diff options
| author |   doug <doug@openbsd.org> | 2015-07-17 07:04:40 +0000 |
|---|---|---|
| committer | doug <doug@openbsd.org> | 2015-07-17 07:04:40 +0000 |
| commit | 4314af3e2aeeba04584bc9d3db28b8832a21028b (patch) | |
| tree | 8ddce1b1326e4a006ba05ab304b9f030690c404e /lib/libssl/src/doc/ssl | |
| parent | Initialize client fd to -1 as well, from Bobby Powers. (diff) | |
| download | wireguard-openbsd-4314af3e2aeeba04584bc9d3db28b8832a21028b.tar.xz wireguard-openbsd-4314af3e2aeeba04584bc9d3db28b8832a21028b.zip | |
Remove workaround for TLS padding bug from SSLeay days.
OpenSSL doesn't remember which clients were impacted and the
functionality has been broken in their stable releases for 2 years.
Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5.
ok jsing@
Diffstat (limited to 'lib/libssl/src/doc/ssl')
| -rw-r--r-- | lib/libssl/src/doc/ssl/SSL_CTX_set_options.3 | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3 index 53a7a6c9c06..922522a33c1 100644 --- a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3 +++ b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3 @@ -1,7 +1,7 @@ .\" -.\" $OpenBSD: SSL_CTX_set_options.3,v 1.6 2015/06/15 05:32:58 doug Exp $ +.\" $OpenBSD: SSL_CTX_set_options.3,v 1.7 2015/07/17 07:04:40 doug Exp $ .\" -.Dd $Mdocdate: June 15 2015 $ +.Dd $Mdocdate: July 17 2015 $ .Dt SSL_CTX_SET_OPTIONS 3 .Os .Sh NAME @@ -125,7 +125,9 @@ this option has no effect. .It Dv SSL_OP_TLS_D5_BUG \&... .It Dv SSL_OP_TLS_BLOCK_PADDING_BUG -\&... +As of +.Ox 5.8 , +this option has no effect. .It Dv SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers, which cannot be handled by some broken SSL |