Message264417
From the source code (get from apt-get source) of openssl-1.0.2g, I find
SSL_CTX_clear_options(ctx, op):
op &= ~SSL_OP_NO_SSLv3
return (ctx->options &= ~op)
SSL_CTX_set_options(ctx, op):
op |= SSL_OP_NO_SSLv3
return (ctx->options |= op)
which differs from the official code repos:
SSL_CTX_clear_options(ctx, op):
return (ctx->options &= ~op)
SSL_CTX_set_options(ctx, op):
return (ctx->options |= op)
This difference is introduced by debian-specific patch:
case SSL_CTRL_OPTIONS:
+ larg|=SSL_OP_NO_SSLv3;
return (ctx->options |= larg);
case SSL_CTRL_CLEAR_OPTIONS:
+ larg&=~SSL_OP_NO_SSLv3;
return (ctx->options &= ~larg); |
|
Date |
User |
Action |
Args |
2016-04-28 05:59:26 | xiang.zhang | set | recipients:
+ xiang.zhang, janssen, pitrou, giampaolo.rodola, christian.heimes, alex, dstufft |
2016-04-28 05:59:26 | xiang.zhang | set | messageid: <1461823166.81.0.681038613192.issue26867@psf.upfronthosting.co.za> |
2016-04-28 05:59:26 | xiang.zhang | link | issue26867 messages |
2016-04-28 05:59:26 | xiang.zhang | create | |
|