TlsOptions Enum
Namespace: Rebex.Net
Assembly: Rebex.Networking.dll (version 7.0.9147)
Specifies secure connection options.
Syntax
[Flags]
public enum TlsOptionsFields
| Name | Description |
|---|---|
| AllowClientRenegotiation | Allows server-side TLS sockets to accept TLS renegotiation initiated by the client.
Does not apply to client-side TLS sockets (use Disable |
| AllowCloseWhileNegotiating | Causes an exception not to be thrown when a socket is closed by the server during negotiation. Instead, the negotiation will appear as successful, followed by an immediate socket closure. |
| AllowSilentClose | Disables the requirement for the other side of the connection to send closure alert (close_notify messages). This is in violation of the RFC and potentially opens the communication to truncation attack, but unfortunately it's needed when communicating with some broken TLS servers. Only applies to TLS 1.2 or lower. |
| DisableClientHelloPadding | Disables ClientHello padding. |
| DisableExtendedMasterSecret | Disables Extended Master Secret Extension (RFC 7627). |
| DisableRenegotiation | Disables all TLS renegotiation attempts by the other side.
Please note that to enable client-initiated renegotiation at the server side, the Allow |
| DisableRenegotiationExtension | Disables Renegotiation Indication Extension (RFC 5746). |
| DisableServerNameIndication | Disables Server Name Indication Extension (RFC 6066). |
| DoNotCacheSessions | Do not cache any sessions. |
| DoNotInsertEmptyFragment | Do not send empty record after successful handshake with CBC ciphers. |
| EnableWrongSchannelPaddingWorkaround | Enables workaround for old versions of MS Schannel with DHE padding bug. See http://web.archive.org/web/20171129124603/https://connect.microsoft.com/IE/feedback/details/1253526/tls-serverkeyexchange-with-1024-dhe-may-encode-dh-y-as-127-bytes-breaking-internet-explorer-11 for details. |
| None | No options. |
| RequireSecureRenegotiation | Disables TLS renegotiation attempts by the other side unless it supports Renegotiation Indication Extension (RFC 5746). |
| Reserved | This option is currently unused. |
| SilentClose | Forces the Close() method to do immediate close without sending the closure alert (close_notify messages). This is in violation of the RFC, but some broken servers (IIS with TLS 1.1) need it, unfortunately. |
| SilentUnprotect | Forces the Unprotect() method to do immediate unprotect without exchange of CloseNotify alert messages. This is in violation of the RFC, but some broken servers need it, unfortunately. |
| SkipRollbackDetection | Ignore the client version in premaster secret. This only affects server sockets. |
| StayConnected | This option is no longer supported. |
| UseLegacyRenegotiationExtensionSignaling | Use signaling mechanism via Signaling Cipher Suite Value (SCSV) to indicate support for Renegotiation Indication Extension (RFC 5746). Only applies to client-side TLS. Only applies to TLS 1.2 or earlier. |