~ubuntu-branches/ubuntu/precise/openssl/precise

Viewing all changes in revision 68.

  • Committer: Colin Watson
  • Date: 2012-03-30 16:11:38 UTC
  • Revision ID: cjwatson@canonical.com-20120330161138-gydptn5or305cx4r
* Temporarily work around TLS 1.2 failures as suggested by upstream
  (LP #965371):
  - Use client version when deciding whether to send supported signature
    algorithms extension.
  - Experimental workaround to large client hello issue: if
    OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
    only.
  - Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
  This fixes most of the reported problems, but does not fix the case of
  servers that reject version numbers they don't support rather than
  trying to negotiate a lower version (e.g. www.mediafire.com).

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: