Bogdan Ćulibrk napsal/wrote, On 12/10/09 13:22:
That's the whole point, the patch disables session renegotiation because
it's fundamentally broken.
Is there some workaround to make things work along with this advisory?
You didn't mention *what* stopped working.
basically whole communication between two application relied on using
exactly this "funcionality" in openssl.
AFAIK, no.
Even after the patch has been installed, my browser is still able to
connect to SSL aware HTTP servers. My MUA is still sending/receiving
emails over SMTP/SSL and IMAP/SSL ...
I'm not saying you have no problem, i'm saying the problem is not as
general as you claim. So we need exact description of your problem.
Dan
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
