On Tue, Sep 02, 2014 at 10:52:59PM +0300, Artem Pylypchuk wrote:
> Yes, the "stuck connection" bug I mentioned is the "F5 BigIP needs padding
> bug" or is very similar to it.
> Sorry for the confusing explanation.
To disable TLSv1.2 with the associated ciphers and extensions (which
increase the size of the client hello and trigger the padding extension)
use SSLv23_client_method() with SSL_OP_NO_TLSv1_2 and if that's not
enough also SSL_OP_NO_TLSv1_1.
See SSL_set_options(3).
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
