diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2014-09-21 17:44:38 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-09-21 17:44:38 +0000 |
| commit | 8de6e2be1b3510e9230f8c7638a9d4d730335592 (patch) | |
| tree | 0ae4ae1115aed39017367e5908aa75c1f92cae88 /lib | |
| parent | 2f30ce6bc3ae76985ebcf99efcc493ad9d6192d5 (diff) | |
Document SSL_OP_TLSEXT_PADDING.
From OpenSSL.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod index 74f8b5d9327..c656fb2e19c 100644 --- a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod +++ b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod @@ -114,6 +114,12 @@ vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers. +=item SSL_OP_TLSEXT_PADDING + +Adds a padding extension to ensure the ClientHello size is never between +256 and 511 bytes in length. This is needed as a workaround for some +implementations. + =item SSL_OP_ALL All of the above bug workarounds. |