SSL_OP_ALL is supposed to be all options and workarounds that are safe, - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tedu <>	2014-04-28 20:05:21 +0000
committer	tedu <>	2014-04-28 20:05:21 +0000
commit	1930e571259f12d9779f43a180c86db18518919c (patch)
tree	c6d7fa38764e2c3c5e895a7f308a8e84029f9482 /src/lib/libssl/t1_enc.c
parent	7a4f732a85349df89eada8ce0370b3487ae64549 (diff)
download	openbsd-1930e571259f12d9779f43a180c86db18518919c.tar.gz openbsd-1930e571259f12d9779f43a180c86db18518919c.tar.bz2 openbsd-1930e571259f12d9779f43a180c86db18518919c.zip

SSL_OP_ALL is supposed to be all options and workarounds that are safe,

but disabling attack mitigations is not safe. 0.9.6d contained a workaround for an attack against CBC modes. 0.9.6e disabled it by default because "some" implementations couldn't handle empty fragments. 12 years have passed. Does anybody still care? Let's find out. ok miod

Diffstat (limited to 'src/lib/libssl/t1_enc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: