SSL_OP_ALL is supposed to be all options and workarounds that are safe, - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tedu <>	2014-04-28 20:05:21 +0000
committer	tedu <>	2014-04-28 20:05:21 +0000
commit	cc747356aac23674ce2a3758570f3ff35a6fb3c9 (patch)
tree	c6d7fa38764e2c3c5e895a7f308a8e84029f9482 /src/lib/libc
parent	845bde09b886376a4b13c164d8031b183d702eae (diff)
download	openbsd-cc747356aac23674ce2a3758570f3ff35a6fb3c9.tar.gz openbsd-cc747356aac23674ce2a3758570f3ff35a6fb3c9.tar.bz2 openbsd-cc747356aac23674ce2a3758570f3ff35a6fb3c9.zip

SSL_OP_ALL is supposed to be all options and workarounds that are safe,

but disabling attack mitigations is not safe. 0.9.6d contained a workaround for an attack against CBC modes. 0.9.6e disabled it by default because "some" implementations couldn't handle empty fragments. 12 years have passed. Does anybody still care? Let's find out. ok miod

Diffstat (limited to 'src/lib/libc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: