From 257c5ac1fa8eee980479c01c52dc52bfac4d1392 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 6 Mar 2023 22:18:44 +0100 Subject: [PATCH] doc: remove useless SSL_OP_* options These 14 options do not have any effect in any supported version of OpenSSL. PR-URL: https://github.com/nodejs/node/pull/46954 Reviewed-By: Ben Noordhuis Reviewed-By: Filip Skokan Reviewed-By: Colin Ihrig Reviewed-By: Luigi Pinca --- doc/api/crypto.md | 60 ----------------------------------------------- 1 file changed, 60 deletions(-) diff --git a/doc/api/crypto.md b/doc/api/crypto.md index db21651c939abc..67490744c50c8f 100644 --- a/doc/api/crypto.md +++ b/doc/api/crypto.md @@ -5813,44 +5813,18 @@ See the [list of SSL OP Flags][] for details. Instructs OpenSSL to disable a SSL 3.0/TLS 1.0 vulnerability workaround added in OpenSSL 0.9.6d. - - SSL_OP_EPHEMERAL_RSA - Instructs OpenSSL to always use the tmp_rsa key when performing RSA - operations. - SSL_OP_LEGACY_SERVER_CONNECT Allows initial connection to servers that do not support RI. - - SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER - - - - SSL_OP_MICROSOFT_SESS_ID_BUG - - - - SSL_OP_MSIE_SSLV2_RSA_PADDING - Instructs OpenSSL to disable the workaround for a man-in-the-middle - protocol-version vulnerability in the SSL 2.0 server implementation. - SSL_OP_NETSCAPE_CA_DN_BUG - - SSL_OP_NETSCAPE_CHALLENGE_BUG - - SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG - - SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - - SSL_OP_NO_COMPRESSION Instructs OpenSSL to disable support for SSL/TLS compression. @@ -5900,14 +5874,6 @@ See the [list of SSL OP Flags][] for details. SSL_OP_NO_TLSv1_3 Instructs OpenSSL to turn off TLS v1.3 - - SSL_OP_PKCS1_CHECK_1 - - - - SSL_OP_PKCS1_CHECK_2 - - SSL_OP_PRIORITIZE_CHACHA Instructs OpenSSL server to prioritize ChaCha20-Poly1305 @@ -5916,32 +5882,6 @@ See the [list of SSL OP Flags][] for details. SSL_OP_CIPHER_SERVER_PREFERENCE is not enabled. - - SSL_OP_SINGLE_DH_USE - Instructs OpenSSL to always create a new key when using - temporary/ephemeral DH parameters. - - - SSL_OP_SINGLE_ECDH_USE - Instructs OpenSSL to always create a new key when using - temporary/ephemeral ECDH parameters. - - - SSL_OP_SSLEAY_080_CLIENT_DH_BUG - - - - SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG - - - - SSL_OP_TLS_BLOCK_PADDING_BUG - - - - SSL_OP_TLS_D5_BUG - - SSL_OP_TLS_ROLLBACK_BUG Instructs OpenSSL to disable version rollback attack detection.