Disable SSL renegotiation

This disables ssl renegotiaion based on the potential
DOS attack here: https://www.cvedetails.com/cve/CVE-2011-1473/

Tested: testssl shows it as disabled
https://github.com/drwetter/testssl.sh

validator passed

Fixes https://github.com/openbmc/openbmc/issues/3624

Change-Id: I4bfbd770d25ba5d1a7292421f1ccad2b2e73d3a6
Signed-off-by: James Feist <james.feist@linux.intel.com>
diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp
index 84aa097..f61aa6b 100644
--- a/include/ssl_key_handler.hpp
+++ b/include/ssl_key_handler.hpp
@@ -315,6 +315,8 @@
 
     mSslContext->set_verify_mode(boost::asio::ssl::verify_peer);
 
+    SSL_CTX_set_options(mSslContext->native_handle(), SSL_OP_NO_RENEGOTIATION);
+
     BMCWEB_LOG_DEBUG << "Using default TrustStore location: " << trustStorePath;
     mSslContext->add_verify_path(trustStorePath);