Ignore SSL_OP_BIT(n) macro and update option.c #178

This commit is contained in:
Bruno Silvestre 2021-08-02 17:02:44 -03:00
parent 8cba350f37
commit 79bbc0bc3e
2 changed files with 25 additions and 4 deletions

View File

@ -13,13 +13,16 @@
/* /*
OpenSSL version: OpenSSL 1.1.1 OpenSSL version: OpenSSL 3.0.0-beta2
*/ */
static lsec_ssl_option_t ssl_options[] = { static lsec_ssl_option_t ssl_options[] = {
#if defined(SSL_OP_ALL) #if defined(SSL_OP_ALL)
{"all", SSL_OP_ALL}, {"all", SSL_OP_ALL},
#endif #endif
#if defined(SSL_OP_ALLOW_CLIENT_RENEGOTIATION)
{"allow_client_renegotiation", SSL_OP_ALLOW_CLIENT_RENEGOTIATION},
#endif
#if defined(SSL_OP_ALLOW_NO_DHE_KEX) #if defined(SSL_OP_ALLOW_NO_DHE_KEX)
{"allow_no_dhe_kex", SSL_OP_ALLOW_NO_DHE_KEX}, {"allow_no_dhe_kex", SSL_OP_ALLOW_NO_DHE_KEX},
#endif #endif
@ -32,21 +35,33 @@ static lsec_ssl_option_t ssl_options[] = {
#if defined(SSL_OP_CISCO_ANYCONNECT) #if defined(SSL_OP_CISCO_ANYCONNECT)
{"cisco_anyconnect", SSL_OP_CISCO_ANYCONNECT}, {"cisco_anyconnect", SSL_OP_CISCO_ANYCONNECT},
#endif #endif
#if defined(SSL_OP_CLEANSE_PLAINTEXT)
{"cleanse_plaintext", SSL_OP_CLEANSE_PLAINTEXT},
#endif
#if defined(SSL_OP_COOKIE_EXCHANGE) #if defined(SSL_OP_COOKIE_EXCHANGE)
{"cookie_exchange", SSL_OP_COOKIE_EXCHANGE}, {"cookie_exchange", SSL_OP_COOKIE_EXCHANGE},
#endif #endif
#if defined(SSL_OP_CRYPTOPRO_TLSEXT_BUG) #if defined(SSL_OP_CRYPTOPRO_TLSEXT_BUG)
{"cryptopro_tlsext_bug", SSL_OP_CRYPTOPRO_TLSEXT_BUG}, {"cryptopro_tlsext_bug", SSL_OP_CRYPTOPRO_TLSEXT_BUG},
#endif #endif
#if defined(SSL_OP_DISABLE_TLSEXT_CA_NAMES)
{"disable_tlsext_ca_names", SSL_OP_DISABLE_TLSEXT_CA_NAMES},
#endif
#if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) #if defined(SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
{"dont_insert_empty_fragments", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS}, {"dont_insert_empty_fragments", SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS},
#endif #endif
#if defined(SSL_OP_ENABLE_KTLS)
{"enable_ktls", SSL_OP_ENABLE_KTLS},
#endif
#if defined(SSL_OP_ENABLE_MIDDLEBOX_COMPAT) #if defined(SSL_OP_ENABLE_MIDDLEBOX_COMPAT)
{"enable_middlebox_compat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT}, {"enable_middlebox_compat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT},
#endif #endif
#if defined(SSL_OP_EPHEMERAL_RSA) #if defined(SSL_OP_EPHEMERAL_RSA)
{"ephemeral_rsa", SSL_OP_EPHEMERAL_RSA}, {"ephemeral_rsa", SSL_OP_EPHEMERAL_RSA},
#endif #endif
#if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
{"ignore_unexpected_eof", SSL_OP_IGNORE_UNEXPECTED_EOF},
#endif
#if defined(SSL_OP_LEGACY_SERVER_CONNECT) #if defined(SSL_OP_LEGACY_SERVER_CONNECT)
{"legacy_server_connect", SSL_OP_LEGACY_SERVER_CONNECT}, {"legacy_server_connect", SSL_OP_LEGACY_SERVER_CONNECT},
#endif #endif
@ -89,6 +104,9 @@ static lsec_ssl_option_t ssl_options[] = {
#if defined(SSL_OP_NO_ENCRYPT_THEN_MAC) #if defined(SSL_OP_NO_ENCRYPT_THEN_MAC)
{"no_encrypt_then_mac", SSL_OP_NO_ENCRYPT_THEN_MAC}, {"no_encrypt_then_mac", SSL_OP_NO_ENCRYPT_THEN_MAC},
#endif #endif
#if defined(SSL_OP_NO_EXTENDED_MASTER_SECRET)
{"no_extended_master_secret", SSL_OP_NO_EXTENDED_MASTER_SECRET},
#endif
#if defined(SSL_OP_NO_QUERY_MTU) #if defined(SSL_OP_NO_QUERY_MTU)
{"no_query_mtu", SSL_OP_NO_QUERY_MTU}, {"no_query_mtu", SSL_OP_NO_QUERY_MTU},
#endif #endif

View File

@ -60,11 +60,14 @@ local function loadoptions(file)
local options = {} local options = {}
local f = assert(io.open(file, "r")) local f = assert(io.open(file, "r"))
for line in f:lines() do for line in f:lines() do
local op = string.match(line, "define%s+(SSL_OP_%S+)") local op = string.match(line, "define%s+(SSL_OP_BIT%()")
if not op then
op = string.match(line, "define%s+(SSL_OP_%S+)")
if op then if op then
table.insert(options, op) table.insert(options, op)
end end
end end
end
table.sort(options, function(a,b) return a<b end) table.sort(options, function(a,b) return a<b end)
return options return options
end end