generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL

Browse Source
This commit is contained in:
Dr. Stephen Henson 2009-12-11 00:20:58 +00:00
parent 730f5752ff
commit f1784f2fd2
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ssl/ssl.h
View File

@ -524,7 +524,6 @@ typedef struct ssl_session_st
#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
#define SSL_OP_TLS_D5_BUG 0x00000100L
#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00000400L
/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
* in OpenSSL 0.9.6d. Usually (depending on the application protocol)
@ -550,6 +549,8 @@ typedef struct ssl_session_st
#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L
/* Don't use compression even if supported */
#define SSL_OP_NO_COMPRESSION 0x00020000L
/* Permit unsafe legacy renegotiation */
#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
/* If set, always create a new key when using tmp_ecdh parameters */
#define SSL_OP_SINGLE_ECDH_USE 0x00080000L
/* If set, always create a new key when using tmp_dh parameters */