[openssl-dev@openssl.org - Wed Apr 25 00:33:54 2012]:
Hi,
1.0.0 had this:
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
* This used to be 0x000FL before 0.9.7. */
#define SSL_OP_ALL 0x8FFFL
1.0.1 now has:
On Wed, 2012-04-25 at 10:35 +0200, Andy Polyakov via RT wrote:
more secure protocols. Trade-off. As 1.0.0 application is not in
position to expect anything above TLS1.0, trade-off can as well be
resolved in favor of interoperability. Note that there is not such
trade-off in 1.0.1 application
[tm...@redhat.com - Wed Apr 25 12:10:34 2012]:
On Wed, 2012-04-25 at 10:35 +0200, Andy Polyakov via RT wrote:
more secure protocols. Trade-off. As 1.0.0 application is not in
position to expect anything above TLS1.0, trade-off can as well be
resolved in favor of interoperability. Note
[openssl-dev@openssl.org - Wed Apr 25 00:33:54 2012]:
Hi,
1.0.0 had this:
/* SSL_OP_ALL: various bug workarounds that should be rather harmless.
* This used to be 0x000FL before 0.9.7. */
#define SSL_OP_ALL 0x8FFFL
1.0.1 now
On Wed, Apr 25, 2012 at 12:40:50AM +0200, Stephen Henson via RT wrote:
Side effect of doing that is any application built againt OpenSSL 1.0.1
or 1.0.1a headers which has an option to set SSL_OP_NO_TLSv1_1 will have
that turned into noop and will have to be recompiled for that to work.
