Actually implement UnsafeLegacyServerConnect as documented

author Tomas Mraz <tomas@openssl.org>

Thu, 12 May 2022 06:41:14 +0000 (08:41 +0200)

committer Tomas Mraz <tomas@openssl.org>

Fri, 27 May 2022 06:47:31 +0000 (08:47 +0200)
author Tomas Mraz <tomas@openssl.org>
Thu, 12 May 2022 06:41:14 +0000 (08:41 +0200)
committer Tomas Mraz <tomas@openssl.org>
Fri, 27 May 2022 06:47:31 +0000 (08:47 +0200)
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c

index f90d5a05b336e37914ab925c5542ce28f0d603d7..767faf2452a6d1f2b95822d0e78787b3c2e70158 100644 (file)
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -384,6 +384,8 @@ static int cmd_Options(SSL_CONF_CTX *cctx, const char *value)
          SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE),
          SSL_FLAG_TBL("UnsafeLegacyRenegotiation",
                       SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION),
+        SSL_FLAG_TBL("UnsafeLegacyServerConnect",
+                     SSL_OP_LEGACY_SERVER_CONNECT),
          SSL_FLAG_TBL("ClientRenegotiation",
                       SSL_OP_ALLOW_CLIENT_RENEGOTIATION),
          SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC),
author	Tomas Mraz <tomas@openssl.org>
	Thu, 12 May 2022 06:41:14 +0000 (08:41 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 27 May 2022 06:47:31 +0000 (08:47 +0200)