Enumeration

SSLSessionOption

The options that can be set for an SSL session.

Declaration

typedef enum SSLSessionOption : int {
    ...
} SSLSessionOption;

Overview

Use these flags with calls to the SSLSetSessionOption function.

Topics

Constants

kSSLSessionOptionBreakOnServerAuth

Enables returning from SSLHandshake (with a result of errSSLServerAuthCompleted) when the server authentication portion of the handshake is complete to allow your application to perform its own certificate verification.

kSSLSessionOptionBreakOnCertRequested

Enables returning from SSLHandshake (with a result of errSSLClientCertRequested) when the server requests a client certificate.

kSSLSessionOptionBreakOnClientAuth

Enables returning from SSLHandshake (with a result of errSSLClientAuthCompleted) when the client authentication portion of the handshake is complete to allow your application to perform its own certificate verification.

kSSLSessionOptionFalseStart

When enabled, TLS False Start is used if an adequate cipher-suite is negotiated.

kSSLSessionOptionSendOneByteRecord

Enables 1/n-1 record splitting for BEAST attack mitigation.

kSSLSessionOptionAllowServerIdentityChange

Allow server identity change on renegotiation.

kSSLSessionOptionFallback

Enable fallback countermeasures.

kSSLSessionOptionBreakOnClientHello

Break from a client hello in order to check for SNI.

See Also

Context Options

SSLSetSessionOption

Specifies options for a specific session.

SSLGetSessionOption

Indicates the current setting of Secure Sockets Layer (SSL) session options.