commit | d493d5289dd834b65232899c2cd8fe83baddfd44 | [log] [tgz] |
---|---|---|
author | Adam Langley <agl@chromium.org> | Fri Jun 20 12:00:00 2014 -0700 |
committer | Adam Langley <agl@chromium.org> | Fri Jun 20 13:17:35 2014 -0700 |
tree | 8d58745d31a798a6acd861bd548e11587125f8cd | |
parent | 509e5ed20146121177fe3649fe4f51dbc91e60c3 [diff] |
CBC record splitting. This patch removes support for empty records (which is almost universally disabled via SSL_OP_ALL) and adds optional support for 1/n-1 record splitting. The latter is not enabled by default, since it's not typically used on servers, but it should be enabled in web browsers since there are known attacks in that case (see BEAST).