Lines Matching full:s0
181 The behaviour of the \s-1SSL\s0 library can be changed by setting several options.
186 protocol behaviour of the \s-1SSL\s0 library. The (internal) behaviour of
187 the \s-1API\s0 can be changed by using the similar
190 During a handshake, the option settings of the \s-1SSL\s0 object are used. When
191 a new \s-1SSL\s0 object is created from a context using \fBSSL_new()\fR, the current
193 \&\s-1SSL\s0 objects. \fBSSL_clear()\fR does not affect the settings.
196 .IP "\s-1SSL_OP_CRYPTOPRO_TLSEXT_BUG\s0" 4
199 when \s-1GOST\s0 ciphersuite is negotiated. Required for interoperability with CryptoPro
200 \&\s-1CSP 3\s0.x.
201 .IP "\s-1SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS\s0" 4
203 Disables a countermeasure against a \s-1SSL 3.0/TLS 1.0\s0 protocol
204 vulnerability affecting \s-1CBC\s0 ciphers, which cannot be handled by some
205 broken \s-1SSL\s0 implementations. This option has no effect for connections
207 .IP "\s-1SSL_OP_SAFARI_ECDHE_ECDSA_BUG\s0" 4
210 OS X 10.8..10.8.3\s0 has broken support for ECDHE-ECDSA ciphers.
211 .IP "\s-1SSL_OP_TLSEXT_PADDING\s0" 4
216 .IP "\s-1SSL_OP_ALL\s0" 4
220 It is usually safe to use \fB\s-1SSL_OP_ALL\s0\fR to enable the bug workaround
225 .IP "\s-1SSL_OP_ALLOW_CLIENT_RENEGOTIATION\s0" 4
229 .IP "\s-1SSL_OP_ALLOW_NO_DHE_KEX\s0" 4
233 .IP "\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0" 4
236 servers. See the \fB\s-1SECURE RENEGOTIATION\s0\fR section for more details.
237 .IP "\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0" 4
240 preferences. When not set, the \s-1SSL\s0 server will always follow the clients
241 preferences. When set, the \s-1SSL/TLS\s0 server will choose following its
243 .IP "\s-1SSL_OP_CISCO_ANYCONNECT\s0" 4
245 Use Cisco's version identifier of \s-1DTLS_BAD_VER\s0 when establishing a DTLSv1
246 connection. Only available when using the deprecated \fBDTLSv1_client_method()\fR \s-1API.\s0
247 .IP "\s-1SSL_OP_CLEANSE_PLAINTEXT\s0" 4
249 By default \s-1TLS\s0 connections keep a copy of received plaintext
251 next portion of data. When enabling \s-1SSL_OP_CLEANSE_PLAINTEXT\s0
260 .IP "\s-1SSL_OP_COOKIE_EXCHANGE\s0" 4
262 Turn on Cookie Exchange as described in \s-1RFC4347\s0 Section 4.2.1. Only affects
263 \&\s-1DTLS\s0 connections.
264 .IP "\s-1SSL_OP_DISABLE_TLSEXT_CA_NAMES\s0" 4
266 Disable \s-1TLS\s0 Extension \s-1CA\s0 Names. You may want to disable it for security reasons
267 or for compatibility with some Windows \s-1TLS\s0 implementations crashing when this
269 .IP "\s-1SSL_OP_ENABLE_KTLS\s0" 4
271 Enable the use of kernel \s-1TLS.\s0 In order to benefit from kernel \s-1TLS\s0 OpenSSL must
276 The kernel \s-1TLS\s0 data-path implements the record layer, and the encryption
283 Kernel \s-1TLS\s0 might not support all the features of OpenSSL. For instance,
287 Note that with kernel \s-1TLS\s0 enabled some cryptographic operations are performed
290 operations to be performed by the \s-1FIPS\s0 provider.
291 .IP "\s-1SSL_OP_ENABLE_MIDDLEBOX_COMPAT\s0" 4
293 If set then dummy Change Cipher Spec (\s-1CCS\s0) messages are sent in TLSv1.3. This
296 this option is set or not \s-1CCS\s0 messages received from the peer will always be
299 .IP "\s-1SSL_OP_IGNORE_UNEXPECTED_EOF\s0" 4
301 Some \s-1TLS\s0 implementations do not send the mandatory close_notify alert on
307 You should only enable this option if the protocol running over \s-1TLS\s0
312 .IP "\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0" 4
315 \&\fBonly\fR. See the \fB\s-1SECURE RENEGOTIATION\s0\fR section for more details.
316 .IP "\s-1SSL_OP_NO_ANTI_REPLAY\s0" 4
326 .IP "\s-1SSL_OP_NO_COMPRESSION\s0" 4
330 .IP "\s-1SSL_OP_NO_ENCRYPT_THEN_MAC\s0" 4
333 \&\s-1RFC7366\s0 Encrypt-then-MAC option on \s-1TLS\s0 and \s-1DTLS\s0 connection.
337 .IP "\s-1SSL_OP_NO_EXTENDED_MASTER_SECRET\s0" 4
340 \&\s-1RFC7627\s0 Extended Master Secret option on \s-1TLS\s0 and \s-1DTLS\s0 connection.
344 .IP "\s-1SSL_OP_NO_QUERY_MTU\s0" 4
346 Do not query the \s-1MTU.\s0 Only affects \s-1DTLS\s0 connections.
347 .IP "\s-1SSL_OP_NO_RENEGOTIATION\s0" 4
351 .IP "\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0" 4
359 versions with \s-1TLS\s0 or the DTLSv1, DTLSv1.2 versions with \s-1DTLS,\s0
364 .IP "\s-1SSL_OP_NO_TICKET\s0" 4
366 \&\s-1SSL/TLS\s0 supports two mechanisms for resuming sessions: session ids and stateless
391 By default OpenSSL will use stateless tickets. The \s-1SSL_OP_NO_TICKET\s0 option will
399 .IP "\s-1SSL_OP_PRIORITIZE_CHACHA\s0" 4
401 When \s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0 is set, temporarily reprioritize
405 in the server cipher list; but still allows other clients to use \s-1AES\s0 and other
406 ciphers. Requires \fB\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0\fR.
407 .IP "\s-1SSL_OP_TLS_ROLLBACK_BUG\s0" 4
412 about acceptable \s-1SSL/TLS\s0 protocol levels as during the first hello. Some
421 .IP "\s-1SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\s0" 4
424 .IP "\s-1SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER\s0" 4
426 .IP "\s-1SSL_OP_SSLEAY_080_CLIENT_DH_BUG\s0" 4
428 .IP "\s-1SSL_OP_TLS_D5_BUG\s0" 4
430 .IP "\s-1SSL_OP_TLS_BLOCK_PADDING_BUG\s0" 4
432 .IP "\s-1SSL_OP_MSIE_SSLV2_RSA_PADDING\s0" 4
434 .IP "\s-1SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG\s0" 4
436 .IP "\s-1SSL_OP_MICROSOFT_SESS_ID_BUG\s0" 4
438 .IP "\s-1SSL_OP_NETSCAPE_CHALLENGE_BUG\s0" 4
440 .IP "\s-1SSL_OP_PKCS1_CHECK_1\s0" 4
442 .IP "\s-1SSL_OP_PKCS1_CHECK_2\s0" 4
444 .IP "\s-1SSL_OP_SINGLE_DH_USE\s0" 4
446 .IP "\s-1SSL_OP_SINGLE_ECDH_USE\s0" 4
448 .IP "\s-1SSL_OP_EPHEMERAL_RSA\s0" 4
450 .IP "\s-1SSL_OP_NETSCAPE_CA_DN_BUG\s0" 4
452 .IP "\s-1SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG\s0" 4
458 described in \s-1RFC5746.\s0 This counters the prefix attack described in
459 \&\s-1CVE\-2009\-3555\s0 and elsewhere.
474 server with a \fBno_renegotiation\fR warning alert if \s-1TLS\s0 v1.0 is used or a fatal
475 \&\fBhandshake_failure\fR alert in \s-1SSL\s0 v3.0.
481 If the option \fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR is set then
485 If the option \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR or
486 \&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR is set then initial connections
491 Setting the option \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR has security implications;
493 \&\s-1RFC 5746\s0 secure renegotiation are subject to attacks such as
494 \&\s-1CVE\-2009\-3555.\s0
497 servers should always \fBset\fR \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR
501 \&\fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR using \fBSSL_CTX_clear_options()\fR or
504 The difference between the \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR and
505 \&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR options is that
506 \&\fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR enables initial connections and secure
508 \&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR allows initial connections
533 The \fB\s-1SSL_OP_PRIORITIZE_CHACHA\s0\fR and \fB\s-1SSL_OP_NO_RENEGOTIATION\s0\fR options
536 The \fB\s-1SSL_OP_NO_EXTENDED_MASTER_SECRET\s0\fR and \fB\s-1SSL_OP_IGNORE_UNEXPECTED_EOF\s0\fR
539 The \fB\s-1SSL_OP_\s0\fR constants and the corresponding parameter and return values
541 For that reason it is no longer possible use the \fB\s-1SSL_OP_\s0\fR macro values
550 in the file \s-1LICENSE\s0 in the source distribution or at