1 /*--------------------------------------------------------------------------
2 * LuaSec 1.0.2
3 *
4 * Copyright (C) 2006-2021 Bruno Silvestre
5 *
6 *--------------------------------------------------------------------------*/
7
8 #include <openssl/ssl.h>
9
10 #include "options.h"
11
12 /* If you need to generate these options again, see options.lua */
13
14
15 /*
16 OpenSSL version: OpenSSL 3.0.0-beta2
17 */
18
19 static lsec_ssl_option_t ssl_options[] = {
20 #if defined(SSL_OP_ALL)
21 {"all", SSL_OP_ALL},
22 #endif
23 #if defined(SSL_OP_ALLOW_CLIENT_RENEGOTIATION)
24 {"allow_client_renegotiation", SSL_OP_ALLOW_CLIENT_RENEGOTIATION},
25 #endif
26 #if defined(SSL_OP_ALLOW_NO_DHE_KEX)
27 {"allow_no_dhe_kex", SSL_OP_ALLOW_NO_DHE_KEX},
28 #endif
29 #if defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)
30 {"allow_unsafe_legacy_renegotiation", SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION},
31 #endif
32 #if defined(SSL_OP_CIPHER_SERVER_PREFERENCE)
33 {"cipher_server_preference", SSL_OP_CIPHER_SERVER_PREFERENCE},
34 #endif
35 #if defined(SSL_OP_CISCO_ANYCONNECT)
36 {"cisco_anyconnect", SSL_OP_CISCO_ANYCONNECT},
37 #endif
38 #if defined(SSL_OP_CLEANSE_PLAINTEXT)
39 {"cleanse_plaintext", SSL_OP_CLEANSE_PLAINTEXT},
40 #endif
41 #if defined(SSL_OP_COOKIE_EXCHANGE)
42 {"cookie_exchange", SSL_OP_COOKIE_EXCHANGE},
43 #endif
44 #if defined(SSL_OP_CRYPTOPRO_TLSEXT_BUG)
45 {"cryptopro_tlsext_bug", SSL_OP_CRYPTOPRO_TLSEXT_BUG},
46 #endif
47 #if defined(SSL_OP_DISABLE_TLSEXT_CA_NAMES)
48 {"disable_tlsext_ca_names", SSL_OP_DISABLE_TLSEXT_CA_NAMES},
49 #endif
50 #if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
51 {"dont_insert_empty_fragments", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
52 #endif
53 #if defined(SSL_OP_ENABLE_KTLS)
54 {"enable_ktls", SSL_OP_ENABLE_KTLS},
55 #endif
56 #if defined(SSL_OP_ENABLE_MIDDLEBOX_COMPAT)
57 {"enable_middlebox_compat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT},
58 #endif
59 #if defined(SSL_OP_EPHEMERAL_RSA)
60 {"ephemeral_rsa", SSL_OP_EPHEMERAL_RSA},
61 #endif
62 #if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
63 {"ignore_unexpected_eof", SSL_OP_IGNORE_UNEXPECTED_EOF},
64 #endif
65 #if defined(SSL_OP_LEGACY_SERVER_CONNECT)
66 {"legacy_server_connect", SSL_OP_LEGACY_SERVER_CONNECT},
67 #endif
68 #if defined(SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
69 {"microsoft_big_sslv3_buffer", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER},
70 #endif
71 #if defined(SSL_OP_MICROSOFT_SESS_ID_BUG)
72 {"microsoft_sess_id_bug", SSL_OP_MICROSOFT_SESS_ID_BUG},
73 #endif
74 #if defined(SSL_OP_MSIE_SSLV2_RSA_PADDING)
75 {"msie_sslv2_rsa_padding", SSL_OP_MSIE_SSLV2_RSA_PADDING},
76 #endif
77 #if defined(SSL_OP_NETSCAPE_CA_DN_BUG)
78 {"netscape_ca_dn_bug", SSL_OP_NETSCAPE_CA_DN_BUG},
79 #endif
80 #if defined(SSL_OP_NETSCAPE_CHALLENGE_BUG)
81 {"netscape_challenge_bug", SSL_OP_NETSCAPE_CHALLENGE_BUG},
82 #endif
83 #if defined(SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
84 {"netscape_demo_cipher_change_bug", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG},
85 #endif
86 #if defined(SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
87 {"netscape_reuse_cipher_change_bug", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG},
88 #endif
89 #if defined(SSL_OP_NO_ANTI_REPLAY)
90 {"no_anti_replay", SSL_OP_NO_ANTI_REPLAY},
91 #endif
92 #if defined(SSL_OP_NO_COMPRESSION)
93 {"no_compression", SSL_OP_NO_COMPRESSION},
94 #endif
95 #if defined(SSL_OP_NO_DTLS_MASK)
96 {"no_dtls_mask", SSL_OP_NO_DTLS_MASK},
97 #endif
98 #if defined(SSL_OP_NO_DTLSv1)
99 {"no_dtlsv1", SSL_OP_NO_DTLSv1},
100 #endif
101 #if defined(SSL_OP_NO_DTLSv1_2)
102 {"no_dtlsv1_2", SSL_OP_NO_DTLSv1_2},
103 #endif
104 #if defined(SSL_OP_NO_ENCRYPT_THEN_MAC)
105 {"no_encrypt_then_mac", SSL_OP_NO_ENCRYPT_THEN_MAC},
106 #endif
107 #if defined(SSL_OP_NO_EXTENDED_MASTER_SECRET)
108 {"no_extended_master_secret", SSL_OP_NO_EXTENDED_MASTER_SECRET},
109 #endif
110 #if defined(SSL_OP_NO_QUERY_MTU)
111 {"no_query_mtu", SSL_OP_NO_QUERY_MTU},
112 #endif
113 #if defined(SSL_OP_NO_RENEGOTIATION)
114 {"no_renegotiation", SSL_OP_NO_RENEGOTIATION},
115 #endif
116 #if defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)
117 {"no_session_resumption_on_renegotiation", SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION},
118 #endif
119 #if defined(SSL_OP_NO_SSL_MASK)
120 {"no_ssl_mask", SSL_OP_NO_SSL_MASK},
121 #endif
122 #if defined(SSL_OP_NO_SSLv2)
123 {"no_sslv2", SSL_OP_NO_SSLv2},
124 #endif
125 #if defined(SSL_OP_NO_SSLv3)
126 {"no_sslv3", SSL_OP_NO_SSLv3},
127 #endif
128 #if defined(SSL_OP_NO_TICKET)
129 {"no_ticket", SSL_OP_NO_TICKET},
130 #endif
131 #if defined(SSL_OP_NO_TLSv1)
132 {"no_tlsv1", SSL_OP_NO_TLSv1},
133 #endif
134 #if defined(SSL_OP_NO_TLSv1_1)
135 {"no_tlsv1_1", SSL_OP_NO_TLSv1_1},
136 #endif
137 #if defined(SSL_OP_NO_TLSv1_2)
138 {"no_tlsv1_2", SSL_OP_NO_TLSv1_2},
139 #endif
140 #if defined(SSL_OP_NO_TLSv1_3)
141 {"no_tlsv1_3", SSL_OP_NO_TLSv1_3},
142 #endif
143 #if defined(SSL_OP_PKCS1_CHECK_1)
144 {"pkcs1_check_1", SSL_OP_PKCS1_CHECK_1},
145 #endif
146 #if defined(SSL_OP_PKCS1_CHECK_2)
147 {"pkcs1_check_2", SSL_OP_PKCS1_CHECK_2},
148 #endif
149 #if defined(SSL_OP_PRIORITIZE_CHACHA)
150 {"prioritize_chacha", SSL_OP_PRIORITIZE_CHACHA},
151 #endif
152 #if defined(SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
153 {"safari_ecdhe_ecdsa_bug", SSL_OP_SAFARI_ECDHE_ECDSA_BUG},
154 #endif
155 #if defined(SSL_OP_SINGLE_DH_USE)
156 {"single_dh_use", SSL_OP_SINGLE_DH_USE},
157 #endif
158 #if defined(SSL_OP_SINGLE_ECDH_USE)
159 {"single_ecdh_use", SSL_OP_SINGLE_ECDH_USE},
160 #endif
161 #if defined(SSL_OP_SSLEAY_080_CLIENT_DH_BUG)
162 {"ssleay_080_client_dh_bug", SSL_OP_SSLEAY_080_CLIENT_DH_BUG},
163 #endif
164 #if defined(SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)
165 {"sslref2_reuse_cert_type_bug", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG},
166 #endif
167 #if defined(SSL_OP_TLSEXT_PADDING)
168 {"tlsext_padding", SSL_OP_TLSEXT_PADDING},
169 #endif
170 #if defined(SSL_OP_TLS_BLOCK_PADDING_BUG)
171 {"tls_block_padding_bug", SSL_OP_TLS_BLOCK_PADDING_BUG},
172 #endif
173 #if defined(SSL_OP_TLS_D5_BUG)
174 {"tls_d5_bug", SSL_OP_TLS_D5_BUG},
175 #endif
176 #if defined(SSL_OP_TLS_ROLLBACK_BUG)
177 {"tls_rollback_bug", SSL_OP_TLS_ROLLBACK_BUG},
178 #endif
179 {NULL, 0L}
180 };
181
lsec_get_ssl_options()182 LSEC_API lsec_ssl_option_t* lsec_get_ssl_options() {
183 return ssl_options;
184 }
185
186