cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 7 Feb 2012 10:53:41 +0100 (CET)

On Tue, 7 Feb 2012, Yang Tse wrote:

>> Now the question is whether we should stick to the OpenSSL terminology for
>> naming the new options, or choose something more generic. �Unfortunately,
>> no sensible alternative comes to my mind right now :-/
>
> CURLOPT_SSL_ALLOW_BROWSER_EXPLOIT_AGAINST_SSLTLS
> CURLOPT_SSL_ALLOW_BEAST_VULNERABILITY
> CURLOPT_SSL_ENABLE_BEAST
> CURLOPT_SSL_ALLOW_BEAST

All these are slighty better since they don't specifically mention the exact
method used - as I believe for example NSS used a different work-around so
these names could cover both OpenSSL and NSS behaviors.

It is also tempting to use this new option to allow for disabling possibly
different work-arounds so perhaps a more generic CURLOPT_SSL_WORK_AROUND with
a bitmask argument would make sense...

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-02-07

This message: [ Message body ]
Next message: Kamil Dudka: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
Previous message: Yang Tse: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
In reply to: Yang Tse: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
Next in thread: Kamil Dudka: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
Reply: Kamil Dudka: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
Reply: Yang Tse: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]