diff options
author | @Ajit <ajeetsinghchahar2@gmail.com> | 2023-04-01 23:05:00 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2023-04-01 23:05:00 +0000 |
commit | b6b71c8b70061eb5a489443ba82c90df948da95b (patch) | |
tree | f7f2681f3ef0a6af8ec6148ef260ef151775d0d8 /lib/priority_options.gperf | |
parent | b3fe5c229474a4dd0e74e955afb6bdc5d54c462d (diff) | |
download | gnutls-b6b71c8b70061eb5a489443ba82c90df948da95b.tar.gz |
hello_ext: add ClientHello extension permutation
This adds a mechanism to randomize the order of TLS extensions in the
ClientHello to make fingerprinting harder. The mechanism is enabled by
default and a new priority keyword %NO_EXTS_SHUFFLE has been added to
turn it off.
Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
Diffstat (limited to 'lib/priority_options.gperf')
-rw-r--r-- | lib/priority_options.gperf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/priority_options.gperf b/lib/priority_options.gperf index 11bcc6e88e..d69c3b4b11 100644 --- a/lib/priority_options.gperf +++ b/lib/priority_options.gperf @@ -43,3 +43,4 @@ NEW_PADDING, dummy_func DEBUG_ALLOW_KEY_USAGE_VIOLATIONS, enable_server_key_usage_violations ALLOW_SMALL_RECORDS, enable_allow_small_records DISABLE_TLS13_COMPAT_MODE, disable_tls13_compat_mode +NO_EXTS_SHUFFLE, enable_no_exts_shuffle |