Le 08/12/2015 18:16, Jakob Bohm a écrit :
On 07/12/2015 11:52, zosrothko wrote:
Hi Jacob
I saw that in ssl.h, the 'NO' particule means no support of as for
example
/* Don't use RFC4507 ticket extension */
# define SSL_OP_NO_TICKET 0x00004000L
What does mean the 'NO' in SSL_OP_NO_TLSv1_1? Should not be the test
reversed as below?
The define is for a flag that can be passed to some other SSL functions
to turn off the TLSv1_1 support during a single execution, hence the
"NO" in its name.
Because those flags are only defined in OpenSSL versions that include
the thing to turn off (at least if not disabled when compiling OpenSSL
itself), I suggested using the very existence of the flag definition
as a way to determine if the thing is included in the OpenSSL version
where the copy of "ssl.h" was taken from.
Thanks for your explanation which makes your proposal clearer for any
newcomer of OpenSSL
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
