diff options
author | Nick Mathewson <nickm@torproject.org> | 2013-08-13 23:43:39 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2013-09-25 14:34:24 -0400 |
commit | ad763a336cb3655151383172bcfa658870ad8950 (patch) | |
tree | 95d5e30b8b9bf9fedefd08e132cecb4eefd780f9 /changes | |
parent | 938ee9b24dfda03a68a71d43b88e9fb00a90f9c8 (diff) | |
download | tor-ad763a336cb3655151383172bcfa658870ad8950.tar tor-ad763a336cb3655151383172bcfa658870ad8950.tar.gz |
Re-enable TLS 1.[12] when building with OpenSSL >= 1.0.1e
To fix #6033, we disabled TLS 1.1 and 1.2. Eventually, OpenSSL fixed
the bug behind #6033.
I've considered alternate implementations that do more testing to see
if there's secretly an OpenSSL 1.0.1c or something that secretly has a
backport of the OpenSSL 1.0.1e fix, and decided against it on the
grounds of complexity.
Diffstat (limited to 'changes')
-rw-r--r-- | changes/bug6055 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug6055 b/changes/bug6055 new file mode 100644 index 000000000..00730073a --- /dev/null +++ b/changes/bug6055 @@ -0,0 +1,6 @@ + o Major enhancements: + - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later. + (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1 + through 1.0.1d had bugs that prevented renegotiation from working + with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for + issue #6055. |