diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod index 1abda2898e..310db84b31 100644 --- a/doc/ssl/SSL_CTX_set_options.pod +++ b/doc/ssl/SSL_CTX_set_options.pod @@ -224,10 +224,16 @@ of RFC4507bis tickets for stateless session resumption. If this option is set this functionality is disabled and tickets will not be used by clients or servers. -=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, SSL_OP_LEGACY_SERVER_CONNECT +=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION -See the B section for a discussion of the purpose of -these options. +Allow legacy insecure renegotiation between OpenSSL and unpatched clients or +servers. See the B section for more details. + +=item SSL_OP_LEGACY_SERVER_CONNECT + +Allow legacy insecure renegotiation between OpenSSL and unpatched servers +B: this option is currently set by default. See the +B section for more details. =back @@ -275,15 +281,18 @@ was refused. =head2 Patched OpenSSL client and unpatched server. -If the option B is set then initial connections +If the option B or +B is set then initial connections and renegotiation between patched OpenSSL clients and unpatched servers -succeeds. +succeeds. If neither option is set then initial connections to unpatched +servers will fail. -This option is currently set by default even though it has security -implications: otherwise it would be impossible to connect to unpatched servers -(i.e. all of them initially) and this is clearly not acceptable. Renegotiation -is permitted because this does not add any additional security issues: during -an attack clients do not see any renegotiations anyway. +The option B is currently set by default even +though it has security implications: otherwise it would be impossible to +connect to unpatched servers (i.e. all of them initially) and this is clearly +not acceptable. Renegotiation is permitted because this does not add any +additional security issues: during an attack clients do not see any +renegotiations anyway. As more servers become patched the option B will B be set by default in a future version of OpenSSL. @@ -296,9 +305,12 @@ unpatched servers (and thus avoid any security issues) should always B B using SSL_CTX_clear_options() or SSL_clear_options(). -As in the previous case if the option -B is set then renegotiation -B succeeds. +The difference between the B and +B options is that +B enables initial connections and secure +renegotiation between OpenSSL clients and unpatched servers B, while +B allows initial connections +and renegotiation between OpenSSL and unpatched clients or servers. =head1 RETURN VALUES