Author xiang.zhang
Recipients alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, xiang.zhang
Date 2016-04-28.05:59:26
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1461823166.81.0.681038613192.issue26867@psf.upfronthosting.co.za>
In-reply-to
Content
From the source code (get from apt-get source) of openssl-1.0.2g, I find

SSL_CTX_clear_options(ctx, op):
  op &= ~SSL_OP_NO_SSLv3
  return (ctx->options &= ~op)
SSL_CTX_set_options(ctx, op):
  op |= SSL_OP_NO_SSLv3
  return (ctx->options |= op)

which differs from the official code repos:

SSL_CTX_clear_options(ctx, op):
  return (ctx->options &= ~op)
SSL_CTX_set_options(ctx, op):
  return (ctx->options |= op)

This difference is introduced by debian-specific patch:

     case SSL_CTRL_OPTIONS:
+        larg|=SSL_OP_NO_SSLv3;
         return (ctx->options |= larg);
     case SSL_CTRL_CLEAR_OPTIONS:
+        larg&=~SSL_OP_NO_SSLv3;
         return (ctx->options &= ~larg);
History
Date User Action Args
2016-04-28 05:59:26xiang.zhangsetrecipients: + xiang.zhang, janssen, pitrou, giampaolo.rodola, christian.heimes, alex, dstufft
2016-04-28 05:59:26xiang.zhangsetmessageid: <1461823166.81.0.681038613192.issue26867@psf.upfronthosting.co.za>
2016-04-28 05:59:26xiang.zhanglinkissue26867 messages
2016-04-28 05:59:26xiang.zhangcreate