Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / lib / libssl / man / SSL_CTX_set_options.3
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
e056f0e0
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
e056f0e0 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
e056f0e0 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
e056f0e0 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
e056f0e0
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
e056f0e0 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
e056f0e0
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
e056f0e0
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
984263bc 41'br\}
e056f0e0 42.\"
e257b235
PA
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
e056f0e0 47.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
e056f0e0
JR
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
e257b235 51.ie \nF \{\
e056f0e0
JR
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 54..
e056f0e0
JR
55. nr % 0
56. rr F
984263bc 57.\}
e257b235
PA
58.el \{\
59. de IX
60..
61.\}
aac4ff6f 62.\"
e056f0e0
JR
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
984263bc 66.if n \{\
e056f0e0
JR
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
984263bc
MD
72.\}
73.if t \{\
e056f0e0
JR
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
984263bc 79.\}
e056f0e0 80. \" simple accents for nroff and troff
984263bc 81.if n \{\
e056f0e0
JR
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
984263bc
MD
88.\}
89.if t \{\
e056f0e0
JR
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 96.\}
e056f0e0 97. \" troff and (daisy-wheel) nroff accents
984263bc
MD
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
e056f0e0 107. \" corrections for vroff
984263bc
MD
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
e056f0e0 110. \" for low resolution devices (crt and lpr)
984263bc
MD
111.if \n(.H>23 .if \n(.V>19 \
112\{\
e056f0e0
JR
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
984263bc
MD
122.\}
123.rm #[ #] #H #V #F C
e056f0e0
JR
124.\" ========================================================================
125.\"
126.IX Title "SSL_CTX_set_options 3"
e3261593 127.TH SSL_CTX_set_options 3 "2012-01-04" "1.0.0f" "OpenSSL"
e257b235
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
984263bc 132.SH "NAME"
01185282 133SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support \- manipulate SSL options
984263bc 134.SH "SYNOPSIS"
e056f0e0 135.IX Header "SYNOPSIS"
984263bc
MD
136.Vb 1
137\& #include <openssl/ssl.h>
e257b235 138\&
984263bc
MD
139\& long SSL_CTX_set_options(SSL_CTX *ctx, long options);
140\& long SSL_set_options(SSL *ssl, long options);
e257b235 141\&
01185282
PA
142\& long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
143\& long SSL_clear_options(SSL *ssl, long options);
144\&
984263bc
MD
145\& long SSL_CTX_get_options(SSL_CTX *ctx);
146\& long SSL_get_options(SSL *ssl);
01185282
PA
147\&
148\& long SSL_get_secure_renegotiation_support(SSL *ssl);
984263bc
MD
149.Ve
150.SH "DESCRIPTION"
e056f0e0 151.IX Header "DESCRIPTION"
01185282
PA
152Note: all these functions are implemented using macros.
153.PP
e056f0e0 154\&\fISSL_CTX_set_options()\fR adds the options set via bitmask in \fBoptions\fR to \fBctx\fR.
984263bc
MD
155Options already set before are not cleared!
156.PP
e056f0e0 157\&\fISSL_set_options()\fR adds the options set via bitmask in \fBoptions\fR to \fBssl\fR.
984263bc
MD
158Options already set before are not cleared!
159.PP
01185282
PA
160\&\fISSL_CTX_clear_options()\fR clears the options set via bitmask in \fBoptions\fR
161to \fBctx\fR.
162.PP
163\&\fISSL_clear_options()\fR clears the options set via bitmask in \fBoptions\fR to \fBssl\fR.
164.PP
e056f0e0 165\&\fISSL_CTX_get_options()\fR returns the options set for \fBctx\fR.
984263bc 166.PP
e056f0e0 167\&\fISSL_get_options()\fR returns the options set for \fBssl\fR.
01185282
PA
168.PP
169\&\fISSL_get_secure_renegotiation_support()\fR indicates whether the peer supports
170secure renegotiation.
984263bc 171.SH "NOTES"
e056f0e0
JR
172.IX Header "NOTES"
173The behaviour of the \s-1SSL\s0 library can be changed by setting several options.
984263bc 174The options are coded as bitmasks and can be combined by a logical \fBor\fR
01185282 175operation (|).
984263bc 176.PP
e056f0e0
JR
177\&\fISSL_CTX_set_options()\fR and \fISSL_set_options()\fR affect the (external)
178protocol behaviour of the \s-1SSL\s0 library. The (internal) behaviour of
179the \s-1API\s0 can be changed by using the similar
180\&\fISSL_CTX_set_mode\fR\|(3) and \fISSL_set_mode()\fR functions.
984263bc 181.PP
e056f0e0
JR
182During a handshake, the option settings of the \s-1SSL\s0 object are used. When
183a new \s-1SSL\s0 object is created from a context using \fISSL_new()\fR, the current
984263bc 184option setting is copied. Changes to \fBctx\fR do not affect already created
e056f0e0 185\&\s-1SSL\s0 objects. \fISSL_clear()\fR does not affect the settings.
984263bc
MD
186.PP
187The following \fBbug workaround\fR options are available:
e056f0e0
JR
188.IP "\s-1SSL_OP_MICROSOFT_SESS_ID_BUG\s0" 4
189.IX Item "SSL_OP_MICROSOFT_SESS_ID_BUG"
984263bc
MD
190www.microsoft.com \- when talking SSLv2, if session-id reuse is
191performed, the session-id passed back in the server-finished message
192is different from the one decided upon.
e056f0e0
JR
193.IP "\s-1SSL_OP_NETSCAPE_CHALLENGE_BUG\s0" 4
194.IX Item "SSL_OP_NETSCAPE_CHALLENGE_BUG"
195Netscape\-Commerce/1.12, when talking SSLv2, accepts a 32 byte
984263bc
MD
196challenge but then appears to only use 16 bytes when generating the
197encryption keys. Using 16 bytes is ok but it should be ok to use 32.
198According to the SSLv3 spec, one should use 32 bytes for the challenge
199when operating in SSLv2/v3 compatibility mode, but as mentioned above,
200this breaks this server so 16 bytes is the way to go.
e056f0e0
JR
201.IP "\s-1SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG\s0" 4
202.IX Item "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG"
b911043f 203As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
e056f0e0
JR
204.IP "\s-1SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG\s0" 4
205.IX Item "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG"
984263bc 206\&...
e056f0e0
JR
207.IP "\s-1SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER\s0" 4
208.IX Item "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER"
984263bc 209\&...
e056f0e0
JR
210.IP "\s-1SSL_OP_MSIE_SSLV2_RSA_PADDING\s0" 4
211.IX Item "SSL_OP_MSIE_SSLV2_RSA_PADDING"
c6082640 212As of OpenSSL 0.9.7h and 0.9.8a, this option has no effect.
e056f0e0
JR
213.IP "\s-1SSL_OP_SSLEAY_080_CLIENT_DH_BUG\s0" 4
214.IX Item "SSL_OP_SSLEAY_080_CLIENT_DH_BUG"
984263bc 215\&...
e056f0e0
JR
216.IP "\s-1SSL_OP_TLS_D5_BUG\s0" 4
217.IX Item "SSL_OP_TLS_D5_BUG"
984263bc 218\&...
e056f0e0
JR
219.IP "\s-1SSL_OP_TLS_BLOCK_PADDING_BUG\s0" 4
220.IX Item "SSL_OP_TLS_BLOCK_PADDING_BUG"
984263bc 221\&...
e056f0e0
JR
222.IP "\s-1SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS\s0" 4
223.IX Item "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS"
224Disables a countermeasure against a \s-1SSL\s0 3.0/TLS 1.0 protocol
984263bc
MD
225vulnerability affecting \s-1CBC\s0 ciphers, which cannot be handled by some
226broken \s-1SSL\s0 implementations. This option has no effect for connections
227using other ciphers.
e056f0e0
JR
228.IP "\s-1SSL_OP_ALL\s0" 4
229.IX Item "SSL_OP_ALL"
984263bc
MD
230All of the above bug workarounds.
231.PP
232It is usually safe to use \fB\s-1SSL_OP_ALL\s0\fR to enable the bug workaround
233options if compatibility with somewhat broken implementations is
234desired.
235.PP
236The following \fBmodifying\fR options are available:
e056f0e0
JR
237.IP "\s-1SSL_OP_TLS_ROLLBACK_BUG\s0" 4
238.IX Item "SSL_OP_TLS_ROLLBACK_BUG"
984263bc
MD
239Disable version rollback attack detection.
240.Sp
241During the client key exchange, the client must send the same information
242about acceptable \s-1SSL/TLS\s0 protocol levels as during the first hello. Some
243clients violate this rule by adapting to the server's answer. (Example:
244the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server
245only understands up to SSLv3. In this case the client must still use the
246same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect
247to the server's answer and violate the version rollback protection.)
e056f0e0
JR
248.IP "\s-1SSL_OP_SINGLE_DH_USE\s0" 4
249.IX Item "SSL_OP_SINGLE_DH_USE"
984263bc 250Always create a new key when using temporary/ephemeral \s-1DH\s0 parameters
e056f0e0 251(see \fISSL_CTX_set_tmp_dh_callback\fR\|(3)).
984263bc
MD
252This option must be used to prevent small subgroup attacks, when
253the \s-1DH\s0 parameters were not generated using \*(L"strong\*(R" primes
e257b235 254(e.g. when using DSA-parameters, see \fIdhparam\fR\|(1)).
984263bc
MD
255If \*(L"strong\*(R" primes were used, it is not strictly necessary to generate
256a new \s-1DH\s0 key during each handshake but it is also recommended.
e056f0e0 257\&\fB\s-1SSL_OP_SINGLE_DH_USE\s0\fR should therefore be enabled whenever
984263bc 258temporary/ephemeral \s-1DH\s0 parameters are used.
e056f0e0
JR
259.IP "\s-1SSL_OP_EPHEMERAL_RSA\s0" 4
260.IX Item "SSL_OP_EPHEMERAL_RSA"
984263bc 261Always use ephemeral (temporary) \s-1RSA\s0 key when doing \s-1RSA\s0 operations
e056f0e0 262(see \fISSL_CTX_set_tmp_rsa_callback\fR\|(3)).
984263bc
MD
263According to the specifications this is only done, when a \s-1RSA\s0 key
264can only be used for signature operations (namely under export ciphers
265with restricted \s-1RSA\s0 keylength). By setting this option, ephemeral
e056f0e0
JR
266\&\s-1RSA\s0 keys are always used. This option breaks compatibility with the
267\&\s-1SSL/TLS\s0 specifications and may lead to interoperability problems with
984263bc 268clients and should therefore never be used. Ciphers with \s-1EDH\s0 (ephemeral
e257b235 269Diffie-Hellman) key exchange should be used instead.
e056f0e0
JR
270.IP "\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0" 4
271.IX Item "SSL_OP_CIPHER_SERVER_PREFERENCE"
984263bc
MD
272When choosing a cipher, use the server's preferences instead of the client
273preferences. When not set, the \s-1SSL\s0 server will always follow the clients
274preferences. When set, the SSLv3/TLSv1 server will choose following its
275own preferences. Because of the different protocol, for SSLv2 the server
a561f9ff 276will send its list of preferences to the client and the client chooses.
e056f0e0
JR
277.IP "\s-1SSL_OP_PKCS1_CHECK_1\s0" 4
278.IX Item "SSL_OP_PKCS1_CHECK_1"
984263bc 279\&...
e056f0e0
JR
280.IP "\s-1SSL_OP_PKCS1_CHECK_2\s0" 4
281.IX Item "SSL_OP_PKCS1_CHECK_2"
984263bc 282\&...
e056f0e0
JR
283.IP "\s-1SSL_OP_NETSCAPE_CA_DN_BUG\s0" 4
284.IX Item "SSL_OP_NETSCAPE_CA_DN_BUG"
984263bc 285If we accept a netscape connection, demand a client cert, have a
a7d27d5a 286non-self-signed \s-1CA\s0 which does not have its \s-1CA\s0 in netscape, and the
e257b235 287browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta
e056f0e0
JR
288.IP "\s-1SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG\s0" 4
289.IX Item "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG"
984263bc 290\&...
e056f0e0
JR
291.IP "SSL_OP_NO_SSLv2" 4
292.IX Item "SSL_OP_NO_SSLv2"
984263bc 293Do not use the SSLv2 protocol.
e056f0e0
JR
294.IP "SSL_OP_NO_SSLv3" 4
295.IX Item "SSL_OP_NO_SSLv3"
984263bc 296Do not use the SSLv3 protocol.
e056f0e0
JR
297.IP "SSL_OP_NO_TLSv1" 4
298.IX Item "SSL_OP_NO_TLSv1"
984263bc 299Do not use the TLSv1 protocol.
e056f0e0
JR
300.IP "\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0" 4
301.IX Item "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION"
984263bc
MD
302When performing renegotiation as a server, always start a new session
303(i.e., session resumption requests are only accepted in the initial
01185282 304handshake). This option is not needed for clients.
2c0715f4
PA
305.IP "\s-1SSL_OP_NO_TICKET\s0" 4
306.IX Item "SSL_OP_NO_TICKET"
307Normally clients and servers will, where possible, transparently make use
01185282 308of RFC4507bis tickets for stateless session resumption.
2c0715f4
PA
309.Sp
310If this option is set this functionality is disabled and tickets will
311not be used by clients or servers.
01185282
PA
312.IP "\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0" 4
313.IX Item "SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION"
314Allow legacy insecure renegotiation between OpenSSL and unpatched clients or
315servers. See the \fB\s-1SECURE\s0 \s-1RENEGOTIATION\s0\fR section for more details.
316.IP "\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0" 4
317.IX Item "SSL_OP_LEGACY_SERVER_CONNECT"
318Allow legacy insecure renegotiation between OpenSSL and unpatched servers
319\&\fBonly\fR: this option is currently set by default. See the
320\&\fB\s-1SECURE\s0 \s-1RENEGOTIATION\s0\fR section for more details.
321.SH "SECURE RENEGOTIATION"
322.IX Header "SECURE RENEGOTIATION"
323OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
324described in \s-1RFC5746\s0. This counters the prefix attack described in
325\&\s-1CVE\-2009\-3555\s0 and elsewhere.
326.PP
327The deprecated and highly broken SSLv2 protocol does not support
328renegotiation at all: its use is \fBstrongly\fR discouraged.
329.PP
330This attack has far reaching consequences which application writers should be
331aware of. In the description below an implementation supporting secure
332renegotiation is referred to as \fIpatched\fR. A server not supporting secure
333renegotiation is referred to as \fIunpatched\fR.
334.PP
335The following sections describe the operations permitted by OpenSSL's secure
336renegotiation implementation.
337.SS "Patched client and server"
338.IX Subsection "Patched client and server"
339Connections and renegotiation are always permitted by OpenSSL implementations.
340.SS "Unpatched client and patched OpenSSL server"
341.IX Subsection "Unpatched client and patched OpenSSL server"
342The initial connection suceeds but client renegotiation is denied by the
343server with a \fBno_renegotiation\fR warning alert if \s-1TLS\s0 v1.0 is used or a fatal
344\&\fBhandshake_failure\fR alert in \s-1SSL\s0 v3.0.
345.PP
346If the patched OpenSSL server attempts to renegotiate a fatal
347\&\fBhandshake_failure\fR alert is sent. This is because the server code may be
348unaware of the unpatched nature of the client.
349.PP
350If the option \fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR is set then
351renegotiation \fBalways\fR succeeds.
352.PP
353\&\fB\s-1NB:\s0\fR a bug in OpenSSL clients earlier than 0.9.8m (all of which are
354unpatched) will result in the connection hanging if it receives a
355\&\fBno_renegotiation\fR alert. OpenSSL versions 0.9.8m and later will regard
356a \fBno_renegotiation\fR alert as fatal and respond with a fatal
357\&\fBhandshake_failure\fR alert. This is because the OpenSSL \s-1API\s0 currently has
358no provision to indicate to an application that a renegotiation attempt
359was refused.
360.SS "Patched OpenSSL client and unpatched server."
361.IX Subsection "Patched OpenSSL client and unpatched server."
362If the option \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR or
363\&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR is set then initial connections
364and renegotiation between patched OpenSSL clients and unpatched servers
365succeeds. If neither option is set then initial connections to unpatched
366servers will fail.
367.PP
368The option \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR is currently set by default even
369though it has security implications: otherwise it would be impossible to
370connect to unpatched servers (i.e. all of them initially) and this is clearly
371not acceptable. Renegotiation is permitted because this does not add any
372additional security issues: during an attack clients do not see any
373renegotiations anyway.
374.PP
375As more servers become patched the option \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR will
376\&\fBnot\fR be set by default in a future version of OpenSSL.
377.PP
378OpenSSL client applications wishing to ensure they can connect to unpatched
379servers should always \fBset\fR \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR
380.PP
381OpenSSL client applications that want to ensure they can \fBnot\fR connect to
382unpatched servers (and thus avoid any security issues) should always \fBclear\fR
383\&\fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR using \fISSL_CTX_clear_options()\fR or
384\&\fISSL_clear_options()\fR.
385.PP
386The difference between the \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR and
387\&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR options is that
388\&\fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR enables initial connections and secure
389renegotiation between OpenSSL clients and unpatched servers \fBonly\fR, while
390\&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR allows initial connections
391and renegotiation between OpenSSL and unpatched clients or servers.
984263bc 392.SH "RETURN VALUES"
e056f0e0
JR
393.IX Header "RETURN VALUES"
394\&\fISSL_CTX_set_options()\fR and \fISSL_set_options()\fR return the new options bitmask
984263bc
MD
395after adding \fBoptions\fR.
396.PP
01185282
PA
397\&\fISSL_CTX_clear_options()\fR and \fISSL_clear_options()\fR return the new options bitmask
398after clearing \fBoptions\fR.
399.PP
e056f0e0 400\&\fISSL_CTX_get_options()\fR and \fISSL_get_options()\fR return the current bitmask.
01185282
PA
401.PP
402\&\fISSL_get_secure_renegotiation_support()\fR returns 1 is the peer supports
403secure renegotiation and 0 if it does not.
984263bc 404.SH "SEE ALSO"
e056f0e0
JR
405.IX Header "SEE ALSO"
406\&\fIssl\fR\|(3), \fISSL_new\fR\|(3), \fISSL_clear\fR\|(3),
407\&\fISSL_CTX_set_tmp_dh_callback\fR\|(3),
408\&\fISSL_CTX_set_tmp_rsa_callback\fR\|(3),
409\&\fIdhparam\fR\|(1)
984263bc 410.SH "HISTORY"
e056f0e0
JR
411.IX Header "HISTORY"
412\&\fB\s-1SSL_OP_CIPHER_SERVER_PREFERENCE\s0\fR and
413\&\fB\s-1SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION\s0\fR have been added in
984263bc
MD
414OpenSSL 0.9.7.
415.PP
e056f0e0
JR
416\&\fB\s-1SSL_OP_TLS_ROLLBACK_BUG\s0\fR has been added in OpenSSL 0.9.6 and was automatically
417enabled with \fB\s-1SSL_OP_ALL\s0\fR. As of 0.9.7, it is no longer included in \fB\s-1SSL_OP_ALL\s0\fR
984263bc
MD
418and must be explicitly set.
419.PP
e056f0e0 420\&\fB\s-1SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS\s0\fR has been added in OpenSSL 0.9.6e.
984263bc
MD
421Versions up to OpenSSL 0.9.6c do not include the countermeasure that
422can be disabled with this option (in OpenSSL 0.9.6d, it was always
423enabled).
01185282
PA
424.PP
425\&\fISSL_CTX_clear_options()\fR and \fISSL_clear_options()\fR were first added in OpenSSL
4260.9.8m.
427.PP
428\&\fB\s-1SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION\s0\fR, \fB\s-1SSL_OP_LEGACY_SERVER_CONNECT\s0\fR
429and the function \fISSL_get_secure_renegotiation_support()\fR were first added in
430OpenSSL 0.9.8m.