[FFmpeg-devel] [PATCH] openssl: Allow newer TLS versions than TLSv1

Michael Niedermayer michael at niedermayer.cc
Sun Oct 30 00:57:28 EEST 2016


On Sat, Oct 29, 2016 at 09:53:30AM +0100, Mark Thompson wrote:
> The use of TLSv1_*_method() disallows newer protocol versions; instead
> use SSLv23_*_method() and then explicitly disable the deprecated
> protocol versions which should not be supported.
> 
> Fixes ticket #5915.
> ---
> On 28/10/16 22:15, Hendrik Leppkes wrote:
> > I should have looked further when commenting on the other patch - I guess. :)
> > Looks good to me, the OpenSSL API seems to be rather confusing in this
> > regard. Maybe a comment might be  useful to indicate why this is done.
> 
> Hopefully this is clearer.
> 
> Thanks,
> 
> - Mark
> 
> 
>  libavformat/tls_openssl.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)

should be ok

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The worst form of inequality is to try to make unequal things equal.
-- Aristotle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20161029/e21acd2a/attachment.sig>


More information about the ffmpeg-devel mailing list