diff options
| author | David Goulet <dgoulet@torproject.org> | 2022-02-09 10:36:26 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2022-02-09 10:36:26 -0500 |
| commit | 52d1c1fd311c9d552b32108a7e92ea2be76e090c (patch) | |
| tree | 00bcb7e273efbbc5a24c6cd23ab5b8b7605c1343 /src/lib/tls | |
| parent | 763d72238d84ff5c2c0a889d15f25a145046c9e5 (diff) | |
| parent | f1387b398c130eac740b759db5101d8c469114d5 (diff) | |
| download | tor-52d1c1fd311c9d552b32108a7e92ea2be76e090c.tar.gz tor-52d1c1fd311c9d552b32108a7e92ea2be76e090c.zip | |
Merge branch 'tor-gitlab/mr/518'
Diffstat (limited to 'src/lib/tls')
| -rw-r--r-- | src/lib/tls/tortls_openssl.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index d59d65d995..77de2d6a11 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -701,6 +701,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, /* let us realloc bufs that we're writing from */ SSL_CTX_set_mode(result->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); +#ifdef SSL_OP_TLSEXT_PADDING + /* Adds a padding extension to ensure the ClientHello size is never between + * 256 and 511 bytes in length. */ + SSL_CTX_set_options(result->ctx, SSL_OP_TLSEXT_PADDING); +#endif + return result; error: |