On 14/06/13 15:25, Florian Weimer wrote:
On 06/14/2013 03:31 PM, Dr. Stephen Henson wrote:
Note that the patch changes the value of SSL_OP_ALL so if OpenSSL shared
libraries are updated to include the patch existing applications wont
set it:
they'd all need to be recompiled.

That's a valid point.

Possibly alternative is to reuse one of the existing *ancient* flags.
anyone really care about compatibility with a bug in SSLeay 0.80 for

Wouldn't it be better to reverse the meaning of the flag and not set it

Just to complicate matters further, the 0x400 bit used to be set in SSL_OP_ALL, and has previously been used for at least 2 other purposes!


Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to