From a8592cce042623e644ebf9efa4c148c78b46d064 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 21 Sep 2014 17:44:37 +0000
Subject: Document SSL_OP_TLSEXT_PADDING.

From OpenSSL.
---
 src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/lib/libssl')

diff --git a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
index 74f8b5d932..c656fb2e19 100644
--- a/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
+++ b/src/lib/libssl/src/doc/ssl/SSL_CTX_set_options.pod
@@ -114,6 +114,12 @@ vulnerability affecting CBC ciphers, which cannot be handled by some
 broken SSL implementations.  This option has no effect for connections
 using other ciphers.
 
+=item SSL_OP_TLSEXT_PADDING
+
+Adds a padding extension to ensure the ClientHello size is never between
+256 and 511 bytes in length. This is needed as a workaround for some
+implementations.
+
 =item SSL_OP_ALL
 
 All of the above bug workarounds.
-- 
cgit v1.2.3-55-g6feb