I'm going to delay applying this patch; after applying some connections
fail:
try openssl -connect www.trustcenter.de:443 [fails]
try openssl -connect www.trustcenter.de:443 -no_tls1 [passes]
On Sun, 31 Jan 1999, Mark J Cox wrote:
> In going through our internal code I came across some changes that we
> should look at putting into OpenSSL. I've attached a large DIFF against
> the current CVS tree (all changes in the /ssl/ directory).
>
> "This patch is a fix so that the version number in the master secret, when
> passed via RSA, checks that if TLS was proposed, but we roll back to
> SSLv3 (because the server will not accept higher), that the version
> number is 0x03,0x01, not 0x03,0x00"
>
> It also makes some changes and fixes to the SSL compression code. I
> didn't commit this to the archive as it is a fairly substantial set of
> changes that I have not tested completely.
>
> Mark
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
