boringssl

History

David Benjamin e9cddb8879 Remove SSL_OP_LEGACY_SERVER_CONNECT. I don't think we're ever going to manage to enforce this, and it doesn't seem worth the trouble. We don't support application protocols which use renegotiation outside of the HTTP/1.1 mid-stream client auth hack. There, it's on the server to reject legacy renegotiations. This removes the last of SSL_OP_ALL. Change-Id: I996fdeaabf175b6facb4f687436549c0d3bb0042 Reviewed-on: https://boringssl-review.googlesource.com/6580 Reviewed-by: Adam Langley <agl@google.com>	2015-12-15 19:22:53 +00:00
..
openssl	Remove SSL_OP_LEGACY_SERVER_CONNECT.	2015-12-15 19:22:53 +00:00

David Benjamin e9cddb8879 Remove SSL_OP_LEGACY_SERVER_CONNECT.

I don't think we're ever going to manage to enforce this, and it doesn't
seem worth the trouble. We don't support application protocols which use
renegotiation outside of the HTTP/1.1 mid-stream client auth hack.
There, it's on the server to reject legacy renegotiations.

This removes the last of SSL_OP_ALL.

Change-Id: I996fdeaabf175b6facb4f687436549c0d3bb0042
Reviewed-on: https://boringssl-review.googlesource.com/6580
Reviewed-by: Adam Langley <agl@google.com>

2015-12-15 19:22:53 +00:00

openssl

Remove SSL_OP_LEGACY_SERVER_CONNECT.

2015-12-15 19:22:53 +00:00