Rebex
Products Downloads Buy Support Contact
Show / Hide Table of Contents

TlsOptions Enum

Namespace: Rebex.Net
Assembly: Rebex.Networking.dll (version 7.0.9147)

Specifies secure connection options.

Syntax
[Flags]
public enum TlsOptions

Fields

Name Description
AllowClientRenegotiation

Allows server-side TLS sockets to accept TLS renegotiation initiated by the client. Does not apply to client-side TLS sockets (use DisableRenegotiation to control that behavior instead).

AllowCloseWhileNegotiating

Causes an exception not to be thrown when a socket is closed by the server during negotiation. Instead, the negotiation will appear as successful, followed by an immediate socket closure.

AllowSilentClose

Disables the requirement for the other side of the connection to send closure alert (close_notify messages). This is in violation of the RFC and potentially opens the communication to truncation attack, but unfortunately it's needed when communicating with some broken TLS servers. Only applies to TLS 1.2 or lower.

DisableClientHelloPadding

Disables ClientHello padding.

DisableExtendedMasterSecret

Disables Extended Master Secret Extension (RFC 7627).

DisableRenegotiation

Disables all TLS renegotiation attempts by the other side. Please note that to enable client-initiated renegotiation at the server side, the AllowClientRenegotiation option must be enabled.

DisableRenegotiationExtension

Disables Renegotiation Indication Extension (RFC 5746).

DisableServerNameIndication

Disables Server Name Indication Extension (RFC 6066).

DoNotCacheSessions

Do not cache any sessions.

DoNotInsertEmptyFragment

Do not send empty record after successful handshake with CBC ciphers.

EnableWrongSchannelPaddingWorkaround

Enables workaround for old versions of MS Schannel with DHE padding bug. See http://web.archive.org/web/20171129124603/https://connect.microsoft.com/IE/feedback/details/1253526/tls-serverkeyexchange-with-1024-dhe-may-encode-dh-y-as-127-bytes-breaking-internet-explorer-11 for details.

None

No options.

RequireSecureRenegotiation

Disables TLS renegotiation attempts by the other side unless it supports Renegotiation Indication Extension (RFC 5746).

Reserved

This option is currently unused.

SilentClose

Forces the Close() method to do immediate close without sending the closure alert (close_notify messages). This is in violation of the RFC, but some broken servers (IIS with TLS 1.1) need it, unfortunately.

SilentUnprotect

Forces the Unprotect() method to do immediate unprotect without exchange of CloseNotify alert messages. This is in violation of the RFC, but some broken servers need it, unfortunately.

SkipRollbackDetection

Ignore the client version in premaster secret. This only affects server sockets.

StayConnected

This option is no longer supported.

UseLegacyRenegotiationExtensionSignaling

Use signaling mechanism via Signaling Cipher Suite Value (SCSV) to indicate support for Renegotiation Indication Extension (RFC 5746). Only applies to client-side TLS. Only applies to TLS 1.2 or earlier.

In This Article
  • Fields
© REBEX ČR s.r.o. Back to top
Privacy policy
Manage cookies