From c2b78c31d631f45cd43c2d04c5ae490b8e9f21ab Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Sun, 8 Nov 2009 14:51:54 +0000
Subject: First cut of renegotiation extension.

---
 apps/s_client.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'apps/s_client.c')

diff --git a/apps/s_client.c b/apps/s_client.c
index f6717f1a71..c9c654c3c8 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -249,6 +249,7 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -status           - request certificate status from server\n");
 	BIO_printf(bio_err," -no_ticket        - disable use of RFC4507bis session tickets\n");
 #endif
+	BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
 	}
 
 #ifndef OPENSSL_NO_TLSEXT
@@ -536,6 +537,8 @@ int MAIN(int argc, char **argv)
 #endif
 		else if (strcmp(*argv,"-serverpref") == 0)
 			off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
+		else if (strcmp(*argv,"-legacy_renegotiation") == 0)
+			off|=SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
 		else if	(strcmp(*argv,"-cipher") == 0)
 			{
 			if (--argc < 1) goto bad;
-- 
cgit v1.2.3