aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_record.hrl
diff options
context:
space:
mode:
authorKenneth Lakin <[email protected]>2016-04-30 02:31:51 -0700
committerKenneth Lakin <[email protected]>2016-05-26 02:58:55 -0700
commitdf0c5663dd944a3dd06936105d0696a704c20e4e (patch)
tree0327c1f812afe0a9786acb3bf303ab665135825c /lib/ssl/src/ssl_record.hrl
parent42a0229c44875f927bc1fda138d24131874a1c3c (diff)
downloadotp-df0c5663dd944a3dd06936105d0696a704c20e4e.tar.gz
otp-df0c5663dd944a3dd06936105d0696a704c20e4e.tar.bz2
otp-df0c5663dd944a3dd06936105d0696a704c20e4e.zip
ssl: Add BEAST mitigation selection option
Some legacy TLS 1.0 software does not tolerate the 1/n-1 content split BEAST mitigation technique. This commit adds a beast_mitigation SSL option (defaulting to one_n_minus_one) to select or disable the BEAST mitigation technique. Valid option values are (one_n_minus_one | zero_n | disabled).
Diffstat (limited to 'lib/ssl/src/ssl_record.hrl')
-rw-r--r--lib/ssl/src/ssl_record.hrl4
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_record.hrl b/lib/ssl/src/ssl_record.hrl
index d34d144343..87fde35258 100644
--- a/lib/ssl/src/ssl_record.hrl
+++ b/lib/ssl/src/ssl_record.hrl
@@ -40,7 +40,9 @@
%% RFC 5746
secure_renegotiation,
client_verify_data,
- server_verify_data
+ server_verify_data,
+ %% How to do BEAST mitigation?
+ beast_mitigation
}).
-record(connection_states, {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 05:26:01 +0000