On Sun, 20 Jan 2013, Chris Panayis wrote: > Hi - This patch enables ECDH in openssl v1.0.1c. It selects a
It also SSL_CTX_set_options(SSL_OP_NO_COMPRESSION). Why? And if that's a good thing, shouldn't it be on a patch of its own? > @@ -666,7 +667,13 @@ int tls_init_serverengine(const char > off |= SSL_OP_NO_SSLv2; > off |= SSL_OP_NO_SSLv3; > } > + > SSL_CTX_set_options(s_ctx, off); > + > +#ifdef SSL_OP_NO_COMPRESSION > + SSL_CTX_set_options(s_ctx, SSL_OP_NO_COMPRESSION); > +#endif > + -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
