On Fri, 06 Nov 2015 22:07:25 +0100, Kurt Roeckx wrote: > On Fri, Nov 06, 2015 at 09:22:04PM +0200, Niko Tyni wrote: > > As discussed on IRC, it looks to me like there's no code support for > > HTTPS_VERSION in 0.73_04 anymore. It seems to be just a leftover in > > the docs. > > > > The upstream code in 0.73_04 now uses SSLv23_client_method() with > > SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 > > by default, and with > > SSL_OP_ALL | SSL_OP_NO_SSLv2 > > if the (currently undocumented) environment variable > > CRYPT_SSLEAY_ALLOW_SSLv3 is set. > > > > This seems to be pretty much we want, so I think uploading 0.73_04 is > > the way to fix this bug. The docs could be improved a bit of course. > > Yes, that looks good to me.
Thanks everybody; uploaded. Cheers, gregor PS: Bug filed about the doc inconsistencies: https://rt.cpan.org/Ticket/Display.html?id=108520 -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - https://www.debian.org/ `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Janis Joplin: Maybe
signature.asc
Description: Digital Signature
