SSL_OP_ALL is supposed to be all options and workarounds that are safe,

but disabling attack mitigations is not safe. 0.9.6d contained a
workaround for an attack against CBC modes. 0.9.6e disabled it by default
because "some" implementations couldn't handle empty fragments. 12 years
have passed. Does anybody still care? Let's find out.
ok miod

1 files changed, 6 insertions, 4 deletions

diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
index 6331601a4c5..1276b2ff47e 100644
--- a/lib/libssl/src/ssl/ssl.h
+++ b/lib/libssl/src/ssl/ssl.h
@@ -546,14 +546,16 @@ struct ssl_session_st {
 
 /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
  * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
- * the workaround is not needed.  Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include
- * it in SSL_OP_ALL. */
+ * the workaround is not needed.
+ * Unfortunately some broken SSL/TLS implementations cannot handle it
+ * at all, which is why it was previously included in SSL_OP_ALL.
+ * Now it's not.
+ */
 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L /* added in 0.9.6e */
 
 /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
  *             This used to be 0x000FFFFFL before 0.9.7. */
-#define SSL_OP_ALL					0x80000BFFL
+#define SSL_OP_ALL					0x800004FFL
 
 /* DTLS options */
 #define SSL_OP_NO_QUERY_MTU                 0x00001000L