Project

General

Profile

« Previous | Next » 

Revision 38433

Added by emboss over 6 years ago

  • ext/openssl/lib/ssl.rb: Enable insertion of empty fragments as a
    countermeasure for the BEAST attack by default. The default options
    of OpenSSL::SSL:SSLContext are now:
    OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
    [Bug #5353] [ruby-core:39673]

  • test/openssl/test_ssl.rb: Adapt tests to new SSLContext default.

  • NEWS: Announce the new default.