On Wed, Sep 18, 2002 at 04:03:26PM +0200, Steve Haslam via RT wrote: > > On Wed, Sep 18, 2002 at 09:18:22AM +0200, Lutz Jaenicke via RT wrote: > > Workaround: the problem is does not appear, when > > SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, which is part of > > SSL_OP_ALL (see "man SSL_CTX_set_options"). As most applications enable > > SSL_OP_ALL, the problem was not discovered until now, even though it > > must be pretty old. > > Is enabling SSL_OP_ALL a good idea? I must admit, I hadn't noticed it in any > code I was cribbing from.
Duh, the manpage says it is safe and recommended. Kill me now. SRH -- Steve Haslam Reading, UK [EMAIL PROTECTED] Debian GNU/Linux Maintainer [EMAIL PROTECTED] but I won't admit to needing you I'll never say that's true, not to you [sister machine gun] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]