Option to disable padding extension.

Add TLS padding extension to SSL_OP_ALL so it is used with other "bugs" options and can be turned off. This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient option referring to SSLv2 and SSLREF. PR#3336
author: Dr. Stephen Henson <steve@openssl.org> 2014-06-01 16:36:24 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2014-06-01 16:50:37 +0100
commit: aaed77c55ecf82594bf3b44b1bcad66c42611777 (patch)
tree: fc9af3ae134003eb397bbfa78ac38d5a22daa18f /ssl/ssl.h
parent: 49270d0431809e3a633ee865d73f0d7af89f9302 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 7219a0e64b..4c1242c9d2 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -553,7 +553,7 @@ struct ssl_session_st
 /* Allow initial connection to servers that don't support RI */
 #define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
-#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
+#define SSL_OP_TLSEXT_PADDING				0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
 #define SSL_OP_SAFARI_ECDHE_ECDSA_BUG			0x00000040L
 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG			0x00000080L
@@ -562,6 +562,8 @@ struct ssl_session_st
 
 /* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
 #define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x0
+/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
+#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x0
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
author	Dr. Stephen Henson <steve@openssl.org>	2014-06-01 16:36:24 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2014-06-01 16:50:37 +0100
commit	aaed77c55ecf82594bf3b44b1bcad66c42611777 (patch)
tree	fc9af3ae134003eb397bbfa78ac38d5a22daa18f /ssl/ssl.h
parent	49270d0431809e3a633ee865d73f0d7af89f9302 (diff)