Actually implement UnsafeLegacyServerConnect as documented

Fixes #18295 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/18296)
author: Tomas Mraz <tomas@openssl.org> 2022-05-12 08:41:14 +0200
committer: Tomas Mraz <tomas@openssl.org> 2022-05-27 08:47:31 +0200
commit: 65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db (patch)
tree: b5b52a5c388f4670677a26096e6bc7698f71e1ed /ssl/ssl_conf.c
parent: Configurations/gentemplate.pm: Generate generators too, when necessary (diff)
download: openssl-65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db.tar.xz
openssl-65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index f90d5a05b3..767faf2452 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -384,6 +384,8 @@ static int cmd_Options(SSL_CONF_CTX *cctx, const char *value)
         SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE),
         SSL_FLAG_TBL("UnsafeLegacyRenegotiation",
                      SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION),
+        SSL_FLAG_TBL("UnsafeLegacyServerConnect",
+                     SSL_OP_LEGACY_SERVER_CONNECT),
         SSL_FLAG_TBL("ClientRenegotiation",
                      SSL_OP_ALLOW_CLIENT_RENEGOTIATION),
         SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC),
author	Tomas Mraz <tomas@openssl.org>	2022-05-12 08:41:14 +0200
committer	Tomas Mraz <tomas@openssl.org>	2022-05-27 08:47:31 +0200
commit	65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db (patch)
tree	b5b52a5c388f4670677a26096e6bc7698f71e1ed /ssl/ssl_conf.c
parent	Configurations/gentemplate.pm: Generate generators too, when necessary (diff)
download	openssl-65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db.tar.xz openssl-65b2bb9ca0cff5e65938dc0d9dcd71c251bd67db.zip