| ssl.h (246772) | ssl.h (261037) |
|---|---|
| 1/* ssl/ssl.h */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 541 unchanged lines hidden (view full) --- 550 551#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L 552#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L 553/* Allow initial connection to servers that don't support RI */ 554#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L 555#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L 556#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L 557#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L | 1/* ssl/ssl.h */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 541 unchanged lines hidden (view full) --- 550 551#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L 552#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L 553/* Allow initial connection to servers that don't support RI */ 554#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L 555#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L 556#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L 557#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L |
| 558#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ | 558#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG 0x00000040L |
| 559#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L 560#define SSL_OP_TLS_D5_BUG 0x00000100L 561#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L 562 | 559#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L 560#define SSL_OP_TLS_D5_BUG 0x00000100L 561#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L 562 |
| 563/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */ 564#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x0 565 |
|
| 563/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added 564 * in OpenSSL 0.9.6d. Usually (depending on the application protocol) 565 * the workaround is not needed. Unfortunately some broken SSL/TLS 566 * implementations cannot handle it at all, which is why we include 567 * it in SSL_OP_ALL. */ 568#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in 0.9.6e */ 569 570/* SSL_OP_ALL: various bug workarounds that should be rather harmless. --- 65 unchanged lines hidden (view full) --- 636 * is blocking: */ 637#define SSL_MODE_AUTO_RETRY 0x00000004L 638/* Don't attempt to automatically build certificate chain */ 639#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L 640/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and 641 * TLS only.) "Released" buffers are put onto a free-list in the context 642 * or just freed (depending on the context's setting for freelist_max_len). */ 643#define SSL_MODE_RELEASE_BUFFERS 0x00000010L | 566/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added 567 * in OpenSSL 0.9.6d. Usually (depending on the application protocol) 568 * the workaround is not needed. Unfortunately some broken SSL/TLS 569 * implementations cannot handle it at all, which is why we include 570 * it in SSL_OP_ALL. */ 571#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L /* added in 0.9.6e */ 572 573/* SSL_OP_ALL: various bug workarounds that should be rather harmless. --- 65 unchanged lines hidden (view full) --- 639 * is blocking: */ 640#define SSL_MODE_AUTO_RETRY 0x00000004L 641/* Don't attempt to automatically build certificate chain */ 642#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L 643/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and 644 * TLS only.) "Released" buffers are put onto a free-list in the context 645 * or just freed (depending on the context's setting for freelist_max_len). */ 646#define SSL_MODE_RELEASE_BUFFERS 0x00000010L |
| 647/* Send the current time in the Random fields of the ClientHello and 648 * ServerHello records for compatibility with hypothetical implementations 649 * that require it. 650 */ 651#define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L 652#define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L |
|
| 644 645/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, 646 * they cannot be used to clear bits. */ 647 648#define SSL_CTX_set_options(ctx,op) \ 649 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) 650#define SSL_CTX_clear_options(ctx,op) \ 651 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) --- 1928 unchanged lines hidden --- | 653 654/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, 655 * they cannot be used to clear bits. */ 656 657#define SSL_CTX_set_options(ctx,op) \ 658 SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) 659#define SSL_CTX_clear_options(ctx,op) \ 660 SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL) --- 1928 unchanged lines hidden --- |