From 8de6e2be1b3510e9230f8c7638a9d4d730335592 Mon Sep 17 00:00:00 2001 From: Joel Sing Date: Sun, 21 Sep 2014 17:44:38 +0000 Subject: Document SSL_OP_TLSEXT_PADDING. From OpenSSL. --- lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lib') diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod index 74f8b5d9327..c656fb2e19c 100644 --- a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod +++ b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod @@ -114,6 +114,12 @@ vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL implementations. This option has no effect for connections using other ciphers. +=item SSL_OP_TLSEXT_PADDING + +Adds a padding extension to ensure the ClientHello size is never between +256 and 511 bytes in length. This is needed as a workaround for some +implementations. + =item SSL_OP_ALL All of the above bug workarounds. -- cgit v1.2.3