Actually it does not introduce it as OpenSSL does send the notification as TLS_EMPTY_RENEGOTIATION_INFO_SCSV, not the extension.
The "skip" is also placed in t1_lib.c after the handle for RI (Renegotiation Info), so renegotiation is performed using the secure protocol. And while it would be nice to be able to just bin those broken servers, this could actually be viewed as a regression from 0.9.8 - it was possible to configure it to send no extensions... On Sunday 30 November 2014 20:36:20 Richard Moore wrote: > That would introduce security issues such as the TLS renegotiation flaw. > Surely a better solution is to make servers that pretend to support TLS but > actually only support SSL3 die a horrible death? > > Rich. > > On 30 November 2014 at 20:18, Hubert Kario via RT <r...@openssl.org> wrote: > > since some TLS1.0 servers are extension intolerant, it is necessary to > > not advertise any extensions to be able to connect to them. > > > > This patch implements command line options as well as SSL_CONF_cmd() > > options to disable sending TLS extensions completely > > > > https://github.com/openssl/openssl/pull/198 > > > > -- > > Regards, > > Hubert Kario > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > Development Mailing List openssl-dev@openssl.org > > Automated List Manager majord...@openssl.org -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org