]>
Commit | Line | Data |
---|---|---|
0595faf5 MT |
1 | diff -up openssl-1.0.1-beta2/ssl/ssl.h.op-all openssl-1.0.1-beta2/ssl/ssl.h |
2 | --- openssl-1.0.1-beta2/ssl/ssl.h.op-all 2012-02-02 12:49:00.828035916 +0100 | |
3 | +++ openssl-1.0.1-beta2/ssl/ssl.h 2012-02-02 12:52:27.297818182 +0100 | |
4 | @@ -540,7 +540,7 @@ struct ssl_session_st | |
5 | #define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L | |
6 | /* Allow initial connection to servers that don't support RI */ | |
7 | #define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L | |
8 | -#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L | |
9 | +#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* no effect since 1.0.0c due to CVE-2010-4180 */ | |
10 | #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L | |
11 | #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L | |
12 | #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ | |
13 | @@ -558,7 +558,7 @@ struct ssl_session_st | |
14 | ||
15 | /* SSL_OP_ALL: various bug workarounds that should be rather harmless. | |
16 | * This used to be 0x000FFFFFL before 0.9.7. */ | |
17 | -#define SSL_OP_ALL 0x80000BFFL | |
a7ff9508 | 18 | +#define SSL_OP_ALL 0x80000BF7L /* we still have to include SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */ |
0595faf5 MT |
19 | |
20 | /* DTLS options */ | |
21 | #define SSL_OP_NO_QUERY_MTU 0x00001000L |