diff options
| author | yangyangtiantianlonglong <yangtianlong1224@163.com> | 2022-01-26 22:08:05 +0800 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-01-28 15:32:58 +0100 |
| commit | a829d53a14eeae2b0bc783b7952b4212cf31d918 (patch) | |
| tree | 031a1987bab62a037ab90cb39c21e36a253be9d4 /apps/include | |
| parent | a414fd6765bbc9bb0d630dbb4d780f44f825c8a2 (diff) | |
apps: Add option -no_ems to s_client/s_server apps
The option SSL_OP_NO_EXTENDED_MASTER_SECRET was added in #3910.
And it is valid for versions below (D)TLS 1.2.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17597)
Diffstat (limited to 'apps/include')
| -rw-r--r-- | apps/include/opt.h | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/apps/include/opt.h b/apps/include/opt.h index 365eae5bc8..dc88bd3818 100644 --- a/apps/include/opt.h +++ b/apps/include/opt.h @@ -163,7 +163,8 @@ OPT_S_CURVES, OPT_S_NAMEDCURVE, OPT_S_CIPHER, OPT_S_CIPHERSUITES, \ OPT_S_RECORD_PADDING, OPT_S_DEBUGBROKE, OPT_S_COMP, \ OPT_S_MINPROTO, OPT_S_MAXPROTO, \ - OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S_NO_ETM, OPT_S__LAST + OPT_S_NO_RENEGOTIATION, OPT_S_NO_MIDDLEBOX, OPT_S_NO_ETM, \ + OPT_S_NO_EMS, OPT_S__LAST # define OPT_S_OPTIONS \ OPT_SECTION("TLS/SSL"), \ @@ -218,7 +219,9 @@ {"no_middlebox", OPT_S_NO_MIDDLEBOX, '-', \ "Disable TLSv1.3 middlebox compat mode" }, \ {"no_etm", OPT_S_NO_ETM, '-', \ - "Disable Encrypt-then-Mac extension"} + "Disable Encrypt-then-Mac extension"}, \ + {"no_ems", OPT_S_NO_EMS, '-', \ + "Disable Extended master secret extension"} # define OPT_S_CASES \ OPT_S__FIRST: case OPT_S__LAST: break; \ @@ -253,7 +256,8 @@ case OPT_S_MAXPROTO: \ case OPT_S_DEBUGBROKE: \ case OPT_S_NO_MIDDLEBOX: \ - case OPT_S_NO_ETM + case OPT_S_NO_ETM: \ + case OPT_S_NO_EMS #define IS_NO_PROT_FLAG(o) \ (o == OPT_S_NOSSL3 || o == OPT_S_NOTLS1 || o == OPT_S_NOTLS1_1 \ |