Loading ssl/ssl.h +4 −3 Original line number Diff line number Diff line Loading @@ -525,7 +525,7 @@ typedef struct ssl_session_st #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00000400L #define SSL_OP_NO_TLSv1_1 0x00000400L /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added * in OpenSSL 0.9.6d. Usually (depending on the application protocol) Loading @@ -536,7 +536,7 @@ typedef struct ssl_session_st /* SSL_OP_ALL: various bug workarounds that should be rather harmless. * This used to be 0x000FFFFFL before 0.9.7. */ #define SSL_OP_ALL 0x80000FFFL #define SSL_OP_ALL 0x80000BFFL /* DTLS options */ #define SSL_OP_NO_QUERY_MTU 0x00001000L Loading @@ -551,6 +551,8 @@ typedef struct ssl_session_st #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L /* Don't use compression even if supported */ #define SSL_OP_NO_COMPRESSION 0x00020000L /* Permit unsafe legacy renegotiation */ #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L /* If set, always create a new key when using tmp_ecdh parameters */ #define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ Loading @@ -570,7 +572,6 @@ typedef struct ssl_session_st #define SSL_OP_NO_SSLv2 0x01000000L #define SSL_OP_NO_SSLv3 0x02000000L #define SSL_OP_NO_TLSv1 0x04000000L #define SSL_OP_NO_TLSv1_1 0x00040000L /* The next flag deliberately changes the ciphertest, this is a check * for the PKCS#1 attack */ Loading Loading
ssl/ssl.h +4 −3 Original line number Diff line number Diff line Loading @@ -525,7 +525,7 @@ typedef struct ssl_session_st #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00000400L #define SSL_OP_NO_TLSv1_1 0x00000400L /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added * in OpenSSL 0.9.6d. Usually (depending on the application protocol) Loading @@ -536,7 +536,7 @@ typedef struct ssl_session_st /* SSL_OP_ALL: various bug workarounds that should be rather harmless. * This used to be 0x000FFFFFL before 0.9.7. */ #define SSL_OP_ALL 0x80000FFFL #define SSL_OP_ALL 0x80000BFFL /* DTLS options */ #define SSL_OP_NO_QUERY_MTU 0x00001000L Loading @@ -551,6 +551,8 @@ typedef struct ssl_session_st #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L /* Don't use compression even if supported */ #define SSL_OP_NO_COMPRESSION 0x00020000L /* Permit unsafe legacy renegotiation */ #define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L /* If set, always create a new key when using tmp_ecdh parameters */ #define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ Loading @@ -570,7 +572,6 @@ typedef struct ssl_session_st #define SSL_OP_NO_SSLv2 0x01000000L #define SSL_OP_NO_SSLv3 0x02000000L #define SSL_OP_NO_TLSv1 0x04000000L #define SSL_OP_NO_TLSv1_1 0x00040000L /* The next flag deliberately changes the ciphertest, this is a check * for the PKCS#1 attack */ Loading
