From adf6b0a2fe29f18f83ab3e169add140c84cfd90c Mon Sep 17 00:00:00 2001 From: daurnimator Date: Mon, 9 Jul 2018 17:23:26 +1000 Subject: src/openssl.c: Update SSL options list Order is taken from https://wiki.openssl.org/index.php/List_of_SSL_OP_Flags --- src/openssl.c | 45 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/src/openssl.c b/src/openssl.c index be301b7..1367d9e 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -9070,27 +9070,34 @@ static const auxL_IntegerReg sx_option[] = { { "OP_NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG }, { "OP_LEGACY_SERVER_CONNECT", SSL_OP_LEGACY_SERVER_CONNECT }, { "OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG }, +#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG { "OP_SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG }, +#endif +#ifdef SSL_OP_TLSEXT_PADDING5 + { "OP_TLSEXT_PADDING", SSL_OP_TLSEXT_PADDING }, +#endif { "OP_MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER }, +#ifdef SSL_OP_SAFARI_ECDHE_ECDSA_BUG5 + { "OP_SAFARI_ECDHE_ECDSA_BUG", SSL_OP_SAFARI_ECDHE_ECDSA_BUG }, +#endif { "OP_MSIE_SSLV2_RSA_PADDING", SSL_OP_MSIE_SSLV2_RSA_PADDING }, { "OP_SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG }, { "OP_TLS_D5_BUG", SSL_OP_TLS_D5_BUG }, { "OP_TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG }, -#if defined SSL_OP_NO_TLSv1_1 - { "OP_NO_TLSv1_1", SSL_OP_NO_TLSv1_1 }, -#endif { "OP_DONT_INSERT_EMPTY_FRAGMENTS", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS }, - { "OP_ALL", SSL_OP_ALL }, { "OP_NO_QUERY_MTU", SSL_OP_NO_QUERY_MTU }, { "OP_COOKIE_EXCHANGE", SSL_OP_COOKIE_EXCHANGE }, { "OP_NO_TICKET", SSL_OP_NO_TICKET }, { "OP_CISCO_ANYCONNECT", SSL_OP_CISCO_ANYCONNECT }, { "OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION", SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION }, -#if defined SSL_OP_NO_COMPRESSION +#ifdef SSL_OP_NO_COMPRESSION { "OP_NO_COMPRESSION", SSL_OP_NO_COMPRESSION }, #endif { "OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION", SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION }, { "OP_SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE }, +#ifdef SSL_OP_NO_ENCRYPT_THEN_MAC5 + { "OP_NO_ENCRYPT_THEN_MAC", SSL_OP_NO_ENCRYPT_THEN_MAC }, +#endif { "OP_SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE }, { "OP_EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA }, { "OP_CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE }, @@ -9098,16 +9105,36 @@ static const auxL_IntegerReg sx_option[] = { { "OP_NO_SSLv2", SSL_OP_NO_SSLv2 }, { "OP_NO_SSLv3", SSL_OP_NO_SSLv3 }, { "OP_NO_TLSv1", SSL_OP_NO_TLSv1 }, -#if defined SSL_OP_NO_TLSv1_2 +#ifdef SSL_OP_NO_DTLSv1 + { "OP_NO_DTLSv1", SSL_OP_NO_DTLSv1 }, +#endif +#ifdef SSL_OP_NO_TLSv1_2 { "OP_NO_TLSv1_2", SSL_OP_NO_TLSv1_2 }, #endif - { "OP_PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1 }, - { "OP_PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2 }, +#ifdef SSL_OP_NO_DTLSv1_2 + { "OP_NO_DTLSv1_2", SSL_OP_NO_DTLSv1_2 }, +#endif +#ifdef SSL_OP_NO_TLSv1_1 + { "OP_NO_TLSv1_1", SSL_OP_NO_TLSv1_1 }, +#endif { "OP_NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG }, +#ifdef SSL_OP_NO_TLSv1_3 + { "OP_NO_TLSv1_3", SSL_OP_NO_TLSv1_3 }, +#endif { "OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG }, -#if defined SSL_OP_CRYPTOPRO_TLSEXT_BUG +#ifdef SSL_OP_NO_RENEGOTIATION5 + { "OP_NO_RENEGOTIATION", SSL_OP_NO_RENEGOTIATION }, +#endif +#ifdef SSL_OP_CRYPTOPRO_TLSEXT_BUG { "OP_CRYPTOPRO_TLSEXT_BUG", SSL_OP_CRYPTOPRO_TLSEXT_BUG }, #endif + { "OP_PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1 }, + { "OP_PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2 }, + { "OP_NO_SSL_MASK", SSL_OP_NO_SSL_MASK }, +#ifdef SSL_OP_NO_DTLS_MASK + { "OP_NO_DTLS_MASK", SSL_OP_NO_DTLS_MASK }, +#endif + { "OP_ALL", SSL_OP_ALL }, { NULL, 0 }, }; -- cgit v1.2.3-59-g8ed1b