NSSLContextSetMode

Syntax

    
#include <cafe.h>
#include <cafe/nssl/nsslclient.h>

NSSL_RVAL NSSLContextSetMode(NSSLContextHandle context,                        
                              unsigned long mode);

Parameters

context The context for which the mode is being set.
mode Mode to set. Supported modes: NSSL_CTX_MODE_SEND_FALLBACK_SCSV

Return Values

NSSL_RVAL_OK on success, error code of type NSSL_RVAL on failure.

Description

Sets modes for the context. Below is the meaning of the modes:

NSSL_CTX_MODE_SEND_FALLBACK_SCSV: During NSSLDoHandshake, the system will include a fallback flag inside the 'clienthello' packet. This is to let the server know that the system is trying to fallback to a lower protocol after a higher protocol has failed. This should NOT be set when trying to connect to a server using the highest protocol. It is only to be used when trying a lower protocol to prevent down grade attacks like CVE-2014-3566 aka "POODLE".

Refer to the nssl_rw demo located at system/src/demo/nssl/nssl_rw.cpp.

Do Not Call From

Callbacks Do not call this function from any callback function.
Interrupt handler Do not call this function from any interrupt handler.
Exception handler Do not call this function from any exception handler.

See Also

NSSLCreateContext

Revision History

2015/04/09 Initial version.


CONFIDENTIAL