Message102441
It begs the question of why the tests succeed with previous OpenSSL versions.
The only possibly relevant entry I could find in the OpenSSL changelog (but I'm not an expert) is the following:
*) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
this allows the use of compression and extensions. Change default cipher
string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
by default unless an application cipher string requests it.
[Steve Henson] |
|
Date |
User |
Action |
Args |
2010-04-06 09:05:25 | pitrou | set | recipients:
+ pitrou, janssen, vstinner, giampaolo.rodola, flox |
2010-04-06 09:05:25 | pitrou | set | messageid: <1270544725.38.0.467763027631.issue8322@psf.upfronthosting.co.za> |
2010-04-06 09:05:23 | pitrou | link | issue8322 messages |
2010-04-06 09:05:23 | pitrou | create | |
|