diff options
author | Matt Caswell <matt@openssl.org> | 2017-11-07 10:45:43 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-12-14 15:06:37 +0000 |
commit | a5816a5ab99610201dcec57a0e02b883d9d32891 (patch) | |
tree | dbcdbc8473d14ad1204c345725e6193d299b22d3 /apps/apps.h | |
parent | 88050dd1960bfaba7ede12a3ce1afe40f5deb124 (diff) |
Implement session id TLSv1.3 middlebox compatibility mode
Clients will send a "fake" session id and servers must echo it back.
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4701)
Diffstat (limited to 'apps/apps.h')
-rw-r--r-- | apps/apps.h | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/apps/apps.h b/apps/apps.h index bb89eaecf6..321f6444da 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -208,7 +208,7 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, OPT_S_STRICT, OPT_S_SIGALGS, OPT_S_CLIENTSIGALGS, OPT_S_GROUPS, \ OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, \ OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \ - OPT_S_NO_RENEGOTIATION, OPT_S__LAST + OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S__LAST # define OPT_S_OPTIONS \ {"no_ssl3", OPT_S_NOSSL3, '-',"Just disable SSLv3" }, \ @@ -253,7 +253,8 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, {"record_padding", OPT_S_RECORD_PADDING, 's', \ "Block size to pad TLS 1.3 records to."}, \ {"debug_broken_protocol", OPT_S_DEBUGBROKE, '-', \ - "Perform all sorts of protocol violations for testing purposes"} + "Perform all sorts of protocol violations for testing purposes"}, \ + {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', "Disable TLSv1.3 middlebox compat mode" } # define OPT_S_CASES \ @@ -283,7 +284,8 @@ int set_cert_times(X509 *x, const char *startdate, const char *enddate, case OPT_S_CIPHER: \ case OPT_S_RECORD_PADDING: \ case OPT_S_NO_RENEGOTIATION: \ - case OPT_S_DEBUGBROKE + case OPT_S_DEBUGBROKE: \ + case OPT_S_NO_MIDDLEBOX #define IS_NO_PROT_FLAG(o) \ (o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \ |