diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-12-11 00:22:12 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-12-11 00:22:12 +0000 |
commit | ef4bd0167c16fd10da1cf102f3d85fd68691683f (patch) | |
tree | d071f9294f3b2da85256ed93b309b76c5fc0c5f7 /ssl/ssl.h | |
parent | 7a8a3ef4f699d1857f0896f0a6b69cc4626f43cb (diff) |
Move SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION out of SSL_OP_ALL
Diffstat (limited to 'ssl/ssl.h')
-rw-r--r-- | ssl/ssl.h | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -492,7 +492,6 @@ typedef struct ssl_session_st #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L #define SSL_OP_TLS_D5_BUG 0x00000100L #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L -#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00000400L /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added * in OpenSSL 0.9.6d. Usually (depending on the application protocol) @@ -516,6 +515,8 @@ typedef struct ssl_session_st /* As server, disallow session resumption on renegotiation */ #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L +/* Permit unsafe legacy renegotiation */ +#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L /* If set, always create a new key when using tmp_ecdh parameters */ #define SSL_OP_SINGLE_ECDH_USE 0x00080000L /* If set, always create a new key when using tmp_dh parameters */ |