diff options
Diffstat (limited to 'crypto/openssl/doc/ssl/SSL_CTX_set_options.pod')
-rw-r--r-- | crypto/openssl/doc/ssl/SSL_CTX_set_options.pod | 48 |
1 files changed, 34 insertions, 14 deletions
diff --git a/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod b/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod index 5c07e53..f5e2ec3 100644 --- a/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod +++ b/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod @@ -100,18 +100,6 @@ doing a re-connect, always takes the first cipher in the cipher list. ... -=item SSL_OP_TLS_ROLLBACK_BUG - -Disable version rollback attack detection. - -During the client key exchange, the client must send the same information -about acceptable SSL/TLS protocol levels as during the first hello. Some -clients violate this rule by adapting to the server's answer. (Example: -the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server -only understands up to SSLv3. In this case the client must still use the -same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect -to the server's answer and violate the version rollback protection.) - =item SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol @@ -133,6 +121,18 @@ The following B<modifying> options are available: =over 4 +=item SSL_OP_TLS_ROLLBACK_BUG + +Disable version rollback attack detection. + +During the client key exchange, the client must send the same information +about acceptable SSL/TLS protocol levels as during the first hello. Some +clients violate this rule by adapting to the server's answer. (Example: +the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server +only understands up to SSLv3. In this case the client must still use the +same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect +to the server's answer and violate the version rollback protection.) + =item SSL_OP_SINGLE_DH_USE Always create a new key when using temporary/ephemeral DH parameters @@ -142,7 +142,7 @@ the DH parameters were not generated using "strong" primes (e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>). If "strong" primes were used, it is not strictly necessary to generate a new DH key during each handshake but it is also recommended. -SSL_OP_SINGLE_DH_USE should therefore be enabled whenever +B<SSL_OP_SINGLE_DH_USE> should therefore be enabled whenever temporary/ephemeral DH parameters are used. =item SSL_OP_EPHEMERAL_RSA @@ -157,6 +157,14 @@ SSL/TLS specifications and may lead to interoperability problems with clients and should therefore never be used. Ciphers with EDH (ephemeral Diffie-Hellman) key exchange should be used instead. +=item SSL_OP_CIPHER_SERVER_PREFERENCE + +When choosing a cipher, use the server's preferences instead of the client +preferences. When not set, the SSL server will always follow the clients +preferences. When set, the SSLv3/TLSv1 server will choose following its +own preferences. Because of the different protocol, for SSLv2 the server +will send his list of preferences to the client and the client chooses. + =item SSL_OP_PKCS1_CHECK_1 ... @@ -187,6 +195,12 @@ Do not use the SSLv3 protocol. Do not use the TLSv1 protocol. +=item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION + +When performing renegotiation as a server, always start a new session +(i.e., session resumption requests are only accepted in the initial +handshake). This option is not needed for clients. + =back =head1 RETURN VALUES @@ -205,7 +219,13 @@ L<dhparam(1)|dhparam(1)> =head1 HISTORY -SSL_OP_TLS_ROLLBACK_BUG has been added in OpenSSL 0.9.6. +B<SSL_OP_CIPHER_SERVER_PREFERENCE> and +B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in +OpenSSL 0.9.7. + +B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically +enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL> +and must be explicitly set. B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e. Versions up to OpenSSL 0.9.6c do not include the countermeasure that |