1 |
--- openssl-0.9.8a/ssl/ssl.h.cipher-change 2005-11-22 16:36:22.000000000 +0100 |
2 |
+++ openssl-0.9.8a/ssl/ssl.h 2005-12-15 11:28:05.000000000 +0100 |
3 |
@@ -477,7 +477,7 @@ |
4 |
|
5 |
#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L |
6 |
#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L |
7 |
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L |
8 |
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L /* can break some security expectations */ |
9 |
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L |
10 |
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L |
11 |
#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect since 0.9.7h and 0.9.8b */ |
12 |
@@ -494,7 +494,7 @@ |
13 |
|
14 |
/* SSL_OP_ALL: various bug workarounds that should be rather harmless. |
15 |
* This used to be 0x000FFFFFL before 0.9.7. */ |
16 |
-#define SSL_OP_ALL 0x00000FFFL |
17 |
+#define SSL_OP_ALL 0x00000FF7L /* without SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG */ |
18 |
|
19 |
/* DTLS options */ |
20 |
#define SSL_OP_NO_QUERY_MTU 0x00001000L |