68e4998b4caafcb Mon Sep 17 00:00:00 2001
From: Joe Testa <jtesta@positronsecurity.com>
Date: Fri, 10 Nov 2023 18:02:04 -0500
Subject: [PATCH] Fixed certificate parsing against some servers. (#298)

---
 sslscan.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sslscan.c b/sslscan.c
index f173277..f786429 100644
--- a/sslscan.c
+++ b/sslscan.c
@@ -2033,6 +2033,9 @@ int checkCertificate(struct sslCheckOptions *options, const SSL_METHOD *sslMetho
                         SSL_set_tlsext_host_name (ssl, options->sniname);
 #endif
 
+                        // Against some servers, this is required for a successful SSL_connect(), below.
+                        SSL_set_options(ssl, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+
                         // Connect SSL over socket
                         SSL_connect(ssl);
                         // Setup BIO's